OLD | NEW |
1 /* | 1 /* |
2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. | 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 #include "nssrenam.h" | 8 #include "nssrenam.h" |
9 #include "cert.h" | 9 #include "cert.h" |
10 #include "secitem.h" | 10 #include "secitem.h" |
11 #include "sechash.h" | 11 #include "sechash.h" |
12 #include "cryptohi.h" /* for SGN_ funcs */ | 12 #include "cryptohi.h" /* for SGN_ funcs */ |
13 #include "keyhi.h" /* for SECKEY_ high level functions. */ | 13 #include "keyhi.h" /* for SECKEY_ high level functions. */ |
14 #include "ssl.h" | 14 #include "ssl.h" |
15 #include "sslimpl.h" | 15 #include "sslimpl.h" |
16 #include "sslproto.h" | 16 #include "sslproto.h" |
17 #include "ssl3prot.h" | 17 #include "ssl3prot.h" |
18 #include "sslerr.h" | 18 #include "sslerr.h" |
19 #include "pk11func.h" | 19 #include "pk11func.h" |
20 #include "prinit.h" | 20 #include "prinit.h" |
21 #include "prtime.h" /* for PR_Now() */ | 21 #include "prtime.h" /* for PR_Now() */ |
22 | 22 |
23 #define XXX | |
24 static PRBool policyWasSet; | |
25 | |
26 /* This ordered list is indexed by (SSL_CK_xx * 3) */ | 23 /* This ordered list is indexed by (SSL_CK_xx * 3) */ |
27 /* Second and third bytes are MSB and LSB of master key length. */ | 24 /* Second and third bytes are MSB and LSB of master key length. */ |
28 static const PRUint8 allCipherSuites[] = { | 25 static const PRUint8 allCipherSuites[] = { |
29 0, 0, 0, | 26 0, 0, 0, |
30 SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80, | 27 SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80, |
31 SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80, | 28 SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80, |
32 SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80, | 29 SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80, |
33 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80, | 30 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80, |
34 SSL_CK_IDEA_128_CBC_WITH_MD5, 0x00, 0x80, | 31 SSL_CK_IDEA_128_CBC_WITH_MD5, 0x00, 0x80, |
35 SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40, | 32 SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40, |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
108 "RC2-CBC", | 105 "RC2-CBC", |
109 "RC2-CBC-Export", | 106 "RC2-CBC-Export", |
110 "IDEA-CBC", | 107 "IDEA-CBC", |
111 "DES-CBC", | 108 "DES-CBC", |
112 "DES-EDE3-CBC", | 109 "DES-EDE3-CBC", |
113 "unknown", | 110 "unknown", |
114 "unknown", /* was fortezza, NO LONGER USED */ | 111 "unknown", /* was fortezza, NO LONGER USED */ |
115 }; | 112 }; |
116 | 113 |
117 | 114 |
118 /* bit-masks, showing which SSLv2 suites are allowed. | 115 /* bit-mask, showing which SSLv2 suites are allowed. |
119 * lsb corresponds to first cipher suite in allCipherSuites[]. | 116 * lsb corresponds to first cipher suite in allCipherSuites[]. |
120 */ | 117 */ |
121 static PRUint16 allowedByPolicy; /* all off by default */ | |
122 static PRUint16 maybeAllowedByPolicy; /* all off by default */ | |
123 static PRUint16 chosenPreference = 0xff; /* all on by default */ | 118 static PRUint16 chosenPreference = 0xff; /* all on by default */ |
124 | 119 |
125 /* bit values for the above two bit masks */ | 120 /* bit values for the above bit mask */ |
126 #define SSL_CB_RC4_128_WITH_MD5 (1 << SSL_CK_RC4_128_WITH_MD5) | 121 #define SSL_CB_RC4_128_WITH_MD5 (1 << SSL_CK_RC4_128_WITH_MD5) |
127 #define SSL_CB_RC4_128_EXPORT40_WITH_MD5 (1 << SSL_CK_RC4_128_EXPORT40_WITH_
MD5) | 122 #define SSL_CB_RC4_128_EXPORT40_WITH_MD5 (1 << SSL_CK_RC4_128_EXPORT40_WITH_
