зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
This commit is contained in:
Родитель
5743e32a30
Коммит
e7899e86a5
|
@ -1 +1 @@
|
|||
NSS_3_17_RTM
|
||||
NSS_3_17_1_BETA1
|
||||
|
|
|
@ -10,4 +10,3 @@
|
|||
*/
|
||||
|
||||
#error "Do not include this header file."
|
||||
|
||||
|
|
|
@ -27,20 +27,6 @@
|
|||
|
||||
extern PRLogModuleInfo *pkixLog;
|
||||
|
||||
#ifdef DEBUG_volkov
|
||||
/* Temporary declarations of functioins. Will be removed with fix for
|
||||
* 391183 */
|
||||
extern char *
|
||||
pkix_Error2ASCII(PKIX_Error *error, void *plContext);
|
||||
|
||||
extern void
|
||||
cert_PrintCert(PKIX_PL_Cert *pkixCert, void *plContext);
|
||||
|
||||
extern PKIX_Error *
|
||||
cert_PrintCertChain(PKIX_List *pkixCertChain, void *plContext);
|
||||
|
||||
#endif /* DEBUG */
|
||||
|
||||
#ifdef PKIX_OBJECT_LEAK_TEST
|
||||
|
||||
extern PKIX_UInt32
|
||||
|
@ -898,11 +884,6 @@ cert_GetLogFromVerifyNode(
|
|||
if (children == NULL) {
|
||||
PKIX_ERRORCODE errCode = PKIX_ANCHORDIDNOTCHAINTOCERT;
|
||||
if (node->error && node->error->errCode != errCode) {
|
||||
#ifdef DEBUG_volkov
|
||||
char *string = pkix_Error2ASCII(node->error, plContext);
|
||||
fprintf(stderr, "Branch search finished with error: \t%s\n", string);
|
||||
PKIX_PL_Free(string, NULL);
|
||||
#endif
|
||||
if (log != NULL) {
|
||||
SECErrorCodes nssErrorCode = 0;
|
||||
CERTCertificate *cert = NULL;
|
||||
|
@ -1003,9 +984,6 @@ cert_GetBuildResults(
|
|||
PKIX_TrustAnchor *trustAnchor = NULL;
|
||||
PKIX_PL_Cert *trustedCert = NULL;
|
||||
PKIX_List *pkixCertChain = NULL;
|
||||
#ifdef DEBUG_volkov
|
||||
PKIX_Error *tmpPkixError = NULL;
|
||||
#endif /* DEBUG */
|
||||
|
||||
PKIX_ENTER(CERTVFYPKIX, "cert_GetBuildResults");
|
||||
if (buildResult == NULL && error == NULL) {
|
||||
|
@ -1014,11 +992,6 @@ cert_GetBuildResults(
|
|||
|
||||
if (error) {
|
||||
SECErrorCodes nssErrorCode = 0;
|
||||
#ifdef DEBUG_volkov
|
||||
char *temp = pkix_Error2ASCII(error, plContext);
|
||||
fprintf(stderr, "BUILD ERROR:\n%s\n", temp);
|
||||
PKIX_PL_Free(temp, NULL);
|
||||
#endif /* DEBUG */
|
||||
if (verifyNode) {
|
||||
PKIX_Error *tmpError =
|
||||
cert_GetLogFromVerifyNode(log, verifyNode, plContext);
|
||||
|
@ -1037,13 +1010,6 @@ cert_GetBuildResults(
|
|||
plContext),
|
||||
PKIX_BUILDRESULTGETCERTCHAINFAILED);
|
||||
|
||||
#ifdef DEBUG_volkov
|
||||
tmpPkixError = cert_PrintCertChain(pkixCertChain, plContext);
|
||||
if (tmpPkixError) {
|
||||
PKIX_PL_Object_DecRef((PKIX_PL_Object*)tmpPkixError, plContext);
|
||||
}
|
||||
#endif
|
||||
|
||||
PKIX_CHECK(
|
||||
cert_PkixToNssCertsChain(pkixCertChain, &validChain, plContext),
|
||||
PKIX_CERTCHAINTONSSCHAINFAILED);
|
||||
|
@ -1065,13 +1031,7 @@ cert_GetBuildResults(
|
|||
plContext),
|
||||
PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
|
||||
|
||||
#ifdef DEBUG_volkov
|
||||
if (pvalidChain == NULL) {
|
||||
cert_PrintCert(trustedCert, plContext);
|
||||
}
|
||||
#endif
|
||||
|
||||
PKIX_CHECK(
|
||||
PKIX_CHECK(
