OLD | NEW |
---|---|
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 613 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
624 if ((sizeof *x) == sizeof(PRInt32)) { | 624 if ((sizeof *x) == sizeof(PRInt32)) { |
625 PR_ATOMIC_INCREMENT((PRInt32 *)x); | 625 PR_ATOMIC_INCREMENT((PRInt32 *)x); |
626 } else { | 626 } else { |
627 tooLong * tl = (tooLong *)x; | 627 tooLong * tl = (tooLong *)x; |
628 if (PR_ATOMIC_INCREMENT(&tl->low) == 0) | 628 if (PR_ATOMIC_INCREMENT(&tl->low) == 0) |
629 PR_ATOMIC_INCREMENT(&tl->high); | 629 PR_ATOMIC_INCREMENT(&tl->high); |
630 } | 630 } |
631 } | 631 } |
632 | 632 |
633 static PRBool | 633 static PRBool |
634 ssl3_CipherSuiteAllowedForVersion(ssl3CipherSuite cipherSuite, | 634 ssl3_CipherSuiteAllowedForVersionRange( |
635 » » » » SSL3ProtocolVersion version) | 635 ssl3CipherSuite cipherSuite, |
636 SSLVersionRange vrange) | |
wtc
2013/09/25 00:42:14
Nit: use const SSLVersionRange *vrange ?
I know S
agl
2013/09/25 16:21:53
Done.
| |
636 { | 637 { |
637 switch (cipherSuite) { | 638 switch (cipherSuite) { |
638 /* See RFC 4346 A.5. Export cipher suites must not be used in TLS 1.1 or | 639 /* See RFC 4346 A.5. Export cipher suites must not be used in TLS 1.1 or |
639 * later. This set of cipher suites is similar to, but different from, the | 640 * later. This set of cipher suites is similar to, but different from, the |
640 * set of cipher suites considered exportable by SSL_IsExportCipherSuite. | 641 * set of cipher suites considered exportable by SSL_IsExportCipherSuite. |
641 */ | 642 */ |
642 case SSL_RSA_EXPORT_WITH_RC4_40_MD5: | 643 case SSL_RSA_EXPORT_WITH_RC4_40_MD5: |
643 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: | 644 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: |
644 /* SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented | 645 /* SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
645 * SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented | 646 * SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
646 * SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented | 647 * SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
647 * SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented | 648 * SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: never implemented |
648 * SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented | 649 * SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: never implemented |
649 * SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5: never implemented | 650 * SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5: never implemented |
650 * SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: never implemented | 651 * SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: never implemented |
651 */ | 652 */ |
652 » return version <= SSL_LIBRARY_VERSION_TLS_1_0; | 653 » return vrange.min <= SSL_LIBRARY_VERSION_TLS_1_0; |
654 case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: | |
655 case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: | |
653 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: | 656 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: |
654 case TLS_RSA_WITH_AES_256_CBC_SHA256: | 657 case TLS_RSA_WITH_AES_256_CBC_SHA256: |
655 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: | 658 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: |
656 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: | 659 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: |
657 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: | 660 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: |
658 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: | 661 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: |
659 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: | 662 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: |
660 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: | 663 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: |
661 case TLS_RSA_WITH_AES_128_CBC_SHA256: | 664 case TLS_RSA_WITH_AES_128_CBC_SHA256: |
662 case TLS_RSA_WITH_AES_128_GCM_SHA256: | 665 case TLS_RSA_WITH_AES_128_GCM_SHA256: |
663 case TLS_RSA_WITH_NULL_SHA256: | 666 case TLS_RSA_WITH_NULL_SHA256: |
664 » return version >= SSL_LIBRARY_VERSION_TLS_1_2; | 667 » return vrange.max >= SSL_LIBRARY_VERSION_TLS_1_2; |
665 default: | 668 default: |
666 return PR_TRUE; | 669 return PR_TRUE; |
667 } | 670 } |
668 } | 671 } |
669 | 672 |