MD5) |
128 #define SSL_CB_RC2_128_CBC_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_WITH_MD5) | 123 #define SSL_CB_RC2_128_CBC_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_WITH_MD5) |
129 #define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_EXPORT40_W
ITH_MD5) | 124 #define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_EXPORT40_W
ITH_MD5) |
130 #define SSL_CB_IDEA_128_CBC_WITH_MD5 (1 << SSL_CK_IDEA_128_CBC_WITH_MD5) | 125 #define SSL_CB_IDEA_128_CBC_WITH_MD5 (1 << SSL_CK_IDEA_128_CBC_WITH_MD5) |
131 #define SSL_CB_DES_64_CBC_WITH_MD5 (1 << SSL_CK_DES_64_CBC_WITH_MD5) | 126 #define SSL_CB_DES_64_CBC_WITH_MD5 (1 << SSL_CK_DES_64_CBC_WITH_MD5) |
132 #define SSL_CB_DES_192_EDE3_CBC_WITH_MD5 (1 << SSL_CK_DES_192_EDE3_CBC_WITH_
MD5) | 127 #define SSL_CB_DES_192_EDE3_CBC_WITH_MD5 (1 << SSL_CK_DES_192_EDE3_CBC_WITH_
MD5) |
133 #define SSL_CB_IMPLEMENTED \ | 128 #define SSL_CB_IMPLEMENTED \ |
134 (SSL_CB_RC4_128_WITH_MD5 | \ | 129 (SSL_CB_RC4_128_WITH_MD5 | \ |
135 SSL_CB_RC4_128_EXPORT40_WITH_MD5 | \ | 130 SSL_CB_RC4_128_EXPORT40_WITH_MD5 | \ |
(...skipping 14 matching lines...) Expand all Loading... |
150 int ssl3_count = 0; | 145 int ssl3_count = 0; |
151 int final_count; | 146 int final_count; |
152 int i; | 147 int i; |
153 SECStatus rv; | 148 SECStatus rv; |
154 | 149 |
155 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); | 150 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); |
156 | 151 |
157 count = 0; | 152 count = 0; |
158 PORT_Assert(ss != 0); | 153 PORT_Assert(ss != 0); |
159 allowed = !ss->opt.enableSSL2 ? 0 : | 154 allowed = !ss->opt.enableSSL2 ? 0 : |
160 » (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED); | 155 » (ss->chosenPreference & SSL_CB_IMPLEMENTED); |
161 while (allowed) { | 156 while (allowed) { |
162 if (allowed & 1) | 157 if (allowed & 1) |
163 ++count; | 158 ++count; |
164 allowed >>= 1; | 159 allowed >>= 1; |
165 } | 160 } |
166 | 161 |
167 /* Call ssl3_config_match_init() once here, | 162 /* Call ssl3_cipher_suite_available_init() once here, |
168 * instead of inside ssl3_ConstructV2CipherSpecsHack(), | 163 * instead of inside ssl3_ConstructV2CipherSpecsHack(), |
169 * because the latter gets called twice below, | 164 * because the latter gets called twice below, |
170 * and then again in ssl2_BeginClientHandshake(). | 165 * and then again in ssl2_BeginClientHandshake(). |
171 */ | 166 */ |
172 ssl3_config_match_init(ss); | 167 ssl3_cipher_suite_available_init(ss); |
173 | 168 |
174 /* ask SSL3 how many cipher suites it has. */ | 169 /* ask SSL3 how many cipher suites it has. */ |
175 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count); | 170 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count); |
176 if (rv < 0) | 171 if (rv < 0) |
177 return rv; | 172 return rv; |
178 count += ssl3_count; | 173 count += ssl3_count; |
179 | 174 |
180 /* Allocate memory to hold cipher specs */ | 175 /* Allocate memory to hold cipher specs */ |
181 if (count > 0) | 176 if (count > 0) |
182 cs = (PRUint8*) PORT_Alloc(count * 3); | 177 cs = (PRUint8*) PORT_Alloc(count * 3); |
183 else | 178 else |
184 PORT_SetError(SSL_ERROR_SSL_DISABLED); | 179 PORT_SetError(SSL_ERROR_SSL_DISABLED); |
185 if (cs == NULL) | 180 if (cs == NULL) |
186 return SECFailure; | 181 return SECFailure; |
187 | 182 |
188 if (ss->cipherSpecs != NULL) { | 183 if (ss->cipherSpecs != NULL) { |
189 PORT_Free(ss->cipherSpecs); | 184 PORT_Free(ss->cipherSpecs); |
190 } | 185 } |
191 ss->cipherSpecs = cs; | 186 ss->cipherSpecs = cs; |
