| OLD | NEW |
|---|
| 1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
| 2 --- a/nss/lib/ssl/ssl3con.c 2013-07-31 14:17:20.669282120 -0700 | 2 --- a/nss/lib/ssl/ssl3con.c 2013-07-31 14:17:20.669282120 -0700 |
| 3 +++ b/nss/lib/ssl/ssl3con.c 2013-07-31 14:28:56.549496061 -0700 | 3 +++ b/nss/lib/ssl/ssl3con.c 2013-07-31 14:28:56.549496061 -0700 |
| 4 @@ -9912,8 +9912,10 @@ ssl3_SendNextProto(sslSocket *ss) | 4 @@ -9912,8 +9912,10 @@ ssl3_SendNextProto(sslSocket *ss) |
| 5 int padding_len; | 5 int padding_len; |
| 6 static const unsigned char padding[32] = {0}; | 6 static const unsigned char padding[32] = {0}; |
| 7 | 7 |
| 8 - if (ss->ssl3.nextProto.len == 0) | 8 - if (ss->ssl3.nextProto.len == 0) |
| 9 + if (ss->ssl3.nextProto.len == 0 || | 9 + if (ss->ssl3.nextProto.len == 0 || |
| 10 + ss->ssl3.nextProtoState == SSL_NEXT_PROTO_SELECTED) { | 10 + ss->ssl3.nextProtoState == SSL_NEXT_PROTO_SELECTED) { |
| 11 return SECSuccess; | 11 return SECSuccess; |
| 12 + } | 12 + } |
| 13 | 13 |
| 14 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss)); | 14 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss)); |
| 15 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); | 15 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
| 16 diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c | 16 diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c |
| 17 --- a/nss/lib/ssl/ssl3ext.c 2013-07-31 14:10:00.342814862 -0700 | 17 --- a/nss/lib/ssl/ssl3ext.c 2013-07-31 14:10:00.342814862 -0700 |
| 18 +++ b/nss/lib/ssl/ssl3ext.c 2013-07-31 14:28:56.549496061 -0700 | 18 +++ b/nss/lib/ssl/ssl3ext.c 2013-07-31 14:28:56.549496061 -0700 |
| 19 @@ -52,8 +52,12 @@ static SECStatus ssl3_HandleRenegotiatio | 19 @@ -53,8 +53,12 @@ |
| 20 PRUint16 ex_type, SECItem *data); | 20 PRUint16 ex_type, SECItem *data); |
| 21 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, | 21 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, |
| 22 PRUint16 ex_type, SECItem *data); | 22 PRUint16 ex_type, SECItem *data); |
| 23 +static SECStatus ssl3_ClientHandleAppProtoXtn(sslSocket *ss, | 23 +static SECStatus ssl3_ClientHandleAppProtoXtn(sslSocket *ss, |
| 24 + PRUint16 ex_type, SECItem *data); | 24 + PRUint16 ex_type, SECItem *data); |
| 25 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, | 25 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, |
| 26 PRUint16 ex_type, SECItem *data); | 26 PRUint16 ex_type, SECItem *data); |
| 27 +static PRInt32 ssl3_ClientSendAppProtoXtn(sslSocket *ss, PRBool append, | 27 +static PRInt32 ssl3_ClientSendAppProtoXtn(sslSocket *ss, PRBool append, |
| 28 + PRUint32 maxBytes); | 28 + PRUint32 maxBytes); |
| 29 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, | 29 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, |
| 30 PRUint32 maxBytes); | 30 PRUint32 maxBytes); |
| 31 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, | 31 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, |
| 32 @@ -246,14 +250,15 @@ static const ssl3HelloExtensionHandler c | 32 @@ -252,6 +256,7 @@ |
| 33 /* These two tables are used by the client, to handle server hello | 33 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
| 34 * extensions. */ | 34 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| 35 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { | 35 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
| 36 - { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 36 + { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, |
| 37 + { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 37 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
| 38 /* TODO: add a handler for ssl_ec_point_formats_xtn */ | 38 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
| 39 - { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 39 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
| 40 - { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 40 @@ -271,18 +276,19 @@ |
| 41 - { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | |
| 42 - { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | |
| 43 - { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | |
| 44 - { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | |
| 45 + { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | |
| 46 + { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | |
| 47 + { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | |
| 48 + { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, | |
| 49 + { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | |
| 50 + { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | |
| 51 + { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | |
| 52 { -1, NULL } | |
| 53 }; | |
| 54 | |
| 55 @@ -270,17 +275,18 @@ static const ssl3HelloExtensionHandler s | |
| 56 */ | 41 */ |
| 57 static const | 42 static const |
| 58 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { | 43 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { |
| 59 - { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 44 - { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
| 60 - { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 45 - { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
| 61 + { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 46 + { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
| 62 + { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 47 + { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
| 63 #ifdef NSS_ENABLE_ECC | 48 #ifdef NSS_ENABLE_ECC |
| 64 - { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 49 - { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
| 65 - { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 50 - { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
| 66 + { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 51 + { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
| 67 + { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 52 + { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
| 68 #endif | 53 #endif |
| 69 - { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 54 - { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
| 70 - { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 55 - { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
| 71 - { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 56 - { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
| 72 - { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 57 - { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
| 73 - { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 58 - { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
| 59 - { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } |
| 74 + { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 60 + { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
| 75 + { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 61 + { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
| 76 + { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 62 + { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
| 77 + { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 63 + { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
| 78 + { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 64 + { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
| 79 + { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 65 + { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
| 80 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } | 66 + { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } |
| 81 /* any extra entries will appear as { 0, NULL } */ | 67 /* any extra entries will appear as { 0, NULL } */ |
| 82 }; | 68 }; |
| 83 @@ -605,6 +611,11 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc | 69 |
| 70 @@ -606,6 +612,11 @@ |
| 84 | 71 |
| 85 PORT_Assert(!ss->firstHsDone); | 72 PORT_Assert(!ss->firstHsDone); |
| 86 | 73 |
| 87 + if (ssl3_ExtensionNegotiated(ss, ssl_app_layer_protocol_xtn)) { | 74 + if (ssl3_ExtensionNegotiated(ss, ssl_app_layer_protocol_xtn)) { |
| 88 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); | 75 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); |