670 /* return pointer to ssl3CipherSuiteDef for suite, or NULL */ | 673 /* return pointer to ssl3CipherSuiteDef for suite, or NULL */ |
671 /* XXX This does a linear search. A binary search would be better. */ | 674 /* XXX This does a linear search. A binary search would be better. */ |
672 static const ssl3CipherSuiteDef * | 675 static const ssl3CipherSuiteDef * |
673 ssl_LookupCipherSuiteDef(ssl3CipherSuite suite) | 676 ssl_LookupCipherSuiteDef(ssl3CipherSuite suite) |
674 { | 677 { |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
797 } | 800 } |
798 } | 801 } |
799 PORT_Assert(numPresent > 0 || numEnabled == 0); | 802 PORT_Assert(numPresent > 0 || numEnabled == 0); |
800 if (numPresent <= 0) { | 803 if (numPresent <= 0) { |
801 PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED); | 804 PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED); |
802 } | 805 } |
803 return numPresent; | 806 return numPresent; |
804 } | 807 } |
805 | 808 |
806 | 809 |
807 /* return PR_TRUE if suite matches policy and enabled state */ | 810 /* return PR_TRUE if suite matches policy, enabled state and is applicable to |
811 * the given version range. */ | |
808 /* It would be a REALLY BAD THING (tm) if we ever permitted the use | 812 /* It would be a REALLY BAD THING (tm) if we ever permitted the use |
809 ** of a cipher that was NOT_ALLOWED. So, if this is ever called with | 813 ** of a cipher that was NOT_ALLOWED. So, if this is ever called with |
810 ** policy == SSL_NOT_ALLOWED, report no match. | 814 ** policy == SSL_NOT_ALLOWED, report no match. |
811 */ | 815 */ |
812 /* adjust suite enabled to the availability of a token that can do the | 816 /* adjust suite enabled to the availability of a token that can do the |
813 * cipher suite. */ | 817 * cipher suite. */ |
814 static PRBool | 818 static PRBool |
815 config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled) | 819 config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled, |
820 » SSLVersionRange vrange) | |
816 { | 821 { |
817 PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE); | 822 PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE); |
818 if (policy == SSL_NOT_ALLOWED || !enabled) | 823 if (policy == SSL_NOT_ALLOWED || !enabled) |
819 return PR_FALSE; | 824 return PR_FALSE; |
820 return (PRBool)(suite->enabled && | 825 return (PRBool)(suite->enabled && |
821 suite->isPresent && | 826 suite->isPresent && |
822 suite->policy != SSL_NOT_ALLOWED && | 827 suite->policy != SSL_NOT_ALLOWED && |
823 » » suite->policy <= policy); | 828 » » suite->policy <= policy && |
829 » » ssl3_CipherSuiteAllowedForVersionRange( | |
830 suite->cipher_suite, vrange)); | |
824 } | 831 } |
825 | 832 |
826 /* return number of cipher suites that match policy and enabled state */ | 833 /* return number of cipher suites that match policy, enabled state and are |
834 * applicable for the given protocol version. */ | |
wtc
2013/09/25 00:42:14
"the given protocol version" is wrong because this
agl
2013/09/25 16:21:53
Done.
| |
827 /* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */ | 835 /* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */ |
828 static int | 836 static int |
829 count_cipher_suites(sslSocket *ss, int policy, PRBool enabled) | 837 count_cipher_suites(sslSocket *ss, int policy, PRBool enabled) |
830 { | 838 { |
831 int i, count = 0; | 839 int i, count = 0; |
832 | 840 |
833 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { | 841 if (SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { |
834 return 0; | 842 return 0; |
835 } | 843 } |
836 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { | 844 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
837 » if (config_match(&ss->cipherSuites[i], policy, enabled)) | 845 » if (config_match(&ss->cipherSuites[i], policy, enabled, ss->vrange)) |
838 count++; | 846 count++; |
839 } | 847 } |
840 if (count <= 0) { | 848 if (count <= 0) { |
841 PORT_SetError(SSL_ERROR_SSL_DISABLED); | 849 PORT_SetError(SSL_ERROR_SSL_DISABLED); |
842 } | 850 } |
843 return count; | 851 return count; |
844 } | 852 } |
845 | 853 |
846 /* | 854 /* |
847 * Null compression, mac and encryption functions | 855 * Null compression, mac and encryption functions |
(...skipping 4439 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
5287 /* Add the actual SCSV */ | 5295 /* Add the actual SCSV */ |
5288 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, | 5296 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, |
5289 sizeof(ssl3CipherSuite)); | 5297 sizeof(ssl3CipherSuite)); |
