| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * SSL3 Protocol | 2 * SSL3 Protocol |
| 3 * | 3 * |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 7 | 7 |
| 8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
| 9 | 9 |
| 10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
| (...skipping 2288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2299 } | 2299 } |
| 2300 | 2300 |
| 2301 unsigned int | 2301 unsigned int |
| 2302 ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength) | 2302 ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength) |
| 2303 { | 2303 { |
| 2304 unsigned int recordLength = 1 /* handshake message type */ + | 2304 unsigned int recordLength = 1 /* handshake message type */ + |
| 2305 3 /* handshake message length */ + | 2305 3 /* handshake message length */ + |
| 2306 clientHelloLength; | 2306 clientHelloLength; |
| 2307 unsigned int extensionLength; | 2307 unsigned int extensionLength; |
| 2308 | 2308 |
| 2309 if (recordLength < 256 || recordLength >= 512) { | 2309 /* This condition should be: |
| 2310 * if (recordLength < 256 || recordLength >= 512) { |
| 2311 * It has been changed, temporarily, to test whether 512 byte ClientHellos |
| 2312 * are a compatibility problem. */ |
| 2313 if (recordLength >= 512) { |
| 2310 return 0; | 2314 return 0; |
| 2311 } | 2315 } |
| 2312 | 2316 |
| 2313 extensionLength = 512 - recordLength; | 2317 extensionLength = 512 - recordLength; |
| 2314 /* Extensions take at least four bytes to encode. */ | 2318 /* Extensions take at least four bytes to encode. */ |
| 2315 if (extensionLength < 4) { | 2319 if (extensionLength < 4) { |
| 2316 extensionLength = 4; | 2320 extensionLength = 4; |
| 2317 } | 2321 } |
| 2318 | 2322 |
| 2319 return extensionLength; | 2323 return extensionLength; |
| 2320 } | 2324 } |
| 2321 | 2325 |
| 2322 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a | 2326 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a |
| 2323 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures | 2327 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures |
| 2324 * that we don't trigger bugs in F5 products. */ | 2328 * that we don't trigger bugs in F5 products. */ |
| 2325 PRInt32 | 2329 PRInt32 |
| 2326 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 2330 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
| 2327 PRUint32 maxBytes) | 2331 PRUint32 maxBytes) |
| 2328 { | 2332 { |
| 2329 unsigned int paddingLen = extensionLen - 4; | 2333 unsigned int paddingLen = extensionLen - 4; |
| 2330 unsigned char padding[256]; | 2334 unsigned char padding[512]; |
| 2331 | 2335 |
| 2332 if (extensionLen == 0) { | 2336 if (extensionLen == 0) { |
| 2333 return 0; | 2337 return 0; |
| 2334 } | 2338 } |
| 2335 | 2339 |
| 2336 if (extensionLen < 4 || | 2340 if (extensionLen < 4 || |
| 2337 extensionLen > maxBytes || | 2341 extensionLen > maxBytes || |
| 2338 paddingLen > sizeof(padding)) { | 2342 paddingLen > sizeof(padding)) { |
| 2339 PORT_Assert(0); | 2343 PORT_Assert(0); |
| 2340 return -1; | 2344 return -1; |
| 2341 } | 2345 } |
| 2342 | 2346 |
| 2343 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) | 2347 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) |
| 2344 return -1; | 2348 return -1; |
| 2345 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) | 2349 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) |
| 2346 return -1; | 2350 return -1; |
| 2347 memset(padding, ' ', paddingLen); | 2351 memset(padding, ' ', paddingLen); |
| 2348 if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) | 2352 if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) |
| 2349 return -1; | 2353 return -1; |
| 2350 | 2354 |
| 2351 return extensionLen; | 2355 return extensionLen; |
| 2352 } | 2356 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 62443004:
net: add padding extension to all handshakes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src