192 ss->sizeCipherSpecs = count * 3; | 187 ss->sizeCipherSpecs = count * 3; |
193 | 188 |
194 /* fill in cipher specs for SSL2 cipher suites */ | 189 /* fill in cipher specs for SSL2 cipher suites */ |
195 allowed = !ss->opt.enableSSL2 ? 0 : | 190 allowed = !ss->opt.enableSSL2 ? 0 : |
196 » (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED); | 191 » (ss->chosenPreference & SSL_CB_IMPLEMENTED); |
197 for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) { | 192 for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) { |
198 const PRUint8 * hs = implementedCipherSuites + i; | 193 const PRUint8 * hs = implementedCipherSuites + i; |
199 int ok = allowed & (1U << hs[0]); | 194 int ok = allowed & (1U << hs[0]); |
200 if (ok) { | 195 if (ok) { |
201 cs[0] = hs[0]; | 196 cs[0] = hs[0]; |
202 cs[1] = hs[1]; | 197 cs[1] = hs[1]; |
203 cs[2] = hs[2]; | 198 cs[2] = hs[2]; |
204 cs += 3; | 199 cs += 3; |
205 } | 200 } |
206 } | 201 } |
(...skipping 11 matching lines...) Expand all Loading... |
218 ** at the beginning of a handshake. It detects cases where a protocol | 213 ** at the beginning of a handshake. It detects cases where a protocol |
219 ** (e.g. SSL2 or SSL3) is logically enabled, but all its cipher suites | 214 ** (e.g. SSL2 or SSL3) is logically enabled, but all its cipher suites |
220 ** for that protocol have been disabled. If such cases, it clears the | 215 ** for that protocol have been disabled. If such cases, it clears the |
221 ** enable bit for the protocol. If no protocols remain enabled, or | 216 ** enable bit for the protocol. If no protocols remain enabled, or |
222 ** if no cipher suites are found, it sets the error code and returns | 217 ** if no cipher suites are found, it sets the error code and returns |
223 ** SECFailure, otherwise it returns SECSuccess. | 218 ** SECFailure, otherwise it returns SECSuccess. |
224 */ | 219 */ |
225 static SECStatus | 220 static SECStatus |
226 ssl2_CheckConfigSanity(sslSocket *ss) | 221 ssl2_CheckConfigSanity(sslSocket *ss) |
227 { | 222 { |
228 unsigned int allowed; | |
229 int ssl3CipherCount = 0; | 223 int ssl3CipherCount = 0; |
230 SECStatus rv; | 224 SECStatus rv; |
231 | 225 |
232 /* count the SSL2 and SSL3 enabled ciphers. | 226 /* count the SSL2 and SSL3 enabled ciphers. |
233 * if either is zero, clear the socket's enable for that protocol. | 227 * if either is zero, clear the socket's enable for that protocol. |
234 */ | 228 */ |
235 if (!ss->cipherSpecs) | 229 if (!ss->cipherSpecs) |
236 goto disabled; | 230 goto disabled; |
237 | 231 |
238 allowed = ss->allowedByPolicy & ss->chosenPreference; | 232 if (!ss->chosenPreference) |
239 if (! allowed) | |
240 ss->opt.enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */ | 233 ss->opt.enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */ |
241 | 234 |
242 /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */ | 235 /* ssl3_cipher_suite_available_init was called in |
| 236 * ssl2_ConstructCipherSpecs(). */ |
243 /* Ask how many ssl3 CipherSuites were enabled. */ | 237 /* Ask how many ssl3 CipherSuites were enabled. */ |
244 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount); | 238 rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount); |
245 if (rv != SECSuccess || ssl3CipherCount <= 0) { | 239 if (rv != SECSuccess || ssl3CipherCount <= 0) { |
246 /* SSL3/TLS not really enabled if no ciphers */ | 240 /* SSL3/TLS not really enabled if no ciphers */ |
247 ss->vrange.min = SSL_LIBRARY_VERSION_NONE; | 241 ss->vrange.min = SSL_LIBRARY_VERSION_NONE; |
248 ss->vrange.max = SSL_LIBRARY_VERSION_NONE; | 242 ss->vrange.max = SSL_LIBRARY_VERSION_NONE; |
