net/third_party/nss/ssl/ssl3con.c - Issue 21564003: NSS: remove cipher policy framework.

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 21564003: NSS: remove cipher policy framework. Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: ... Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /* -- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -- */	1 /* -- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -- */

2 /*	2 /*

3 * SSL3 Protocol	3 * SSL3 Protocol

4 *	4 *

5 * This Source Code Form is subject to the terms of the Mozilla Public	5 * This Source Code Form is subject to the terms of the Mozilla Public

6 * License, v. 2.0. If a copy of the MPL was not distributed with this	6 * License, v. 2.0. If a copy of the MPL was not distributed with this

7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */	7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

8	8

9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */	9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */

10	10

(...skipping 70 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
81	81

82 #define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */	82 #define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */

83 #define MIN_SEND_BUF_LENGTH 4000	83 #define MIN_SEND_BUF_LENGTH 4000

84	84

85 /* This list of SSL3 cipher suites is sorted in descending order of	85 /* This list of SSL3 cipher suites is sorted in descending order of

86 * precedence (desirability). It only includes cipher suites we implement.	86 * precedence (desirability). It only includes cipher suites we implement.

87 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites	87 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites

88 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c)	88 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c)

89 */	89 */

90 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {	90 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {

91 /* cipher_suite policy enabled is_present*/	91 /* cipher_suite enabled is_present*/
	wtc 2013/08/08 21:26:28 Nit: add a space before "enabled" Nit: add a space before "enabled" agl 2013/08/09 15:53:49 Done. Show quoted text On 2013/08/08 21:26:28, wtc wrote: > > Nit: add a space before "enabled" Done.
92 #ifdef NSS_ENABLE_ECC	92 #ifdef NSS_ENABLE_ECC

93 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	93 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE},

94 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	94 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE},

95 #endif /* NSS_ENABLE_ECC */	95 #endif /* NSS_ENABLE_ECC */

96 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	96 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE},

97 { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	97 { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE},

98 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, » SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	98 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE},

99 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	99 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, PR_TRUE, PR_FALSE},

100 { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, » SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	100 { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE},

101 #ifdef NSS_ENABLE_ECC	101 #ifdef NSS_ENABLE_ECC

102 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	102 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE},

103 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	103 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE},

104 #endif /* NSS_ENABLE_ECC */	104 #endif /* NSS_ENABLE_ECC */

105 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, » SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	105 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE},

106 { TLS_RSA_WITH_AES_256_CBC_SHA, » SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	106 { TLS_RSA_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE},

107 { TLS_RSA_WITH_AES_256_CBC_SHA256,» SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	107 { TLS_RSA_WITH_AES_256_CBC_SHA256, PR_TRUE, PR_FALSE},

108	108

109 #ifdef NSS_ENABLE_ECC	109 #ifdef NSS_ENABLE_ECC

110 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	110 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE},

111 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	111 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE},

112 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	112 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, PR_FALSE, PR_FALSE},

113 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	113 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE},

114 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	114 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE},

115 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	115 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, PR_FALSE, PR_FALSE},

116 #endif /* NSS_ENABLE_ECC */	116 #endif /* NSS_ENABLE_ECC */

117 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	117 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE},

118 { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	118 { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE},

119 { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	119 { TLS_DHE_DSS_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE},

120 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	120 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE},

121 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	121 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, PR_TRUE, PR_FALSE},

122 { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, » SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	122 { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE},

123 #ifdef NSS_ENABLE_ECC	123 #ifdef NSS_ENABLE_ECC

124 { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	124 { TLS_ECDH_RSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE},

125 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	125 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE},

126 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	126 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE},

127 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	127 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE},

128 #endif /* NSS_ENABLE_ECC */	128 #endif /* NSS_ENABLE_ECC */

129 { TLS_RSA_WITH_SEED_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	129 { TLS_RSA_WITH_SEED_CBC_SHA, PR_FALSE, PR_FALSE},

130 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, » SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	130 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE},

131 { SSL_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	131 { SSL_RSA_WITH_RC4_128_SHA, PR_TRUE, PR_FALSE},

132 { SSL_RSA_WITH_RC4_128_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},	132 { SSL_RSA_WITH_RC4_128_MD5, PR_TRUE, PR_FALSE},

133 { TLS_RSA_WITH_AES_128_CBC_SHA, » SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	133 { TLS_RSA_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE},

134 { TLS_RSA_WITH_AES_128_CBC_SHA256,» SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	134 { TLS_RSA_WITH_AES_128_CBC_SHA256, PR_TRUE, PR_FALSE},

135	135

136 #ifdef NSS_ENABLE_ECC	136 #ifdef NSS_ENABLE_ECC

137 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	137 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE},

138 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	138 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE},

139 #endif /* NSS_ENABLE_ECC */	139 #endif /* NSS_ENABLE_ECC */

140 { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	140 { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE},

141 { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE},	141 { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE},

142 #ifdef NSS_ENABLE_ECC	142 #ifdef NSS_ENABLE_ECC

143 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	143 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE},

144 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	144 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE},

145 #endif /* NSS_ENABLE_ECC */	145 #endif /* NSS_ENABLE_ECC */

146 { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	146 { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE},

147 { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},	147 { SSL_RSA_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE},

148	148

149	149

150 { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	150 { SSL_DHE_RSA_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE},

151 { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	151 { SSL_DHE_DSS_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE},

152 { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	152 { SSL_RSA_FIPS_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE},

153 { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	153 { SSL_RSA_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE},

154 { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	154 { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, PR_FALSE, PR_FALSE},

155 { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	155 { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE},

156	156

157 { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	157 { SSL_RSA_EXPORT_WITH_RC4_40_MD5, PR_FALSE, PR_FALSE},

158 { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	158 { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, PR_FALSE, PR_FALSE},

159	159

160 #ifdef NSS_ENABLE_ECC	160 #ifdef NSS_ENABLE_ECC

161 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	161 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE},