| 89 + return SECFailure; | 76 + return SECFailure; |
| 90 + } | 77 + } |
| 91 + | 78 + |
| 92 rv = ssl3_ValidateNextProtoNego(data->data, data->len); | 79 rv = ssl3_ValidateNextProtoNego(data->data, data->len); |
| 93 if (rv != SECSuccess) | 80 if (rv != SECSuccess) |
| 94 return rv; | 81 return rv; |
| 95 @@ -638,6 +649,44 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc | 82 @@ -639,6 +650,44 @@ |
| 96 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); | 83 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); |
| 97 } | 84 } |
| 98 | 85 |
| 99 +static SECStatus | 86 +static SECStatus |
| 100 +ssl3_ClientHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data) | 87 +ssl3_ClientHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data) |
| 101 +{ | 88 +{ |
| 102 + const unsigned char* d = data->data; | 89 + const unsigned char* d = data->data; |
| 103 + PRUint16 name_list_len; | 90 + PRUint16 name_list_len; |
| 104 + SECItem protocol_name; | 91 + SECItem protocol_name; |
| 105 + | 92 + |
| (...skipping 24 matching lines...) Expand all Loading... |
| 130 + | 117 + |
| 131 + SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 118 + SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 132 + ss->ssl3.nextProtoState = SSL_NEXT_PROTO_SELECTED; | 119 + ss->ssl3.nextProtoState = SSL_NEXT_PROTO_SELECTED; |
| 133 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 120 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 134 + return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &protocol_name); | 121 + return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &protocol_name); |
| 135 +} | 122 +} |
| 136 + | 123 + |
| 137 static PRInt32 | 124 static PRInt32 |
| 138 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append, | 125 ssl3_ClientSendNextProtoNegoXtn(sslSocket * ss, PRBool append, |
| 139 PRUint32 maxBytes) | 126 PRUint32 maxBytes) |
| 140 @@ -664,6 +713,44 @@ ssl3_ClientSendNextProtoNegoXtn(sslSocke | 127 @@ -672,6 +721,71 @@ |
| 141 } else if (maxBytes < extension_length) { | 128 return -1; |
| 142 » return 0; | 129 } |
| 143 } | 130 |
| 144 + | |
| 145 + return extension_length; | |
| 146 + | |
| 147 +loser: | |
| 148 + return -1; | |
| 149 +} | |
| 150 + | |
| 151 +static PRInt32 | 131 +static PRInt32 |
| 152 +ssl3_ClientSendAppProtoXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) | 132 +ssl3_ClientSendAppProtoXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) |
| 153 +{ | 133 +{ |
| 154 + PRInt32 extension_length; | 134 + PRInt32 extension_length; |
| 135 + unsigned char *alpn_protos = NULL; |
| 155 + | 136 + |
| 156 + /* Renegotiations do not send this extension. */ | 137 + /* Renegotiations do not send this extension. */ |
| 157 + if (!ss->opt.nextProtoNego.data || ss->firstHsDone) { | 138 + if (!ss->opt.nextProtoNego.data || ss->firstHsDone) { |
| 158 + return 0; | 139 + return 0; |
| 159 + } | 140 + } |
| 160 + | 141 + |
| 161 + extension_length = 2 /* extension type */ + 2 /* extension length */ + | 142 + extension_length = 2 /* extension type */ + 2 /* extension length */ + |
| 162 + 2 /* protocol name list length */ + | 143 + 2 /* protocol name list length */ + |
| 163 + ss->opt.nextProtoNego.len; | 144 + ss->opt.nextProtoNego.len; |
| 164 + | 145 + |
| 165 + if (append && maxBytes >= extension_length) { | 146 + if (append && maxBytes >= extension_length) { |
| 147 + /* NPN requires that the client's fallback protocol is first in the |
| 148 + * list. However, ALPN sends protocols in preference order. So we |
| 149 + * allocate a buffer and move the first protocol to the end of the |
| 150 + * list. */ |
| 166 + SECStatus rv; | 151 + SECStatus rv; |
| 152 + const size_t len = ss->opt.nextProtoNego.len; |
| 153 + size_t i; |
| 154 + |
| 155 + alpn_protos = PORT_Alloc(len); |
| 156 + if (alpn_protos == NULL) { |
| 157 + return SECFailure; |
| 158 + } |
| 159 + if (len > 0) { |
| 160 + /* Each protocol string is prefixed with a single byte length. */ |
| 161 + i = ss->opt.nextProtoNego.data[0] + 1; |
