OLD | NEW |
1 diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
2 index 8b8b758..567d481 100644 | 2 index 8b8b758..882e356 100644 |
3 --- a/nss/lib/ssl/ssl3con.c | 3 --- a/nss/lib/ssl/ssl3con.c |
4 +++ b/nss/lib/ssl/ssl3con.c | 4 +++ b/nss/lib/ssl/ssl3con.c |
5 @@ -4975,6 +4975,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) | 5 @@ -4975,6 +4975,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
6 PRBool isTLS = PR_FALSE; | 6 PRBool isTLS = PR_FALSE; |
7 PRBool requestingResume = PR_FALSE; | 7 PRBool requestingResume = PR_FALSE; |
8 PRInt32 total_exten_len = 0; | 8 PRInt32 total_exten_len = 0; |
9 + unsigned paddingExtensionLen; | 9 + unsigned paddingExtensionLen; |
10 unsigned numCompressionMethods; | 10 unsigned numCompressionMethods; |
11 PRInt32 flags; | 11 PRInt32 flags; |
12 | 12 |
13 @@ -5241,6 +5242,20 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) | 13 @@ -5241,6 +5242,20 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
14 length += 1 + ss->ssl3.hs.cookieLen; | 14 length += 1 + ss->ssl3.hs.cookieLen; |
15 } | 15 } |
16 | 16 |
17 + /* A padding extension may be included to ensure that the record containing | 17 + /* A padding extension may be included to ensure that the record containing |
18 + * the ClientHello doesn't have a length between 256 and 511 bytes | 18 + * the ClientHello doesn't have a length between 256 and 511 bytes |
19 + * (inclusive). Initial, ClientHello records with such lengths trigger bugs | 19 + * (inclusive). Initial, ClientHello records with such lengths trigger bugs |
20 + * in F5 devices. | 20 + * in F5 devices. |
21 + * | 21 + * |
22 + * This is not done for DTLS nor for renegotiation. */ | 22 + * This is not done for DTLS nor for renegotiation. */ |
23 + if (!IS_DTLS(ss) && !ss->firstHsDone) { | 23 + if (!IS_DTLS(ss) && isTLS && !ss->firstHsDone) { |
24 + paddingExtensionLen = ssl3_CalculatePaddingExtensionLength(length); | 24 + paddingExtensionLen = ssl3_CalculatePaddingExtensionLength(length); |
25 + total_exten_len += paddingExtensionLen; | 25 + total_exten_len += paddingExtensionLen; |
26 + length += paddingExtensionLen; | 26 + length += paddingExtensionLen; |
27 + } else { | 27 + } else { |
28 + paddingExtensionLen = 0; | 28 + paddingExtensionLen = 0; |
29 + } | 29 + } |
30 + | 30 + |
31 rv = ssl3_AppendHandshakeHeader(ss, client_hello, length); | 31 rv = ssl3_AppendHandshakeHeader(ss, client_hello, length); |
32 if (rv != SECSuccess) { | 32 if (rv != SECSuccess) { |
33 return rv; /* err set by ssl3_AppendHandshake* */ | 33 return rv; /* err set by ssl3_AppendHandshake* */ |
34 @@ -5360,6 +5375,13 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) | 34 @@ -5360,6 +5375,13 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) |
35 return SECFailure; | 35 return SECFailure; |
36 } | 36 } |
37 maxBytes -= extLen; | 37 maxBytes -= extLen; |
38 + | 38 + |
39 + extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes); | 39 + extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes); |
40 + if (extLen < 0) { | 40 + if (extLen < 0) { |
41 + return SECFailure; | 41 + return SECFailure; |
42 + } | 42 + } |
43 + maxBytes -= extLen; | 43 + maxBytes -= extLen; |
44 + | 44 + |
45 PORT_Assert(!maxBytes); | 45 PORT_Assert(!maxBytes); |
46 } | 46 } |
47 if (ss->ssl3.hs.sendingSCSV) { | 47 if (ss->ssl3.hs.sendingSCSV) { |
48 diff --git a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c | 48 diff --git a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c |
49 index 0415770..8be042e 100644 | 49 index 0415770..cdebcc9 100644 |
50 --- a/nss/lib/ssl/ssl3ext.c | 50 --- a/nss/lib/ssl/ssl3ext.c |
51 +++ b/nss/lib/ssl/ssl3ext.c | 51 +++ b/nss/lib/ssl/ssl3ext.c |
52 @@ -2297,3 +2297,56 @@ ssl3_ClientSendSigAlgsXtn(sslSocket * ss, PRBool append,
PRUint32 maxBytes) | 52 @@ -2297,3 +2297,56 @@ ssl3_ClientSendSigAlgsXtn(sslSocket * ss, PRBool append,
PRUint32 maxBytes) |
53 loser: | 53 loser: |
54 return -1; | 54 return -1; |
55 } | 55 } |
56 + | 56 + |
57 +unsigned int | 57 +unsigned int |
58 +ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength) | 58 +ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength) |
59 +{ | 59 +{ |
(...skipping 11 matching lines...) Expand all Loading... |
71 + if (extensionLength < 4) { | 71 + if (extensionLength < 4) { |
72 + extensionLength = 4; | 72 + extensionLength = 4; |
73 + } | 73 + } |
74 + | 74 + |
75 + return extensionLength; | 75 + return extensionLength; |