162 { TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	162 { TLS_ECDHE_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE},

163 { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	163 { TLS_ECDH_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE},

164 { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},	164 { TLS_ECDH_ECDSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE},

165 #endif /* NSS_ENABLE_ECC */	165 #endif /* NSS_ENABLE_ECC */

166 { SSL_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	166 { SSL_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE},

167 { TLS_RSA_WITH_NULL_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	167 { TLS_RSA_WITH_NULL_SHA256, PR_FALSE, PR_FALSE},

168 { SSL_RSA_WITH_NULL_MD5, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},	168 { SSL_RSA_WITH_NULL_MD5, PR_FALSE, PR_FALSE},

169

170 };	169 };

171	170

172 /* This list of SSL3 compression methods is sorted in descending order of	171 /* This list of SSL3 compression methods is sorted in descending order of

173 * precedence (desirability). It only includes compression methods we	172 * precedence (desirability). It only includes compression methods we

174 * implement.	173 * implement.

175 */	174 */

176 static const /SSLCompressionMethod/ PRUint8 compressions [] = {	175 static const /SSLCompressionMethod/ PRUint8 compressions [] = {

177 #ifdef NSS_ENABLE_ZLIB	176 #ifdef NSS_ENABLE_ZLIB

178 ssl_compression_deflate,	177 ssl_compression_deflate,

179 #endif	178 #endif

(...skipping 456 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
636 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {	635 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {

637 if (suites[i].cipher_suite == suite)	636 if (suites[i].cipher_suite == suite)

638 return &suites[i];	637 return &suites[i];

639 }	638 }

640 /* return NULL and let the caller handle it. */	639 /* return NULL and let the caller handle it. */

641 PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);	640 PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);

642 return NULL;	641 return NULL;

643 }	642 }

644	643

645	644

646 /* Initialize the suite->isPresent value for config_match	645 /* Initialize the suite->isPresent value for cipher_suite_available.

647 * Returns count of enabled ciphers supported by extant tokens,	646 * Returns count of enabled ciphers supported by extant tokens,

648 * regardless of policy or user preference.	647 * regardless of user preference.

649 * If this returns zero, the user cannot do SSL v3.	648 * If this returns zero, the user cannot do SSL v3.

650 */	649 */

651 int	650 int

652 ssl3_config_match_init(sslSocket *ss)	651 ssl3_cipher_suites_test_presence(sslSocket *ss)

653 {	652 {

654 ssl3CipherSuiteCfg * suite;	653 ssl3CipherSuiteCfg * suite;

655 const ssl3CipherSuiteDef *cipher_def;	654 const ssl3CipherSuiteDef *cipher_def;

656 SSLCipherAlgorithm cipher_alg;	655 SSLCipherAlgorithm cipher_alg;

657 CK_MECHANISM_TYPE cipher_mech;	656 CK_MECHANISM_TYPE cipher_mech;

658 SSL3KEAType exchKeyType;	657 SSL3KEAType exchKeyType;

659 int i;	658 int i;

660 int numPresent = 0;	659 int numPresent = 0;

661 int numEnabled = 0;	660 int numEnabled = 0;

662 PRBool isServer;	661 PRBool isServer;

(...skipping 75 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
738 }	737 }

739 }	738 }

740 PORT_Assert(numPresent > 0 \|\| numEnabled == 0);	739 PORT_Assert(numPresent > 0 \|\| numEnabled == 0);

741 if (numPresent <= 0) {	740 if (numPresent <= 0) {

742 PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);	741 PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);

743 }	742 }

744 return numPresent;	743 return numPresent;

745 }	744 }

746	745

747	746

748 /* return PR_TRUE if suite matches policy and enabled state */	747 /* return PR_TRUE if the given cipher suite is enabled and present. */

749 /* It would be a REALLY BAD THING (tm) if we ever permitted the use

750 ** of a cipher that was NOT_ALLOWED. So, if this is ever called with

751 ** policy == SSL_NOT_ALLOWED, report no match.

752 */

753 /* adjust suite enabled to the availability of a token that can do the

754 * cipher suite. */

755 static PRBool	748 static PRBool

756 config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled)	749 cipher_suite_available(ssl3CipherSuiteCfg *suite)

757 {	750 {

758 PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE);	751 return (PRBool)(suite->enabled && suite->isPresent);

759 if (policy == SSL_NOT_ALLOWED \|\| !enabled)

760 » return PR_FALSE;

761 return (PRBool)(suite->enabled &&

762 suite->isPresent &&

763 » suite->policy != SSL_NOT_ALLOWED &&

764 » » suite->policy <= policy);

765 }	752 }

766	753

767 /* return number of cipher suites that match policy and enabled state */	754 /* return number of cipher suites that are enabled and present.

768 /* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */	755 * called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */

769 static int	756 static int

770 count_cipher_suites(sslSocket *ss, int policy, PRBool enabled)	757 count_cipher_suites(sslSocket *ss)

771 {	758 {

772 int i, count = 0;	759 int i, count = 0;

773	760

774 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {	761 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {

775 » return 0;	762 » return 0;

776 }	763 }

777 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {	764 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {

778 » if (config_match(&ss->cipherSuites[i], policy, enabled))	765 » if (cipher_suite_available(&ss->cipherSuites[i]))

779 count++;	766 count++;

780 }	767 }

781 if (count <= 0) {	768 if (count <= 0) {

782 PORT_SetError(SSL_ERROR_SSL_DISABLED);	769 PORT_SetError(SSL_ERROR_SSL_DISABLED);

783 }	770 }

784 return count;	771 return count;

785 }	772 }

786	773

787 /*	774 /*

788 * Null compression, mac and encryption functions	775 * Null compression, mac and encryption functions

(...skipping 3942 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
4731 requestingResume = PR_TRUE;	4718 requestingResume = PR_TRUE;

4732 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits );	4719 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits );

4733	4720

4734 /* Are we attempting a stateless session resume? */	4721 /* Are we attempting a stateless session resume? */

4735 if (sid->version > SSL_LIBRARY_VERSION_3_0 &&	4722 if (sid->version > SSL_LIBRARY_VERSION_3_0 &&

4736 sid->u.ssl3.sessionTicket.ticket.data)	4723 sid->u.ssl3.sessionTicket.ticket.data)

4737 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes );	4724 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_stateless_resumes );

4738	4725

4739 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,	4726 PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,

4740 sid->u.ssl3.sessionIDLength));	4727 sid->u.ssl3.sessionIDLength));

4741

4742 ss->ssl3.policy = sid->u.ssl3.policy;

4743 } else {	4728 } else {

4744 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_misses );	4729 SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_misses );

4745	4730

4746 /*	4731 /*

4747 * Windows SChannel compares the client_version inside the RSA	4732 * Windows SChannel compares the client_version inside the RSA

4748 * EncryptedPreMasterSecret of a renegotiation with the	4733 * EncryptedPreMasterSecret of a renegotiation with the

4749 * client_version of the initial ClientHello rather than the	4734 * client_version of the initial ClientHello rather than the

4750 * ClientHello in the renegotiation. To work around this bug, we	4735 * ClientHello in the renegotiation. To work around this bug, we

4751 * continue to use the client_version used in the initial	4736 * continue to use the client_version used in the initial

4752 * ClientHello when renegotiating.	4737 * ClientHello when renegotiating.

(...skipping 29 matching lines...) Expand all Loading...
4782	4767

4783 ss->sec.send = ssl3_SendApplicationData;	4768 ss->sec.send = ssl3_SendApplicationData;

4784	4769

4785 /* shouldn't get here if SSL3 is disabled, but ... */	4770 /* shouldn't get here if SSL3 is disabled, but ... */

4786 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {	4771 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {

4787 PR_NOT_REACHED("No versions of SSL 3.0 or later are enabled");	4772 PR_NOT_REACHED("No versions of SSL 3.0 or later are enabled");

4788 PORT_SetError(SSL_ERROR_SSL_DISABLED);	4773 PORT_SetError(SSL_ERROR_SSL_DISABLED);

4789 return SECFailure;	4774 return SECFailure;

4790 }	4775 }

4791	4776

4792 /* how many suites does our PKCS11 support (regardless of policy)? */	4777 /* how many suites does our PKCS11 support? */

4793 num_suites = ssl3_config_match_init(ss);	4778 num_suites = ssl3_cipher_suites_test_presence(ss);

4794 if (!num_suites)	4779 if (!num_suites)

4795 » return SECFailure;» /* ssl3_config_match_init has set error code. */	4780 » return SECFailure;» /* ssl3_cipher_suites_test_presence has set erro r code. */
	wtc 2013/08/08 21:26:28 Nit: wrap this comment line? Nit: wrap this comment line? agl 2013/08/09 15:53:49 Done. Show quoted text On 2013/08/08 21:26:28, wtc wrote: > > Nit: wrap this comment line? Done.
4796	4781

4797 /* HACK for SCSV in SSL 3.0. On initial handshake, prepend SCSV,	4782 /* HACK for SCSV in SSL 3.0. On initial handshake, prepend SCSV,

4798 * only if TLS is disabled.	4783 * only if TLS is disabled.

4799 */	4784 */

4800 if (!ss->firstHsDone && !isTLS) {	4785 if (!ss->firstHsDone && !isTLS) {

4801 /* Must set this before calling Hello Extension Senders,	4786 /* Must set this before calling Hello Extension Senders,

4802 * to suppress sending of empty RI extension.	4787 * to suppress sending of empty RI extension.

4803 */	4788 */

4804 ss->ssl3.hs.sendingSCSV = PR_TRUE;	4789 ss->ssl3.hs.sendingSCSV = PR_TRUE;

4805 }	4790 }

(...skipping 17 matching lines...) Expand all Loading...
4823 if (!total_exten_len \|\| !isTLS) {	4808 if (!total_exten_len \|\| !isTLS) {

4824 /* not sending the elliptic_curves and ec_point_formats extensions */	4809 /* not sending the elliptic_curves and ec_point_formats extensions */

4825 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */	4810 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */

4826 }	4811 }

4827 #endif	4812 #endif

4828	4813

4829 if (IS_DTLS(ss)) {	4814 if (IS_DTLS(ss)) {

4830 ssl3_DisableNonDTLSSuites(ss);	4815 ssl3_DisableNonDTLSSuites(ss);

4831 }	4816 }

4832	4817

4833 /* how many suites are permitted by policy and user preference? */	4818 /* how many suites are permitted by user preference? */

4834 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);	4819 num_suites = count_cipher_suites(ss);

4835 if (!num_suites)	4820 if (!num_suites)

4836 return SECFailure; /* count_cipher_suites has set error code. */	4821 return SECFailure; /* count_cipher_suites has set error code. */

4837 if (ss->ssl3.hs.sendingSCSV) {	4822 if (ss->ssl3.hs.sendingSCSV) {

4838 ++num_suites; /* make room for SCSV */	4823 ++num_suites; /* make room for SCSV */

4839 }	4824 }

4840	4825

4841 /* count compression methods */	4826 /* count compression methods */

4842 numCompressionMethods = 0;	4827 numCompressionMethods = 0;

4843 for (i = 0; i < compressionMethodsCount; i++) {	4828 for (i = 0; i < compressionMethodsCount; i++) {

4844 if (compressionEnabled(ss, compressions[i]))	4829 if (compressionEnabled(ss, compressions[i]))

(...skipping 69 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
4914 /* Add the actual SCSV */	4899 /* Add the actual SCSV */

4915 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV,	4900 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV,

4916 sizeof(ssl3CipherSuite));	4901 sizeof(ssl3CipherSuite));