5290 if (rv != SECSuccess) { | 5298 if (rv != SECSuccess) { |
5291 return rv; /* err set by ssl3_AppendHandshake* */ | 5299 return rv; /* err set by ssl3_AppendHandshake* */ |
5292 } | 5300 } |
5293 actual_count++; | 5301 actual_count++; |
5294 } | 5302 } |
5295 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { | 5303 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
5296 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; | 5304 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; |
5297 » if (config_match(suite, ss->ssl3.policy, PR_TRUE)) { | 5305 » if (config_match(suite, ss->ssl3.policy, PR_TRUE, ss->vrange)) { |
5298 actual_count++; | 5306 actual_count++; |
5299 if (actual_count > num_suites) { | 5307 if (actual_count > num_suites) { |
5300 /* set error card removal/insertion error */ | 5308 /* set error card removal/insertion error */ |
5301 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); | 5309 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); |
5302 return SECFailure; | 5310 return SECFailure; |
5303 } | 5311 } |
5304 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, | 5312 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, |
5305 sizeof(ssl3CipherSuite)); | 5313 sizeof(ssl3CipherSuite)); |
5306 if (rv != SECSuccess) { | 5314 if (rv != SECSuccess) { |
5307 return rv; /* err set by ssl3_AppendHandshake* */ | 5315 return rv; /* err set by ssl3_AppendHandshake* */ |
(...skipping 1044 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
6352 | 6360 |
6353 /* find selected cipher suite in our list. */ | 6361 /* find selected cipher suite in our list. */ |
6354 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length); | 6362 temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length); |
6355 if (temp < 0) { | 6363 if (temp < 0) { |
6356 goto loser; /* alert has been sent */ | 6364 goto loser; /* alert has been sent */ |
6357 } | 6365 } |
6358 ssl3_config_match_init(ss); | 6366 ssl3_config_match_init(ss); |
6359 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { | 6367 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
6360 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; | 6368 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; |
6361 if (temp == suite->cipher_suite) { | 6369 if (temp == suite->cipher_suite) { |
6362 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE)) { | 6370 » SSLVersionRange vrange = {ss->version, ss->version}; |
6371 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE, vrange)) { | |
6363 break; /* failure */ | 6372 break; /* failure */ |
6364 } | 6373 } |
6365 if (!ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, | |
6366 ss->version)) { | |
6367 desc = handshake_failure; | |
6368 errCode = SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION; | |
wtc
2013/09/25 00:42:14
Hmm... this change causes us to lose the more info
agl
2013/09/25 16:21:53
Done.
| |
6369 goto alert_loser; | |
6370 } | |
6371 | 6374 |
6372 suite_found = PR_TRUE; | 6375 suite_found = PR_TRUE; |
6373 break; /* success */ | 6376 break; /* success */ |
6374 } | 6377 } |
6375 } | 6378 } |
6376 if (!suite_found) { | 6379 if (!suite_found) { |
6377 desc = handshake_failure; | 6380 desc = handshake_failure; |
6378 errCode = SSL_ERROR_NO_CYPHER_OVERLAP; | 6381 errCode = SSL_ERROR_NO_CYPHER_OVERLAP; |
6379 goto alert_loser; | 6382 goto alert_loser; |
6380 } | 6383 } |
(...skipping 1620 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
8001 goto alert_loser; | 8004 goto alert_loser; |
8002 } | 8005 } |
8003 #endif | 8006 #endif |
8004 | 8007 |
8005 /* If we already have a session for this client, be sure to pick the | 8008 /* If we already have a session for this client, be sure to pick the |
8006 ** same cipher suite and compression method we picked before. | 8009 ** same cipher suite and compression method we picked before. |
8007 ** This is not a loop, despite appearances. | 8010 ** This is not a loop, despite appearances. |
8008 */ | 8011 */ |
8009 if (sid) do { | 8012 if (sid) do { |
8010 ssl3CipherSuiteCfg *suite; | 8013 ssl3CipherSuiteCfg *suite; |
8014 #ifdef PARANOID | |
8015 SSLVersionRange vrange = {ss->version, ss->version}; | |
8016 #endif | |
8011 | 8017 |
8012 /* Check that the cached compression method is still enabled. */ | 8018 /* Check that the cached compression method is still enabled. */ |
8013 if (!compressionEnabled(ss, sid->u.ssl3.compression)) | 8019 if (!compressionEnabled(ss, sid->u.ssl3.compression)) |