76 +} | 76 +} |
77 + | 77 + |
78 +/* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a | 78 +/* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a |
79 + * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures | 79 + * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures |
80 + * that we don't trigger bugs in F5 products. */ | 80 + * that we don't trigger bugs in F5 products. */ |
81 +unsigned int | 81 +PRInt32 |
82 +ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 82 +ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
83 + PRUint32 maxBytes) | 83 + PRUint32 maxBytes) |
84 +{ | 84 +{ |
85 + unsigned int paddingLen = extensionLen - 4; | 85 + unsigned int paddingLen = extensionLen - 4; |
86 + unsigned char padding[256]; | 86 + unsigned char padding[256]; |
87 + | 87 + |
88 + if (extensionLen == 0) { | 88 + if (extensionLen == 0) { |
89 + return 0; | 89 + return 0; |
90 + } | 90 + } |
91 + | 91 + |
92 + if (extensionLen < 4 || | 92 + if (extensionLen < 4 || |
93 + extensionLen > maxBytes || | 93 + extensionLen > maxBytes || |
94 + paddingLen > sizeof(padding)) { | 94 + paddingLen > sizeof(padding)) { |
95 + PORT_Assert(0); | 95 + PORT_Assert(0); |
96 +» return 0; | 96 +» return -1; |
97 + } | 97 + } |
98 + | 98 + |
99 + if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) | 99 + if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) |
100 + return -1; | 100 + return -1; |
101 + if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) | 101 + if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) |
102 + return -1; | 102 + return -1; |
103 + memset(padding, ' ', paddingLen); | 103 + memset(padding, ' ', paddingLen); |
104 + if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) | 104 + if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) |
105 + return -1; | 105 + return -1; |
106 + | 106 + |
107 + return extensionLen; | 107 + return extensionLen; |
108 +} | 108 +} |
109 diff --git a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h | 109 diff --git a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
110 index 614eed1..621f25e 100644 | 110 index 614eed1..9c789bf 100644 |
111 --- a/nss/lib/ssl/sslimpl.h | 111 --- a/nss/lib/ssl/sslimpl.h |
112 +++ b/nss/lib/ssl/sslimpl.h | 112 +++ b/nss/lib/ssl/sslimpl.h |
113 @@ -237,6 +237,13 @@ extern PRInt32 | 113 @@ -237,6 +237,13 @@ extern PRInt32 |
114 ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes, | 114 ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes, |
115 const ssl3HelloExtensionSender *sender); | 115 const ssl3HelloExtensionSender *sender); |
116 | 116 |
117 +extern unsigned int | 117 +extern unsigned int |
118 +ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength); | 118 +ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength); |
119 + | 119 + |
120 +extern unsigned int | 120 +extern PRInt32 |
121 +ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 121 +ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
122 + PRUint32 maxBytes); | 122 + PRUint32 maxBytes); |
123 + | 123 + |
124 /* Socket ops */ | 124 /* Socket ops */ |
125 struct sslSocketOpsStr { | 125 struct sslSocketOpsStr { |
126 int (*connect) (sslSocket *, const PRNetAddr *); | 126 int (*connect) (sslSocket *, const PRNetAddr *); |
127 diff --git a/nss/lib/ssl/sslt.h b/nss/lib/ssl/sslt.h | 127 diff --git a/nss/lib/ssl/sslt.h b/nss/lib/ssl/sslt.h |
128 index a8007d8..e4d188f 100644 | 128 index a8007d8..e4d188f 100644 |
129 --- a/nss/lib/ssl/sslt.h | 129 --- a/nss/lib/ssl/sslt.h |
130 +++ b/nss/lib/ssl/sslt.h | 130 +++ b/nss/lib/ssl/sslt.h |
131 @@ -205,9 +205,10 @@ typedef enum { | 131 @@ -205,9 +205,10 @@ typedef enum { |
132 ssl_session_ticket_xtn = 35, | 132 ssl_session_ticket_xtn = 35, |
133 ssl_next_proto_nego_xtn = 13172, | 133 ssl_next_proto_nego_xtn = 13172, |
134 ssl_channel_id_xtn = 30031, | 134 ssl_channel_id_xtn = 30031, |
135 + ssl_padding_xtn = 35655, | 135 + ssl_padding_xtn = 35655, |
136 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ | 136 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ |
137 } SSLExtensionType; | 137 } SSLExtensionType; |
138 | 138 |
139 -#define SSL_MAX_EXTENSIONS 11 | 139 -#define SSL_MAX_EXTENSIONS 11 |
140 +#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. *
/ | 140 +#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. *
/ |
141 | 141 |
142 #endif /* __sslt_h_ */ | 142 #endif /* __sslt_h_ */ |
OLD | NEW |