4917 if (rv != SECSuccess) {	4902 if (rv != SECSuccess) {

4918 return rv; /* err set by ssl3_AppendHandshake* */	4903 return rv; /* err set by ssl3_AppendHandshake* */

4919 }	4904 }

4920 actual_count++;	4905 actual_count++;

4921 }	4906 }

4922 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {	4907 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {

4923 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];	4908 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];

4924 » if (config_match(suite, ss->ssl3.policy, PR_TRUE)) {	4909 » if (cipher_suite_available(suite)) {

4925 actual_count++;	4910 actual_count++;

4926 if (actual_count > num_suites) {	4911 if (actual_count > num_suites) {

4927 /* set error card removal/insertion error */	4912 /* set error card removal/insertion error */

4928 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);	4913 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);

4929 return SECFailure;	4914 return SECFailure;

4930 }	4915 }

4931 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,	4916 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,

4932 sizeof(ssl3CipherSuite));	4917 sizeof(ssl3CipherSuite));

4933 if (rv != SECSuccess) {	4918 if (rv != SECSuccess) {

4934 return rv; /* err set by ssl3_AppendHandshake* */	4919 return rv; /* err set by ssl3_AppendHandshake* */

(...skipping 1036 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
5971 if (isTLS)	5956 if (isTLS)

5972 desc = decode_error;	5957 desc = decode_error;

5973 goto alert_loser; /* malformed. */	5958 goto alert_loser; /* malformed. */

5974 }	5959 }

5975	5960

5976 /* find selected cipher suite in our list. */	5961 /* find selected cipher suite in our list. */

5977 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);	5962 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);

5978 if (temp < 0) {	5963 if (temp < 0) {

5979 goto loser; /* alert has been sent */	5964 goto loser; /* alert has been sent */

5980 }	5965 }

5981 ssl3_config_match_init(ss);	5966 ssl3_cipher_suites_test_presence(ss);

5982 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {	5967 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {

5983 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];	5968 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];

5984 if (temp == suite->cipher_suite) {	5969 if (temp == suite->cipher_suite) {

5985 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE)) {	5970 » if (!cipher_suite_available(suite)) {

5986 break; /* failure */	5971 break; /* failure */

5987 }	5972 }

5988 if (!ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,	5973 if (!ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,

5989 ss->version)) {	5974 ss->version)) {

5990 desc = handshake_failure;	5975 desc = handshake_failure;

5991 errCode = SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION;	5976 errCode = SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION;

5992 goto alert_loser;	5977 goto alert_loser;

5993 }	5978 }

5994	5979

5995 suite_found = PR_TRUE;	5980 suite_found = PR_TRUE;

(...skipping 1152 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
7148 }	7133 }

7149 sid->peerID = (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);	7134 sid->peerID = (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);

7150 sid->urlSvrName = (ss->url == NULL) ? NULL : PORT_Strdup(ss->url);	7135 sid->urlSvrName = (ss->url == NULL) ? NULL : PORT_Strdup(ss->url);

7151 sid->addr = ss->sec.ci.peer;	7136 sid->addr = ss->sec.ci.peer;

7152 sid->port = ss->sec.ci.port;	7137 sid->port = ss->sec.ci.port;

7153 sid->references = 1;	7138 sid->references = 1;

7154 sid->cached = never_cached;	7139 sid->cached = never_cached;

7155 sid->version = ss->version;	7140 sid->version = ss->version;

7156	7141

7157 sid->u.ssl3.keys.resumable = PR_TRUE;	7142 sid->u.ssl3.keys.resumable = PR_TRUE;

7158 sid->u.ssl3.policy = SSL_ALLOWED;

7159 sid->u.ssl3.clientWriteKey = NULL;	7143 sid->u.ssl3.clientWriteKey = NULL;

7160 sid->u.ssl3.serverWriteKey = NULL;	7144 sid->u.ssl3.serverWriteKey = NULL;

7161	7145

7162 if (is_server) {	7146 if (is_server) {

7163 SECStatus rv;	7147 SECStatus rv;

7164 int pid = SSL_GETPID();	7148 int pid = SSL_GETPID();

7165	7149

7166 sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;	7150 sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;

7167 sid->u.ssl3.sessionID[0] = (pid >> 8) & 0xff;	7151 sid->u.ssl3.sessionID[0] = (pid >> 8) & 0xff;

7168 sid->u.ssl3.sessionID[1] = pid & 0xff;	7152 sid->u.ssl3.sessionID[1] = pid & 0xff;

(...skipping 361 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
7530 /* Disable any ECC cipher suites for which we have no cert. */	7514 /* Disable any ECC cipher suites for which we have no cert. */

7531 ssl3_FilterECCipherSuitesByServerCerts(ss);	7515 ssl3_FilterECCipherSuitesByServerCerts(ss);

7532 #endif	7516 #endif

7533	7517

7534 if (IS_DTLS(ss)) {	7518 if (IS_DTLS(ss)) {

7535 ssl3_DisableNonDTLSSuites(ss);	7519 ssl3_DisableNonDTLSSuites(ss);

7536 }	7520 }

7537	7521

7538 #ifdef PARANOID	7522 #ifdef PARANOID

7539 /* Look for a matching cipher suite. */	7523 /* Look for a matching cipher suite. */

7540 j = ssl3_config_match_init(ss);	7524 j = ssl3_cipher_suites_test_presence(ss);

7541 if (j <= 0) { /* no ciphers are working/supported by PK11 */	7525 if (j <= 0) { /* no ciphers are working/supported by PK11 */

7542 errCode = PORT_GetError(); /* error code is already set. */	7526 errCode = PORT_GetError(); /* error code is already set. */

7543 goto alert_loser;	7527 goto alert_loser;

7544 }	7528 }

7545 #endif	7529 #endif

7546	7530

7547 /* If we already have a session for this client, be sure to pick the	7531 /* If we already have a session for this client, be sure to pick the

7548 ** same cipher suite and compression method we picked before.	7532 ** same cipher suite and compression method we picked before.