| 162 + if (i <= len) { |
| 163 + memcpy(alpn_protos, &ss->opt.nextProtoNego.data[i], len - i); |
| 164 + memcpy(alpn_protos + len-i, ss->opt.nextProtoNego.data, i); |
| 165 + } else { |
| 166 + /* This seems to be invalid data so we'll send as-is. */ |
| 167 + memcpy(alpn_protos, ss->opt.nextProtoNego.data, len); |
| 168 + } |
| 169 + } |
| 170 + |
| 167 + rv = ssl3_AppendHandshakeNumber(ss, ssl_app_layer_protocol_xtn, 2); | 171 + rv = ssl3_AppendHandshakeNumber(ss, ssl_app_layer_protocol_xtn, 2); |
| 168 + if (rv != SECSuccess) | 172 + if (rv != SECSuccess) |
| 169 + goto loser; | 173 + goto loser; |
| 170 + rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); | 174 + rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); |
| 171 + if (rv != SECSuccess) | 175 + if (rv != SECSuccess) |
| 172 + goto loser; | 176 + goto loser; |
| 173 +» rv = ssl3_AppendHandshakeVariable(ss, ss->opt.nextProtoNego.data, | 177 +» rv = ssl3_AppendHandshakeVariable(ss, alpn_protos, len, 2); |
| 174 +» » » » » ss->opt.nextProtoNego.len, 2); | 178 +» PORT_Free(alpn_protos); |
| 179 +» alpn_protos = NULL; |
| 175 + if (rv != SECSuccess) | 180 + if (rv != SECSuccess) |
| 176 + goto loser; | 181 + goto loser; |
| 177 + ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | 182 + ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
| 178 + ssl_app_layer_protocol_xtn; | 183 + ssl_app_layer_protocol_xtn; |
| 179 + } else if (maxBytes < extension_length) { | 184 + } else if (maxBytes < extension_length) { |
| 180 + return 0; | 185 + return 0; |
| 181 + } | 186 + } |
| 182 | 187 + |
| 183 return extension_length; | 188 + return extension_length; |
| 184 | 189 + |
| 190 +loser: |
| 191 + if (alpn_protos) |
| 192 +» PORT_Free(alpn_protos); |
| 193 + return -1; |
| 194 +} |
| 195 + |
| 196 static SECStatus |
| 197 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, |
| 198 » » » SECItem *data) |
| 185 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h | 199 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h |
| 186 --- a/nss/lib/ssl/ssl.h 2013-07-31 14:10:35.113325316 -0700 | 200 --- a/nss/lib/ssl/ssl.h 2013-07-31 14:10:35.113325316 -0700 |
| 187 +++ b/nss/lib/ssl/ssl.h 2013-07-31 14:28:56.589496647 -0700 | 201 +++ b/nss/lib/ssl/ssl.h 2013-07-31 14:28:56.589496647 -0700 |
| 188 @@ -203,6 +203,11 @@ SSL_IMPORT SECStatus SSL_SetNextProtoCal | 202 @@ -203,6 +203,11 @@ SSL_IMPORT SECStatus SSL_SetNextProtoCal |
| 189 * protocol in server-preference order. If no matching protocol is found it | 203 * protocol in server-preference order. If no matching protocol is found it |
| 190 * selects the first supported protocol. | 204 * selects the first supported protocol. |
| 191 * | 205 * |
| 192 + * Using this function also allows the client to transparently support ALPN. | 206 + * Using this function also allows the client to transparently support ALPN. |
| 193 + * The same set of protocols will be advertised via ALPN and, if the server | 207 + * The same set of protocols will be advertised via ALPN and, if the server |
| 194 + * uses ALPN to select a protocol, SSL_GetNextProto will return | 208 + * uses ALPN to select a protocol, SSL_GetNextProto will return |
| (...skipping 23 matching lines...) Expand all Loading... |
| 218 ssl_session_ticket_xtn = 35, | 232 ssl_session_ticket_xtn = 35, |
| 219 ssl_next_proto_nego_xtn = 13172, | 233 ssl_next_proto_nego_xtn = 13172, |
| 220 ssl_channel_id_xtn = 30031, | 234 ssl_channel_id_xtn = 30031, |
| 221 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ | 235 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ |
| 222 } SSLExtensionType; | 236 } SSLExtensionType; |
| 223 | 237 |
| 224 -#define SSL_MAX_EXTENSIONS 10 | 238 -#define SSL_MAX_EXTENSIONS 10 |
| 225 +#define SSL_MAX_EXTENSIONS 11 | 239 +#define SSL_MAX_EXTENSIONS 11 |
| 226 | 240 |
| 227 #endif /* __sslt_h_ */ | 241 #endif /* __sslt_h_ */ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 22237002:
NSS: move the first protocol to the end of the ALPN extension. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src