8014 break; | 8020 break; |
8015 | 8021 |
8016 /* Check that the cached compression method is in the client's list */ | 8022 /* Check that the cached compression method is in the client's list */ |
8017 for (i = 0; i < comps.len; i++) { | 8023 for (i = 0; i < comps.len; i++) { |
8018 if (comps.data[i] == sid->u.ssl3.compression) | 8024 if (comps.data[i] == sid->u.ssl3.compression) |
8019 break; | 8025 break; |
8020 } | 8026 } |
8021 if (i == comps.len) | 8027 if (i == comps.len) |
8022 break; | 8028 break; |
8023 | 8029 |
8024 suite = ss->cipherSuites; | 8030 suite = ss->cipherSuites; |
8025 /* Find the entry for the cipher suite used in the cached session. */ | 8031 /* Find the entry for the cipher suite used in the cached session. */ |
8026 for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) { | 8032 for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) { |
8027 if (suite->cipher_suite == sid->u.ssl3.cipherSuite) | 8033 if (suite->cipher_suite == sid->u.ssl3.cipherSuite) |
8028 break; | 8034 break; |
8029 } | 8035 } |
8030 PORT_Assert(j > 0); | 8036 PORT_Assert(j > 0); |
8031 if (j <= 0) | 8037 if (j <= 0) |
8032 break; | 8038 break; |
8033 #ifdef PARANOID | 8039 #ifdef PARANOID |
8034 /* Double check that the cached cipher suite is still enabled, | 8040 /* Double check that the cached cipher suite is still enabled, |
8035 * implemented, and allowed by policy. Might have been disabled. | 8041 * implemented, and allowed by policy. Might have been disabled. |
8036 * The product policy won't change during the process lifetime. | 8042 * The product policy won't change during the process lifetime. |
8037 * Implemented ("isPresent") shouldn't change for servers. | 8043 * Implemented ("isPresent") shouldn't change for servers. |
8038 */ | 8044 */ |
8039 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE)) | 8045 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE, vrange)) |
8040 break; | 8046 break; |
8041 #else | 8047 #else |
8042 if (!suite->enabled) | 8048 if (!suite->enabled) |
8043 break; | 8049 break; |
8044 #endif | 8050 #endif |
8045 /* Double check that the cached cipher suite is in the client's list */ | 8051 /* Double check that the cached cipher suite is in the client's list */ |
8046 for (i = 0; i + 1 < suites.len; i += 2) { | 8052 for (i = 0; i + 1 < suites.len; i += 2) { |
8047 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1]; | 8053 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1]; |
8048 if (suite_i == suite->cipher_suite) { | 8054 if (suite_i == suite->cipher_suite) { |
8049 ss->ssl3.hs.cipher_suite = suite->cipher_suite; | 8055 ss->ssl3.hs.cipher_suite = suite->cipher_suite; |
(...skipping 27 matching lines...) Expand all Loading... | |
8077 ** offered TLS 1.1 but offered only export cipher suites by choosing TLS | 8083 ** offered TLS 1.1 but offered only export cipher suites by choosing TLS |
8078 ** 1.0 and selecting one of those export cipher suites. However, a secure | 8084 ** 1.0 and selecting one of those export cipher suites. However, a secure |
8079 ** TLS 1.1 client should not have export cipher suites enabled at all, | 8085 ** TLS 1.1 client should not have export cipher suites enabled at all, |
8080 ** and a TLS 1.1 client should definitely not be offering *only* export | 8086 ** and a TLS 1.1 client should definitely not be offering *only* export |
8081 ** cipher suites. Therefore, we refuse to negotiate export cipher suites | 8087 ** cipher suites. Therefore, we refuse to negotiate export cipher suites |
8082 ** with any client that indicates support for TLS 1.1 or higher when we | 8088 ** with any client that indicates support for TLS 1.1 or higher when we |
8083 ** (the server) have TLS 1.1 support enabled. | 8089 ** (the server) have TLS 1.1 support enabled. |
8084 */ | 8090 */ |
8085 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { | 8091 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { |
8086 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; | 8092 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; |
8087 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE) || | 8093 » SSLVersionRange vrange = {ss->version, ss->version}; |
8088 » !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, | 8094 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE, vrange)) { |
8089 » » » » » ss->version)) { | |
8090 continue; | 8095 continue; |
8091 } | 8096 } |
8092 for (i = 0; i + 1 < suites.len; i += 2) { | 8097 for (i = 0; i + 1 < suites.len; i += 2) { |