7549 ** This is not a loop, despite appearances.	7533 ** This is not a loop, despite appearances.

7550 */	7534 */

(...skipping 15 matching lines...) Expand all Loading...
7566 suite = ss->cipherSuites;	7550 suite = ss->cipherSuites;

7567 /* Find the entry for the cipher suite used in the cached session. */	7551 /* Find the entry for the cipher suite used in the cached session. */

7568 for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {	7552 for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {

7569 if (suite->cipher_suite == sid->u.ssl3.cipherSuite)	7553 if (suite->cipher_suite == sid->u.ssl3.cipherSuite)

7570 break;	7554 break;

7571 }	7555 }

7572 PORT_Assert(j > 0);	7556 PORT_Assert(j > 0);

7573 if (j <= 0)	7557 if (j <= 0)

7574 break;	7558 break;

7575 #ifdef PARANOID	7559 #ifdef PARANOID

7576 » /* Double check that the cached cipher suite is still enabled,	7560 » /* Double check that the cached cipher suite is still enabled, and
	wtc 2013/08/08 21:26:28 Nit: remove the comma before "and". Nit: remove the comma before "and". agl 2013/08/09 15:53:49 Done. Show quoted text On 2013/08/08 21:26:28, wtc wrote: > > Nit: remove the comma before "and". Done.
7577 » * implemented, and allowed by policy. Might have been disabled.	7561 » * implemented. Might have been disabled.

7578 » * The product policy won't change during the process lifetime.

7579 * Implemented ("isPresent") shouldn't change for servers.	7562 * Implemented ("isPresent") shouldn't change for servers.

7580 */	7563 */

7581 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE))	7564 » if (!cipher_suite_available(suite))

7582 break;	7565 break;

7583 #else	7566 #else

7584 if (!suite->enabled)	7567 if (!suite->enabled)

7585 break;	7568 break;

7586 #endif	7569 #endif

7587 /* Double check that the cached cipher suite is in the client's list */	7570 /* Double check that the cached cipher suite is in the client's list */

7588 for (i = 0; i + 1 < suites.len; i += 2) {	7571 for (i = 0; i + 1 < suites.len; i += 2) {

7589 PRUint16 suite_i = (suites.data[i] << 8) \| suites.data[i + 1];	7572 PRUint16 suite_i = (suites.data[i] << 8) \| suites.data[i + 1];

7590 if (suite_i == suite->cipher_suite) {	7573 if (suite_i == suite->cipher_suite) {

7591 ss->ssl3.hs.cipher_suite = suite->cipher_suite;	7574 ss->ssl3.hs.cipher_suite = suite->cipher_suite;

7592 ss->ssl3.hs.suite_def =	7575 ss->ssl3.hs.suite_def =

7593 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);	7576 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);

7594	7577

7595 /* Use the cached compression method. */	7578 /* Use the cached compression method. */

7596 ss->ssl3.hs.compression = sid->u.ssl3.compression;	7579 ss->ssl3.hs.compression = sid->u.ssl3.compression;

7597 goto compression_found;	7580 goto compression_found;

7598 }	7581 }

7599 }	7582 }

7600 } while (0);	7583 } while (0);

7601	7584

7602 /* START A NEW SESSION */	7585 /* START A NEW SESSION */

7603	7586

7604 #ifndef PARANOID	7587 #ifndef PARANOID

7605 /* Look for a matching cipher suite. */	7588 /* Look for a matching cipher suite. */
	wtc 2013/08/08 21:26:28 Nit: a matching => an available? "matching" seems Nit: a matching => an available? "matching" seems to refer to the original function name of "config_match". agl 2013/08/09 15:53:49 Done. Show quoted text On 2013/08/08 21:26:28, wtc wrote: > > Nit: a matching => an available? > > "matching" seems to refer to the original function name of "config_match". Done.
7606 j = ssl3_config_match_init(ss);	7589 j = ssl3_cipher_suites_test_presence(ss);

7607 if (j <= 0) { /* no ciphers are working/supported by PK11 */	7590 if (j <= 0) { /* no ciphers are working/supported by PK11 */

7608 errCode = PORT_GetError(); /* error code is already set. */	7591 errCode = PORT_GetError(); /* error code is already set. */

7609 goto alert_loser;	7592 goto alert_loser;

7610 }	7593 }

7611 #endif	7594 #endif

7612	7595

7613 /* Select a cipher suite.	7596 /* Select a cipher suite.

7614 **	7597 **

7615 ** NOTE: This suite selection algorithm should be the same as the one in	7598 ** NOTE: This suite selection algorithm should be the same as the one in

7616 ** ssl3_HandleV2ClientHello().	7599 ** ssl3_HandleV2ClientHello().

7617 **	7600 **

7618 ** If TLS 1.0 is enabled, we could handle the case where the client	7601 ** If TLS 1.0 is enabled, we could handle the case where the client

7619 ** offered TLS 1.1 but offered only export cipher suites by choosing TLS	7602 ** offered TLS 1.1 but offered only export cipher suites by choosing TLS

7620 ** 1.0 and selecting one of those export cipher suites. However, a secure	7603 ** 1.0 and selecting one of those export cipher suites. However, a secure

7621 ** TLS 1.1 client should not have export cipher suites enabled at all,	7604 ** TLS 1.1 client should not have export cipher suites enabled at all,

7622 ** and a TLS 1.1 client should definitely not be offering only export	7605 ** and a TLS 1.1 client should definitely not be offering only export

7623 ** cipher suites. Therefore, we refuse to negotiate export cipher suites	7606 ** cipher suites. Therefore, we refuse to negotiate export cipher suites

7624 ** with any client that indicates support for TLS 1.1 or higher when we	7607 ** with any client that indicates support for TLS 1.1 or higher when we

7625 ** (the server) have TLS 1.1 support enabled.	7608 ** (the server) have TLS 1.1 support enabled.

