| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <utility> | 10 #include <utility> |
| 11 | 11 |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/callback_helpers.h" | 13 #include "base/callback_helpers.h" |
| 14 #include "base/feature_list.h" |
| 14 #include "base/lazy_instance.h" | 15 #include "base/lazy_instance.h" |
| 15 #include "base/macros.h" | 16 #include "base/macros.h" |
| 16 #include "base/memory/singleton.h" | 17 #include "base/memory/singleton.h" |
| 17 #include "base/metrics/field_trial.h" | 18 #include "base/metrics/field_trial.h" |
| 18 #include "base/metrics/histogram_macros.h" | 19 #include "base/metrics/histogram_macros.h" |
| 19 #include "base/metrics/sparse_histogram.h" | 20 #include "base/metrics/sparse_histogram.h" |
| 20 #include "base/profiler/scoped_tracker.h" | 21 #include "base/profiler/scoped_tracker.h" |
| 21 #include "base/strings/string_number_conversions.h" | 22 #include "base/strings/string_number_conversions.h" |
| 22 #include "base/strings/string_piece.h" | 23 #include "base/strings/string_piece.h" |
| 23 #include "base/synchronization/lock.h" | 24 #include "base/synchronization/lock.h" |
| (...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 209 if (base::StringToInt(base::FieldTrialList::FindFullName(field_trial), | 210 if (base::StringToInt(base::FieldTrialList::FindFullName(field_trial), |
| 210 &override_buffer_size)) { | 211 &override_buffer_size)) { |
| 211 buffer_size = override_buffer_size; | 212 buffer_size = override_buffer_size; |
| 212 buffer_size = std::max(buffer_size, 1000); | 213 buffer_size = std::max(buffer_size, 1000); |
| 213 buffer_size = std::min(buffer_size, 2 * kDefaultOpenSSLBufferSize); | 214 buffer_size = std::min(buffer_size, 2 * kDefaultOpenSSLBufferSize); |
| 214 } | 215 } |
| 215 #endif // !defined(OS_NACL) | 216 #endif // !defined(OS_NACL) |
| 216 return buffer_size; | 217 return buffer_size; |
| 217 } | 218 } |
| 218 | 219 |
| 220 #if defined(OS_NACL) |
| 221 bool AreLegacyECDSACiphersEnabled() { |
| 222 return false; |
| 223 } |
| 224 #else |
| 225 // TODO(davidben): Remove this after the ECDSA CBC removal sticks. |
| 226 // https:/crbug.com/666191. |
| 227 const base::Feature kLegacyECDSACiphersFeature{ |
| 228 "SSLLegacyECDSACiphers", base::FEATURE_DISABLED_BY_DEFAULT}; |
| 229 |
| 230 bool AreLegacyECDSACiphersEnabled() { |
| 231 return base::FeatureList::IsEnabled(kLegacyECDSACiphersFeature); |
| 232 } |
| 233 #endif |
| 234 |
| 219 } // namespace | 235 } // namespace |
| 220 | 236 |
| 221 class SSLClientSocketImpl::SSLContext { | 237 class SSLClientSocketImpl::SSLContext { |
| 222 public: | 238 public: |
| 223 static SSLContext* GetInstance() { | 239 static SSLContext* GetInstance() { |
| 224 return base::Singleton<SSLContext>::get(); | 240 return base::Singleton<SSLContext>::get(); |
| 225 } | 241 } |
| 226 SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); } | 242 SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); } |
| 227 SSLClientSessionCache* session_cache() { return &session_cache_; } | 243 SSLClientSessionCache* session_cache() { return &session_cache_; } |
| 228 | 244 |
| (...skipping 707 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 936 "CECPQ1-RSA-CHACHA20-POLY1305-SHA256:" | 952 "CECPQ1-RSA-CHACHA20-POLY1305-SHA256:" |
| 937 "CECPQ1-ECDSA-CHACHA20-POLY1305-SHA256:"); | 953 "CECPQ1-ECDSA-CHACHA20-POLY1305-SHA256:"); |
| 938 if (!EVP_has_aes_hardware()) { | 954 if (!EVP_has_aes_hardware()) { |
| 939 command.append( | 955 command.append( |
| 940 "CECPQ1-RSA-AES256-GCM-SHA384:" | 956 "CECPQ1-RSA-AES256-GCM-SHA384:" |