8093 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1]; | 8098 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1]; |
8094 if (suite_i == suite->cipher_suite) { | 8099 if (suite_i == suite->cipher_suite) { |
8095 ss->ssl3.hs.cipher_suite = suite->cipher_suite; | 8100 ss->ssl3.hs.cipher_suite = suite->cipher_suite; |
8096 ss->ssl3.hs.suite_def = | 8101 ss->ssl3.hs.suite_def = |
8097 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite); | 8102 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite); |
8098 goto suite_found; | 8103 goto suite_found; |
8099 } | 8104 } |
(...skipping 512 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
8612 | 8617 |
8613 /* Select a cipher suite. | 8618 /* Select a cipher suite. |
8614 ** | 8619 ** |
8615 ** NOTE: This suite selection algorithm should be the same as the one in | 8620 ** NOTE: This suite selection algorithm should be the same as the one in |
8616 ** ssl3_HandleClientHello(). | 8621 ** ssl3_HandleClientHello(). |
8617 ** | 8622 ** |
8618 ** See the comments about export cipher suites in ssl3_HandleClientHello(). | 8623 ** See the comments about export cipher suites in ssl3_HandleClientHello(). |
8619 */ | 8624 */ |
8620 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { | 8625 for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { |
8621 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; | 8626 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; |
8622 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE) || | 8627 » SSLVersionRange vrange = {ss->version, ss->version}; |
8623 » !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, | 8628 » if (!config_match(suite, ss->ssl3.policy, PR_TRUE, vrange)) { |
8624 » » » » » ss->version)) { | |
8625 continue; | 8629 continue; |
8626 } | 8630 } |
8627 for (i = 0; i+2 < suite_length; i += 3) { | 8631 for (i = 0; i+2 < suite_length; i += 3) { |
8628 PRUint32 suite_i = (suites[i] << 16)|(suites[i+1] << 8)|suites[i+2]; | 8632 PRUint32 suite_i = (suites[i] << 16)|(suites[i+1] << 8)|suites[i+2]; |
8629 if (suite_i == suite->cipher_suite) { | 8633 if (suite_i == suite->cipher_suite) { |
8630 ss->ssl3.hs.cipher_suite = suite->cipher_suite; | 8634 ss->ssl3.hs.cipher_suite = suite->cipher_suite; |
8631 ss->ssl3.hs.suite_def = | 8635 ss->ssl3.hs.suite_def = |
8632 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite); | 8636 ssl_LookupCipherSuiteDef(ss->ssl3.hs.cipher_suite); |
8633 goto suite_found; | 8637 goto suite_found; |
8634 } | 8638 } |
(...skipping 3682 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
12317 return SECSuccess; | 12321 return SECSuccess; |
12318 } | 12322 } |
12319 if (cs == NULL) { | 12323 if (cs == NULL) { |
12320 *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE); | 12324 *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE); |
12321 return SECSuccess; | 12325 return SECSuccess; |
12322 } | 12326 } |
12323 | 12327 |
12324 /* ssl3_config_match_init was called by the caller of this function. */ | 12328 /* ssl3_config_match_init was called by the caller of this function. */ |
12325 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { | 12329 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
12326 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; | 12330 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; |
12327 » if (config_match(suite, SSL_ALLOWED, PR_TRUE)) { | 12331 » if (config_match(suite, SSL_ALLOWED, PR_TRUE, ss->vrange)) { |
12328 if (cs != NULL) { | 12332 if (cs != NULL) { |
12329 *cs++ = 0x00; | 12333 *cs++ = 0x00; |
12330 *cs++ = (suite->cipher_suite >> 8) & 0xFF; | 12334 *cs++ = (suite->cipher_suite >> 8) & 0xFF; |
12331 *cs++ = suite->cipher_suite & 0xFF; | 12335 *cs++ = suite->cipher_suite & 0xFF; |
12332 } | 12336 } |
12333 count++; | 12337 count++; |
12334 } | 12338 } |
12335 } | 12339 } |
12336 *size = count; | 12340 *size = count; |
12337 return SECSuccess; | 12341 return SECSuccess; |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
12455 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12459 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12456 } | 12460 } |
12457 } | 12461 } |
12458 | 12462 |
12459 ss->ssl3.initialized = PR_FALSE; | 12463 ss->ssl3.initialized = PR_FALSE; |
12460 | 12464 |
12461 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12465 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12462 } | 12466 } |
12463 | 12467 |
12464 /* End of ssl3con.c */ | 12468 /* End of ssl3con.c */ |
OLD | NEW |