7626 */	7609 */

7627 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {	7610 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {

7628 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];	7611 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];

7629 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE) \|\|	7612 » if (!cipher_suite_available(suite) \|\|

7630 !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,	7613 !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,

7631 ss->version)) {	7614 ss->version)) {

7632 continue;	7615 continue;

7633 }	7616 }

7634 for (i = 0; i + 1 < suites.len; i += 2) {	7617 for (i = 0; i + 1 < suites.len; i += 2) {

7635 PRUint16 suite_i = (suites.data[i] << 8) \| suites.data[i + 1];	7618 PRUint16 suite_i = (suites.data[i] << 8) \| suites.data[i + 1];

7636 if (suite_i == suite->cipher_suite) {	7619 if (suite_i == suite->cipher_suite) {

7637 ss->ssl3.hs.cipher_suite = suite->cipher_suite;	7620 ss->ssl3.hs.cipher_suite = suite->cipher_suite;

7638 ss->ssl3.hs.suite_def =	7621 ss->ssl3.hs.suite_def =

7639 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);	7622 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);

(...skipping 302 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
7942 SECITEM_FreeItem(pwsName, PR_FALSE);	7925 SECITEM_FreeItem(pwsName, PR_FALSE);

7943 }	7926 }

7944 rv = SECITEM_CopyItem(NULL, pwsName, name);	7927 rv = SECITEM_CopyItem(NULL, pwsName, name);

7945 ssl_ReleaseSpecWriteLock(ss); /***************************/	7928 ssl_ReleaseSpecWriteLock(ss); /***************************/

7946 if (rv != SECSuccess) {	7929 if (rv != SECSuccess) {

7947 errCode = SSL_ERROR_INTERNAL_ERROR_ALERT;	7930 errCode = SSL_ERROR_INTERNAL_ERROR_ALERT;

7948 desc = internal_error;	7931 desc = internal_error;

7949 ret = SSL_SNI_SEND_ALERT;	7932 ret = SSL_SNI_SEND_ALERT;

7950 break;	7933 break;

7951 }	7934 }

7952 configedCiphers = ssl3_config_match_init(ss);	7935 configedCiphers = ssl3_cipher_suites_test_presence(ss);

7953 if (configedCiphers <= 0) {	7936 if (configedCiphers <= 0) {

7954 /* no ciphers are working/supported */	7937 /* no ciphers are working/supported */

7955 errCode = PORT_GetError();	7938 errCode = PORT_GetError();

7956 desc = handshake_failure;	7939 desc = handshake_failure;

7957 ret = SSL_SNI_SEND_ALERT;	7940 ret = SSL_SNI_SEND_ALERT;

7958 break;	7941 break;

7959 }	7942 }

7960 /* Need to tell the client that application has picked	7943 /* Need to tell the client that application has picked

7961 * the name from the offered list and reconfigured the socket.	7944 * the name from the offered list and reconfigured the socket.

7962 */	7945 */

(...skipping 176 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
8139 PORT_Memcpy(	8122 PORT_Memcpy(

8140 &ss->ssl3.hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],	8123 &ss->ssl3.hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],

8141 random, rand_length);	8124 random, rand_length);

8142	8125

8143 PRINT_BUF(60, (ss, "client random:", &ss->ssl3.hs.client_random.rand[0],	8126 PRINT_BUF(60, (ss, "client random:", &ss->ssl3.hs.client_random.rand[0],

8144 SSL3_RANDOM_LENGTH));	8127 SSL3_RANDOM_LENGTH));

8145 #ifdef NSS_ENABLE_ECC	8128 #ifdef NSS_ENABLE_ECC

8146 /* Disable any ECC cipher suites for which we have no cert. */	8129 /* Disable any ECC cipher suites for which we have no cert. */

8147 ssl3_FilterECCipherSuitesByServerCerts(ss);	8130 ssl3_FilterECCipherSuitesByServerCerts(ss);

8148 #endif	8131 #endif

8149 i = ssl3_config_match_init(ss);	8132 i = ssl3_cipher_suites_test_presence(ss);

8150 if (i <= 0) {	8133 if (i <= 0) {

8151 errCode = PORT_GetError(); /* error code is already set. */	8134 errCode = PORT_GetError(); /* error code is already set. */

8152 goto alert_loser;	8135 goto alert_loser;

8153 }	8136 }

8154	8137

8155 /* Select a cipher suite.	8138 /* Select a cipher suite.

8156 **	8139 **

8157 ** NOTE: This suite selection algorithm should be the same as the one in	8140 ** NOTE: This suite selection algorithm should be the same as the one in

8158 ** ssl3_HandleClientHello().	8141 ** ssl3_HandleClientHello().

8159 **	8142 **

8160 ** See the comments about export cipher suites in ssl3_HandleClientHello().	8143 ** See the comments about export cipher suites in ssl3_HandleClientHello().

8161 */	8144 */

8162 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {	8145 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {

8163 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];	8146 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];

8164 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE) \|\|	8147 » if (!cipher_suite_available(suite) \|\|

8165 !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,	8148 !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite,

8166 ss->version)) {	8149 ss->version)) {

8167 continue;	8150 continue;

8168 }	8151 }

8169 for (i = 0; i+2 < suite_length; i += 3) {	8152 for (i = 0; i+2 < suite_length; i += 3) {

8170 PRUint32 suite_i = (suites[i] << 16)\|(suites[i+1] << 8)\|suites[i+2];	8153 PRUint32 suite_i = (suites[i] << 16)\|(suites[i+1] << 8)\|suites[i+2];

8171 if (suite_i == suite->cipher_suite) {	8154 if (suite_i == suite->cipher_suite) {

8172 ss->ssl3.hs.cipher_suite = suite->cipher_suite;	8155 ss->ssl3.hs.cipher_suite = suite->cipher_suite;

