Chromium Code Reviews Chromium Code Reviews
Issue 240633006:
Move signature_algorithm extension to the end in NSS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * SSL3 Protocol | 2 * SSL3 Protocol |
| 3 * | 3 * |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 7 | 7 |
| 8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
| 9 | 9 |
| 10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
| (...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 278 /* Tables of functions to format TLS hello extensions, one function per | 278 /* Tables of functions to format TLS hello extensions, one function per |
| 279 * extension. | 279 * extension. |
| 280 * These static tables are for the formatting of client hello extensions. | 280 * These static tables are for the formatting of client hello extensions. |
| 281 * The server's table of hello senders is dynamic, in the socket struct, | 281 * The server's table of hello senders is dynamic, in the socket struct, |
| 282 * and sender functions are registered there. | 282 * and sender functions are registered there. |
| 283 */ | 283 */ |
| 284 static const | 284 static const |
| 285 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { | 285 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { |
| 286 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 286 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
| 287 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 287 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
| 288 #ifdef NSS_ENABLE_ECC | |
| 289 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | |
| 290 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | |
| 291 #endif | |
| 292 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 288 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
| 293 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 289 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
| 294 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 290 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
| 295 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 291 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
| 296 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 292 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
| 297 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 293 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
| 298 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, | 294 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, |
| 299 { ssl_signed_certificate_timestamp_xtn, | 295 { ssl_signed_certificate_timestamp_xtn, |
| 300 &ssl3_ClientSendSignedCertTimestampXtn } | 296 &ssl3_ClientSendSignedCertTimestampXtn }, |
| 297 /* Some servers are intolerant to the last extension being zero-length. ECC | |
|
wtc
2014/04/22 21:50:49
Please replace "Some servers" with the name and ve
davidben
2014/04/28 19:52:26
Done.
| |
| 298 * extensions are non-empty and not dropped until fallback to SSL3, at which | |
| 299 * point all extensions are gone. */ | |
| 300 #ifdef NSS_ENABLE_ECC | |
| 301 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | |
| 302 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | |
| 303 #endif | |
| 301 /* any extra entries will appear as { 0, NULL } */ | 304 /* any extra entries will appear as { 0, NULL } */ |
| 302 }; | 305 }; |
| 303 | 306 |
| 304 static const | 307 static const |
| 305 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 308 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
| 306 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 309 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
| 307 /* any extra entries will appear as { 0, NULL } */ | 310 /* any extra entries will appear as { 0, NULL } */ |
| 308 }; | 311 }; |
| 309 | 312 |
| 310 static PRBool | 313 static PRBool |
| (...skipping 2029 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2340 unsigned int recordLength = 1 /* handshake message type */ + | 2343 unsigned int recordLength = 1 /* handshake message type */ + |
| 2341 3 /* handshake message length */ + | 2344 3 /* handshake message length */ + |
| 2342 clientHelloLength; | 2345 clientHelloLength; |
| 2343 unsigned int extensionLength; | 2346 unsigned int extensionLength; |
| 2344 | 2347 |
| 2345 if (recordLength < 256 || recordLength >= 512) { | 2348 if (recordLength < 256 || recordLength >= 512) { |
| 2346 return 0; | 2349 return 0; |
| 2347 } | 2350 } |
| 2348 | 2351 |
| 2349 extensionLength = 512 - recordLength; | 2352 extensionLength = 512 - recordLength; |
| 2350 /* Extensions take at least four bytes to encode. */ | 2353 /* Extensions take at least four bytes to encode. Always include at least |
| 2351 if (extensionLength < 4) { | 2354 * one byte of data if including the extension. Some servers are intolerant |
| 2352 » extensionLength = 4; | 2355 * to the last extension being empty. */ |
|
wtc
2014/04/22 21:50:49
Good catch! I missed this in my workaround for thi
| |
| 2356 if (extensionLength < 4 + 1) { | |
| 2357 » extensionLength = 4 + 1; | |
| 2353 } | 2358 } |
| 2354 | 2359 |
| 2355 return extensionLength; | 2360 return extensionLength; |
| 2356 } | 2361 } |
| 2357 | 2362 |
| 2358 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a | 2363 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a |
| 2359 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures | 2364 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures |
| 2360 * that we don't trigger bugs in F5 products. */ | 2365 * that we don't trigger bugs in F5 products. */ |
| 2361 PRInt32 | 2366 PRInt32 |
| 2362 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 2367 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2440 | 2445 |
| 2441 if (!data->len) { | 2446 if (!data->len) { |
| 2442 /* Empty extension data: RFC 6962 mandates non-empty contents. */ | 2447 /* Empty extension data: RFC 6962 mandates non-empty contents. */ |
| 2443 return SECFailure; | 2448 return SECFailure; |
| 2444 } | 2449 } |
| 2445 *scts = *data; | 2450 *scts = *data; |
| 2446 /* Keep track of negotiated extensions. */ | 2451 /* Keep track of negotiated extensions. */ |
| 2447 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 2452 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 2448 return SECSuccess; | 2453 return SECSuccess; |
| 2449 } | 2454 } |
| OLD | NEW |