249 } | 243 } |
250 | 244 |
251 if (!ss->opt.enableSSL2 && SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { | 245 if (!ss->opt.enableSSL2 && SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { |
252 SSL_DBG(("%d: SSL[%d]: Can't handshake! all versions disabled.", | 246 SSL_DBG(("%d: SSL[%d]: Can't handshake! all versions disabled.", |
253 SSL_GETPID(), ss->fd)); | 247 SSL_GETPID(), ss->fd)); |
254 disabled: | 248 disabled: |
255 PORT_SetError(SSL_ERROR_SSL_DISABLED); | 249 PORT_SetError(SSL_ERROR_SSL_DISABLED); |
256 return SECFailure; | 250 return SECFailure; |
257 } | 251 } |
258 return SECSuccess; | 252 return SECSuccess; |
259 } | 253 } |
260 | 254 |
261 /* | 255 /* |
262 * Since this is a global (not per-socket) setting, we cannot use the | 256 * Since this is a global (not per-socket) setting, we cannot use the |
263 * HandshakeLock to protect this. Probably want a global lock. | 257 * HandshakeLock to protect this. Probably want a global lock. |
264 */ | |
265 SECStatus | |
266 ssl2_SetPolicy(PRInt32 which, PRInt32 policy) | |
267 { | |
268 PRUint32 bitMask; | |
269 SECStatus rv = SECSuccess; | |
270 | |
271 which &= 0x000f; | |
272 bitMask = 1 << which; | |
273 | |
274 if (!(bitMask & SSL_CB_IMPLEMENTED)) { | |
275 PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); | |
276 return SECFailure; | |
277 } | |
278 | |
279 if (policy == SSL_ALLOWED) { | |
280 allowedByPolicy |= bitMask; | |
281 maybeAllowedByPolicy |= bitMask; | |
282 } else if (policy == SSL_RESTRICTED) { | |
283 allowedByPolicy &= ~bitMask; | |
284 maybeAllowedByPolicy |= bitMask; | |
285 } else { | |
286 allowedByPolicy &= ~bitMask; | |
287 maybeAllowedByPolicy &= ~bitMask; | |
288 } | |
289 allowedByPolicy &= SSL_CB_IMPLEMENTED; | |
290 maybeAllowedByPolicy &= SSL_CB_IMPLEMENTED; | |
291 | |
292 policyWasSet = PR_TRUE; | |
293 return rv; | |
294 } | |
295 | |
296 SECStatus | |
297 ssl2_GetPolicy(PRInt32 which, PRInt32 *oPolicy) | |
298 { | |
299 PRUint32 bitMask; | |
300 PRInt32 policy; | |
301 | |
302 which &= 0x000f; | |
303 bitMask = 1 << which; | |
304 | |
305 /* Caller assures oPolicy is not null. */ | |
306 if (!(bitMask & SSL_CB_IMPLEMENTED)) { | |
307 PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); | |
308 *oPolicy = SSL_NOT_ALLOWED; | |
309 return SECFailure; | |
310 } | |
311 | |
312 if (maybeAllowedByPolicy & bitMask) { | |
313 policy = (allowedByPolicy & bitMask) ? SSL_ALLOWED : SSL_RESTRICTED; | |
314 } else { | |
315 policy = SSL_NOT_ALLOWED; | |
316 } | |
317 | |
318 *oPolicy = policy; | |
319 return SECSuccess; | |
320 } | |
321 | |
322 /* | |
323 * Since this is a global (not per-socket) setting, we cannot use the | |
324 * HandshakeLock to protect this. Probably want a global lock. | |
325 * Called from SSL_CipherPrefSetDefault in sslsock.c | 258 * Called from SSL_CipherPrefSetDefault in sslsock.c |
326 * These changes have no effect on any sslSockets already created. | 259 * These changes have no effect on any sslSockets already created. |
327 */ | 260 */ |
328 SECStatus | 261 SECStatus |
329 ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled) | 262 ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled) |
330 { | 263 { |
331 PRUint32 bitMask; | 264 PRUint32 bitMask; |
332 | 265 |
333 which &= 0x000f; | 266 which &= 0x000f; |
334 bitMask = 1 << which; | 267 bitMask = 1 << which; |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
403 *enabled = PR_FALSE; | 336 *enabled = PR_FALSE; |
404 return SECFailure; | 337 return SECFailure; |
405 } | 338 } |
406 | 339 |