8173 ss->ssl3.hs.suite_def =	8156 ss->ssl3.hs.suite_def =

8174 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);	8157 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite);

(...skipping 2274 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
10449 if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {	10432 if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {

10450 effectiveExchKeyType = kt_rsa;	10433 effectiveExchKeyType = kt_rsa;

10451 } else {	10434 } else {

10452 effectiveExchKeyType = ss->ssl3.hs.kea_def->exchKeyType;	10435 effectiveExchKeyType = ss->ssl3.hs.kea_def->exchKeyType;

10453 }	10436 }

10454	10437

10455 if (sid->cached == never_cached && !ss->opt.noCache && ss->sec.cache) {	10438 if (sid->cached == never_cached && !ss->opt.noCache && ss->sec.cache) {

10456 /* fill in the sid */	10439 /* fill in the sid */

10457 sid->u.ssl3.cipherSuite = ss->ssl3.hs.cipher_suite;	10440 sid->u.ssl3.cipherSuite = ss->ssl3.hs.cipher_suite;

10458 sid->u.ssl3.compression = ss->ssl3.hs.compression;	10441 sid->u.ssl3.compression = ss->ssl3.hs.compression;

10459 sid->u.ssl3.policy = ss->ssl3.policy;

10460 #ifdef NSS_ENABLE_ECC	10442 #ifdef NSS_ENABLE_ECC

10461 sid->u.ssl3.negotiatedECCurves = ss->ssl3.hs.negotiatedECCurves;	10443 sid->u.ssl3.negotiatedECCurves = ss->ssl3.hs.negotiatedECCurves;

10462 #endif	10444 #endif

10463 sid->u.ssl3.exchKeyType = effectiveExchKeyType;	10445 sid->u.ssl3.exchKeyType = effectiveExchKeyType;

10464 sid->version = ss->version;	10446 sid->version = ss->version;

10465 sid->authAlgorithm = ss->sec.authAlgorithm;	10447 sid->authAlgorithm = ss->sec.authAlgorithm;

10466 sid->authKeyBits = ss->sec.authKeyBits;	10448 sid->authKeyBits = ss->sec.authKeyBits;

10467 sid->keaType = ss->sec.keaType;	10449 sid->keaType = ss->sec.keaType;

10468 sid->keaKeyBits = ss->sec.keaKeyBits;	10450 sid->keaKeyBits = ss->sec.keaKeyBits;

10469 sid->lastAccessTime = sid->creationTime = ssl_Time();	10451 sid->lastAccessTime = sid->creationTime = ssl_Time();

(...skipping 1056 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11526 **	11508 **

11527 */	11509 */

11528 static SECStatus	11510 static SECStatus

11529 ssl3_InitState(sslSocket *ss)	11511 ssl3_InitState(sslSocket *ss)

11530 {	11512 {

11531 PORT_Assert( ss->opt.noLocks \|\| ssl_HaveSSL3HandshakeLock(ss));	11513 PORT_Assert( ss->opt.noLocks \|\| ssl_HaveSSL3HandshakeLock(ss));

11532	11514

11533 if (ss->ssl3.initialized)	11515 if (ss->ssl3.initialized)

11534 return SECSuccess; /* Function should be idempotent */	11516 return SECSuccess; /* Function should be idempotent */

11535	11517

11536 ss->ssl3.policy = SSL_ALLOWED;

11537

11538 ssl_GetSpecWriteLock(ss);	11518 ssl_GetSpecWriteLock(ss);

11539 ss->ssl3.crSpec = ss->ssl3.cwSpec = &ss->ssl3.specs[0];	11519 ss->ssl3.crSpec = ss->ssl3.cwSpec = &ss->ssl3.specs[0];

11540 ss->ssl3.prSpec = ss->ssl3.pwSpec = &ss->ssl3.specs[1];	11520 ss->ssl3.prSpec = ss->ssl3.pwSpec = &ss->ssl3.specs[1];

11541 ss->ssl3.hs.sendingSCSV = PR_FALSE;	11521 ss->ssl3.hs.sendingSCSV = PR_FALSE;

11542 ssl3_InitCipherSpec(ss, ss->ssl3.crSpec);	11522 ssl3_InitCipherSpec(ss, ss->ssl3.crSpec);

11543 ssl3_InitCipherSpec(ss, ss->ssl3.prSpec);	11523 ssl3_InitCipherSpec(ss, ss->ssl3.prSpec);

11544	11524

11545 ss->ssl3.hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello;	11525 ss->ssl3.hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello;

11546 #ifdef NSS_ENABLE_ECC	11526 #ifdef NSS_ENABLE_ECC

11547 ss->ssl3.hs.negotiatedECCurves = ssl3_GetSupportedECCurveMask(ss);	11527 ss->ssl3.hs.negotiatedECCurves = ssl3_GetSupportedECCurveMask(ss);

(...skipping 89 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11637 !(ss->stepDownKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {	11617 !(ss->stepDownKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {

11638 ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);	11618 ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);

11639 rv = SECFailure;	11619 rv = SECFailure;

11640 }	11620 }

11641 }	11621 }

11642 #endif	11622 #endif

11643 return rv;	11623 return rv;

11644 }	11624 }

11645	11625

11646	11626

11647 /* record the export policy for this cipher suite */

11648 SECStatus

11649 ssl3_SetPolicy(ssl3CipherSuite which, int policy)

11650 {

11651 ssl3CipherSuiteCfg *suite;

11652

11653 suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);

11654 if (suite == NULL) {

11655 return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */

11656 }

11657 suite->policy = policy;

11658

11659 return SECSuccess;

11660 }

11661

11662 SECStatus

11663 ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy)

11664 {

11665 ssl3CipherSuiteCfg *suite;

11666 PRInt32 policy;

11667 SECStatus rv;

11668

11669 suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);

11670 if (suite) {

11671 policy = suite->policy;

11672 rv = SECSuccess;

11673 } else {

11674 policy = SSL_NOT_ALLOWED;