| 941 "CECPQ1-ECDSA-AES256-GCM-SHA384:"); | 957 "CECPQ1-ECDSA-AES256-GCM-SHA384:"); |
| 942 } | 958 } |
| 943 } | 959 } |
| 944 | 960 |
| 945 // Use BoringSSL defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers | 961 // Use BoringSSL defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers |
| 946 // (note that SHA256 and SHA384 only select legacy CBC ciphers). Additionally | 962 // (note that SHA256 and SHA384 only select legacy CBC ciphers). Also disable |
| 947 // disable HMAC-SHA1 ciphers in ECDSA. Also disable | |
| 948 // DHE_RSA_WITH_AES_256_GCM_SHA384. Historically, AES_256_GCM was not | 963 // DHE_RSA_WITH_AES_256_GCM_SHA384. Historically, AES_256_GCM was not |
| 949 // supported. As DHE is being deprecated, don't add a cipher only to remove it | 964 // supported. As DHE is being deprecated, don't add a cipher only to remove |
| 950 // immediately. | 965 // it immediately. |
| 951 // | 966 // |
| 952 // TODO(davidben): Remove the DHE_RSA_WITH_AES_256_GCM_SHA384 exclusion when | 967 // TODO(davidben): Remove the DHE_RSA_WITH_AES_256_GCM_SHA384 exclusion when |
| 953 // the DHEEnabled administrative policy expires. | 968 // the DHEEnabled administrative policy expires. |
| 954 command.append( | 969 command.append("ALL:!SHA256:!SHA384:!DHE-RSA-AES256-GCM-SHA384:!aPSK:!RC4"); |
| 955 "ALL:!SHA256:!SHA384:!ECDSA+SHA1:!DHE-RSA-AES256-GCM-SHA384:!aPSK:!RC4"); | |
| 956 | 970 |
| 957 if (ssl_config_.require_ecdhe) | 971 if (ssl_config_.require_ecdhe) |
| 958 command.append(":!kRSA:!kDHE"); | 972 command.append(":!kRSA:!kDHE"); |
| 959 | 973 |
| 960 if (!ssl_config_.deprecated_cipher_suites_enabled) { | 974 if (!ssl_config_.deprecated_cipher_suites_enabled) { |
| 961 // Only offer DHE on the second handshake. https://crbug.com/538690 | 975 // Only offer DHE on the second handshake. https://crbug.com/538690 |
| 962 command.append(":!kDHE"); | 976 command.append(":!kDHE"); |
| 963 } | 977 } |
| 964 | 978 |
| 979 // Additionally disable HMAC-SHA1 ciphers in ECDSA. These are the remaining |
| 980 // CBC-mode ECDSA ciphers. |
| 981 if (!AreLegacyECDSACiphersEnabled()) |
| 982 command.append("!ECDSA+SHA1"); |
| 983 |
| 965 // Remove any disabled ciphers. | 984 // Remove any disabled ciphers. |
| 966 for (uint16_t id : ssl_config_.disabled_cipher_suites) { | 985 for (uint16_t id : ssl_config_.disabled_cipher_suites) { |
| 967 const SSL_CIPHER* cipher = SSL_get_cipher_by_value(id); | 986 const SSL_CIPHER* cipher = SSL_get_cipher_by_value(id); |
| 968 if (cipher) { | 987 if (cipher) { |
| 969 command.append(":!"); | 988 command.append(":!"); |
| 970 command.append(SSL_CIPHER_get_name(cipher)); | 989 command.append(SSL_CIPHER_get_name(cipher)); |
| 971 } | 990 } |
| 972 } | 991 } |
| 973 | 992 |
| 974 int rv = SSL_set_cipher_list(ssl_.get(), command.c_str()); | 993 int rv = SSL_set_cipher_list(ssl_.get(), command.c_str()); |
| (...skipping 1025 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2000 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && | 2019 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && |
| 2001 !certificate_requested_) { | 2020 !certificate_requested_) { |
| 2002 net_error = ERR_SSL_PROTOCOL_ERROR; | 2021 net_error = ERR_SSL_PROTOCOL_ERROR; |
| 2003 } | 2022 } |
| 2004 } | 2023 } |
| 2005 | 2024 |
| 2006 return net_error; | 2025 return net_error; |
| 2007 } | 2026 } |
| 2008 | 2027 |
| 2009 } // namespace net | 2028 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2510633003:
Add an escape hatch for the ECDSA CBC cipher removal. (Closed)