407 rv = (PRBool)((ss->chosenPreference & bitMask) != 0); | 340 rv = (PRBool)((ss->chosenPreference & bitMask) != 0); |
408 *enabled = rv; | 341 *enabled = rv; |
409 return SECSuccess; | 342 return SECSuccess; |
410 } | 343 } |
411 | 344 |
412 | 345 |
413 /* copy global default policy into socket. */ | 346 /* copy global default cipher suite preferences into socket. */ |
414 void | 347 void |
415 ssl2_InitSocketPolicy(sslSocket *ss) | 348 ssl2_InitSocketCipherSuites(sslSocket *ss) |
416 { | 349 { |
417 ss->allowedByPolicy = allowedByPolicy; | |
418 ss->maybeAllowedByPolicy = maybeAllowedByPolicy; | |
419 ss->chosenPreference = chosenPreference; | 350 ss->chosenPreference = chosenPreference; |
420 } | 351 } |
421 | 352 |
422 | 353 |
423 /************************************************************************/ | 354 /************************************************************************/ |
424 | 355 |
425 /* Called from ssl2_CreateSessionCypher(), which already holds handshake lock. | 356 /* Called from ssl2_CreateSessionCypher(), which already holds handshake lock. |
426 */ | 357 */ |
427 static SECStatus | 358 static SECStatus |
428 ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey, | 359 ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey, |
(...skipping 1120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1549 { | 1480 { |
1550 PRUint8 * dk = NULL; /* decrypted master key */ | 1481 PRUint8 * dk = NULL; /* decrypted master key */ |
1551 sslSessionID * sid; | 1482 sslSessionID * sid; |
1552 sslServerCerts * sc = ss->serverCerts + kt_rsa; | 1483 sslServerCerts * sc = ss->serverCerts + kt_rsa; |
1553 PRUint8 * kbuf = 0; /* buffer for RSA decrypted data. */ | 1484 PRUint8 * kbuf = 0; /* buffer for RSA decrypted data. */ |
1554 unsigned int ddLen; /* length of RSA decrypted data in kbuf */ | 1485 unsigned int ddLen; /* length of RSA decrypted data in kbuf */ |
1555 unsigned int keySize; | 1486 unsigned int keySize; |
1556 unsigned int dkLen; /* decrypted key length in bytes */ | 1487 unsigned int dkLen; /* decrypted key length in bytes */ |
1557 int modulusLen; | 1488 int modulusLen; |
1558 SECStatus rv; | 1489 SECStatus rv; |
1559 PRUint16 allowed; /* cipher kinds enabled and allowed by policy */ | 1490 PRUint16 allowed; /* cipher kinds enabled */ |
1560 PRUint8 mkbuf[SSL_MAX_MASTER_KEY_BYTES]; | 1491 PRUint8 mkbuf[SSL_MAX_MASTER_KEY_BYTES]; |
1561 | 1492 |
1562 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); | 1493 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); |
1563 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); | 1494 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); |
1564 PORT_Assert((sc->SERVERKEY != 0)); | 1495 PORT_Assert((sc->SERVERKEY != 0)); |
1565 PORT_Assert((ss->sec.ci.sid != 0)); | 1496 PORT_Assert((ss->sec.ci.sid != 0)); |
1566 sid = ss->sec.ci.sid; | 1497 sid = ss->sec.ci.sid; |
1567 | 1498 |
1568 /* Trying to cut down on all these switch statements that should be tables. | 1499 /* Trying to cut down on all these switch statements that should be tables. |
1569 * So, test cipherType once, here, and then use tables below. | 1500 * So, test cipherType once, here, and then use tables below. |
1570 */ | 1501 */ |
1571 switch (cipher) { | 1502 switch (cipher) { |
1572 case SSL_CK_RC4_128_EXPORT40_WITH_MD5: | 1503 case SSL_CK_RC4_128_EXPORT40_WITH_MD5: |
1573 case SSL_CK_RC4_128_WITH_MD5: | 1504 case SSL_CK_RC4_128_WITH_MD5: |
1574 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: | 1505 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: |