11675 rv = SECFailure; /* err code was set by Lookup. */

11676 }

11677 *oPolicy = policy;

11678 return rv;

11679 }

11680

11681 /* record the user preference for this suite */	11627 /* record the user preference for this suite */

11682 SECStatus	11628 SECStatus

11683 ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)	11629 ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)

11684 {	11630 {

11685 ssl3CipherSuiteCfg *suite;	11631 ssl3CipherSuiteCfg *suite;

11686	11632

11687 suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);	11633 suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);

11688 if (suite == NULL) {	11634 if (suite == NULL) {

11689 return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */	11635 return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */

11690 }	11636 }

(...skipping 46 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11737 pref = suite->enabled;	11683 pref = suite->enabled;

11738 rv = SECSuccess;	11684 rv = SECSuccess;

11739 } else {	11685 } else {

11740 pref = SSL_NOT_ALLOWED;	11686 pref = SSL_NOT_ALLOWED;

11741 rv = SECFailure; /* err code was set by Lookup. */	11687 rv = SECFailure; /* err code was set by Lookup. */

11742 }	11688 }

11743 *enabled = pref;	11689 *enabled = pref;

11744 return rv;	11690 return rv;

11745 }	11691 }

11746	11692

11747 /* copy global default policy into socket. */	11693 /* copy global default ciphersuite preferences into socket. */

11748 void	11694 void

11749 ssl3_InitSocketPolicy(sslSocket *ss)	11695 ssl3_InitSocketCipherSuites(sslSocket *ss)

11750 {	11696 {

11751 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);	11697 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);

11752 }	11698 }

11753	11699

11754 SECStatus	11700 SECStatus

11755 ssl3_GetTLSUniqueChannelBinding(sslSocket *ss,	11701 ssl3_GetTLSUniqueChannelBinding(sslSocket *ss,

11756 unsigned char *out,	11702 unsigned char *out,

11757 unsigned int *outLen,	11703 unsigned int *outLen,

11758 unsigned int outLenMax) {	11704 unsigned int outLenMax) {

11759 PRBool isTLS;	11705 PRBool isTLS;

(...skipping 46 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11806 memcpy(out, &ss->ssl3.hs.finishedMsgs.sFinished[index], len);	11752 memcpy(out, &ss->ssl3.hs.finishedMsgs.sFinished[index], len);

11807 }	11753 }

11808	11754

11809 rv = SECSuccess;	11755 rv = SECSuccess;

11810	11756

11811 loser:	11757 loser:

11812 ssl_ReleaseSSL3HandshakeLock(ss);	11758 ssl_ReleaseSSL3HandshakeLock(ss);

11813 return rv;	11759 return rv;

11814 }	11760 }

11815	11761

11816 /* ssl3_config_match_init must have already been called by	11762 /* ssl3_cipher_suites_test_presence must have already been called by the caller

11817 * the caller of this function.	11763 * of this function.

11818 */	11764 */

11819 SECStatus	11765 SECStatus

11820 ssl3_ConstructV2CipherSpecsHack(sslSocket ss, unsigned char cs, int *size)	11766 ssl3_ConstructV2CipherSpecsHack(sslSocket ss, unsigned char cs, int *size)

11821 {	11767 {

11822 int i, count = 0;	11768 int i, count = 0;

11823	11769

11824 PORT_Assert(ss != 0);	11770 PORT_Assert(ss != 0);

11825 if (!ss) {	11771 if (!ss) {

11826 PORT_SetError(PR_INVALID_ARGUMENT_ERROR);	11772 PORT_SetError(PR_INVALID_ARGUMENT_ERROR);

11827 return SECFailure;	11773 return SECFailure;

11828 }	11774 }

11829 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {	11775 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) {

11830 *size = 0;	11776 *size = 0;

11831 return SECSuccess;	11777 return SECSuccess;

11832 }	11778 }

11833 if (cs == NULL) {	11779 if (cs == NULL) {

11834 » *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE);	11780 » *size = count_cipher_suites(ss);

11835 return SECSuccess;	11781 return SECSuccess;

11836 }	11782 }

11837	11783

11838 /* ssl3_config_match_init was called by the caller of this function. */	11784 /* ssl3_cipher_suites_test_presence was called by the caller of this

	11785 * function. */

11839 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {	11786 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {

11840 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];	11787 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];

11841 » if (config_match(suite, SSL_ALLOWED, PR_TRUE)) {	11788 » if (cipher_suite_available(suite)) {

11842 if (cs != NULL) {	11789 if (cs != NULL) {

11843 *cs++ = 0x00;	11790 *cs++ = 0x00;

11844 *cs++ = (suite->cipher_suite >> 8) & 0xFF;	11791 *cs++ = (suite->cipher_suite >> 8) & 0xFF;

11845 *cs++ = suite->cipher_suite & 0xFF;	11792 *cs++ = suite->cipher_suite & 0xFF;

11846 }	11793 }

11847 count++;	11794 count++;

11848 }	11795 }

11849 }	11796 }

11850 *size = count;	11797 *size = count;

11851 return SECSuccess;	11798 return SECSuccess;

(...skipping 117 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11969 PORT_Free(ss->ssl3.hs.recvdFragments.buf);	11916 PORT_Free(ss->ssl3.hs.recvdFragments.buf);

11970 }	11917 }

11971 }	11918 }

11972	11919

11973 ss->ssl3.initialized = PR_FALSE;	11920 ss->ssl3.initialized = PR_FALSE;

11974	11921

11975 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);	11922 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);

11976 }	11923 }

11977	11924

11978 /* End of ssl3con.c */	11925 /* End of ssl3con.c */

OLD	NEW

« net/third_party/nss/ssl/ssl.h ('K') | « net/third_party/nss/ssl/ssl.h ('k') | net/third_party/nss/ssl/ssl3ecc.c » ('j') | net/third_party/nss/ssl/sslcon.c » ('J')