1575 case SSL_CK_RC2_128_CBC_WITH_MD5: | 1506 case SSL_CK_RC2_128_CBC_WITH_MD5: |
1576 case SSL_CK_DES_64_CBC_WITH_MD5: | 1507 case SSL_CK_DES_64_CBC_WITH_MD5: |
1577 case SSL_CK_DES_192_EDE3_CBC_WITH_MD5: | 1508 case SSL_CK_DES_192_EDE3_CBC_WITH_MD5: |
1578 break; | 1509 break; |
1579 | 1510 |
1580 default: | 1511 default: |
1581 SSL_DBG(("%d: SSL[%d]: ssl2_ServerSetupSessionCypher: unknown cipher=%d"
, | 1512 SSL_DBG(("%d: SSL[%d]: ssl2_ServerSetupSessionCypher: unknown cipher=%d"
, |
1582 SSL_GETPID(), ss->fd, cipher)); | 1513 SSL_GETPID(), ss->fd, cipher)); |
1583 PORT_SetError(SSL_ERROR_BAD_CLIENT); | 1514 PORT_SetError(SSL_ERROR_BAD_CLIENT); |
1584 goto loser; | 1515 goto loser; |
1585 } | 1516 } |
1586 | 1517 |
1587 allowed = ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED; | 1518 allowed = ss->chosenPreference & SSL_CB_IMPLEMENTED; |
1588 if (!(allowed & (1 << cipher))) { | 1519 if (!(allowed & (1 << cipher))) { |
1589 /* client chose a kind we don't allow! */ | 1520 /* client chose a kind we don't allow! */ |
1590 SSL_DBG(("%d: SSL[%d]: disallowed cipher=%d", | 1521 SSL_DBG(("%d: SSL[%d]: disallowed cipher=%d", |
1591 SSL_GETPID(), ss->fd, cipher)); | 1522 SSL_GETPID(), ss->fd, cipher)); |
1592 PORT_SetError(SSL_ERROR_BAD_CLIENT); | 1523 PORT_SetError(SSL_ERROR_BAD_CLIENT); |
1593 goto loser; | 1524 goto loser; |
1594 } | 1525 } |
1595 | 1526 |
1596 keySize = ssl_Specs[cipher].keyLen; | 1527 keySize = ssl_Specs[cipher].keyLen; |
1597 if (keyBits != keySize * BPB) { | 1528 if (keyBits != keySize * BPB) { |
(...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1807 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); | 1738 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); |
1808 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); | 1739 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); |
1809 | 1740 |
1810 if (!ss->cipherSpecs) { | 1741 if (!ss->cipherSpecs) { |
1811 SECStatus rv = ssl2_ConstructCipherSpecs(ss); | 1742 SECStatus rv = ssl2_ConstructCipherSpecs(ss); |
1812 if (rv != SECSuccess || !ss->cipherSpecs) | 1743 if (rv != SECSuccess || !ss->cipherSpecs) |
1813 goto loser; | 1744 goto loser; |
1814 } | 1745 } |
1815 | 1746 |
1816 if (!ss->preferredCipher) { | 1747 if (!ss->preferredCipher) { |
1817 » unsigned int allowed = ss->allowedByPolicy & ss->chosenPreference & | 1748 » unsigned int allowed = ss->chosenPreference & SSL_CB_IMPLEMENTED; |
1818 » SSL_CB_IMPLEMENTED; | |
1819 if (allowed) { | 1749 if (allowed) { |
1820 preferred = implementedCipherSuites; | 1750 preferred = implementedCipherSuites; |
1821 for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) { | 1751 for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) { |
1822 if (0 != (allowed & (1U << preferred[0]))) { | 1752 if (0 != (allowed & (1U << preferred[0]))) { |
1823 ss->preferredCipher = preferred; | 1753 ss->preferredCipher = preferred; |
1824 break; | 1754 break; |
1825 } | 1755 } |
1826 preferred += 3; | 1756 preferred += 3; |
1827 } | 1757 } |
1828 } | 1758 } |
(...skipping 1858 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3687 | 3617 |
3688 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; | 3618 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; |
3689 return NSS_VersionCheck(importedVersion); | 3619 return NSS_VersionCheck(importedVersion); |
3690 } | 3620 } |
3691 | 3621 |
3692 const char * | 3622 const char * |
3693 NSSSSL_GetVersion(void) | 3623 NSSSSL_GetVersion(void) |
3694 { | 3624 { |
3695 return NSS_VERSION; | 3625 return NSS_VERSION; |
3696 } | 3626 } |
OLD | NEW |