|
||||
PKIX_PL_Cert_GetCERTCertificate(trustedCert, &trustedRoot,
|
||||
plContext),
|
||||
PKIX_CERTGETCERTCERTIFICATEFAILED);
|
||||
|
@ -1158,10 +1118,6 @@ cert_VerifyCertChainPkix(
|
|||
|
||||
SECStatus rv = SECFailure;
|
||||
void *plContext = NULL;
|
||||
#ifdef DEBUG_volkov
|
||||
CERTCertificate *trustedRoot = NULL;
|
||||
CERTCertList *validChain = NULL;
|
||||
#endif /* DEBUG */
|
||||
|
||||
#ifdef PKIX_OBJECT_LEAK_TEST
|
||||
int leakedObjNum = 0;
|
||||
|
@ -1196,10 +1152,6 @@ do {
|
|||
result = NULL;
|
||||
verifyNode = NULL;
|
||||
error = NULL;
|
||||
#ifdef DEBUG_volkov
|
||||
trustedRoot = NULL;
|
||||
validChain = NULL;
|
||||
#endif /* DEBUG */
|
||||
errorGenerated = PKIX_FALSE;
|
||||
stackPosition = 0;
|
||||
|
||||
|
@ -1242,29 +1194,11 @@ do {
|
|||
rv = SECSuccess;
|
||||
|
||||
cleanup:
|
||||
error = cert_GetBuildResults(result, verifyNode, error, log,
|
||||
#ifdef DEBUG_volkov
|
||||
&trustedRoot, &validChain,
|
||||
#else
|
||||
NULL, NULL,
|
||||
#endif /* DEBUG */
|
||||
error = cert_GetBuildResults(result, verifyNode, error, log, NULL, NULL,
|
||||
plContext);
|
||||
if (error) {
|
||||
#ifdef DEBUG_volkov
|
||||
char *temp = pkix_Error2ASCII(error, plContext);
|
||||
fprintf(stderr, "GET BUILD RES ERRORS:\n%s\n", temp);
|
||||
PKIX_PL_Free(temp, NULL);
|
||||
#endif /* DEBUG */
|
||||
PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
|
||||
}
|
||||
#ifdef DEBUG_volkov
|
||||
if (trustedRoot) {
|
||||
CERT_DestroyCertificate(trustedRoot);
|
||||
}
|
||||
if (validChain) {
|
||||
CERT_DestroyCertList(validChain);
|
||||
}
|
||||
#endif /* DEBUG */
|
||||
if (procParams) {
|
||||
PKIX_PL_Object_DecRef((PKIX_PL_Object *)procParams, plContext);
|
||||
}
|
||||
|
|
|
@ -1,206 +0,0 @@
|
|||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
/*
|
||||
* nss_pkix_proxy.h
|
||||
*
|
||||
* PKIX - NSS proxy functions
|
||||
*
|
||||
*/
|
||||
#include "cert.h"
|
||||
#include "pkix_pl_common.h"
|
||||
|
||||
#ifdef DEBUG
|
||||
|
||||
char *
|
||||
pkix_Error2ASCII(PKIX_Error *error, void *plContext)
|
||||
{
|
||||
PKIX_UInt32 length;
|
||||
char *asciiString = NULL;
|
||||
PKIX_PL_String *pkixString = NULL;
|
||||
PKIX_Error *errorResult = NULL;
|
||||
|
||||
errorResult = PKIX_PL_Object_ToString
|
||||
((PKIX_PL_Object*)error, &pkixString, plContext);
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
errorResult = PKIX_PL_String_GetEncoded
|
||||
(pkixString,
|
||||
PKIX_ESCASCII,
|
||||
(void **)&asciiString,
|
||||
&length,
|
||||
plContext);
|
||||
|
||||
cleanup:
|
||||
|
||||
if (pkixString){
|
||||
if (PKIX_PL_Object_DecRef
|
||||
((PKIX_PL_Object*)pkixString, plContext)){
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
|
||||
if (errorResult){
|
||||
PKIX_PL_Object_DecRef((PKIX_PL_Object*)errorResult, plContext);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
return (asciiString);
|
||||
}
|
||||
|
||||
char *
|
||||
pkix_Object2ASCII(PKIX_PL_Object *object)
|
||||
{
|
||||
PKIX_UInt32 length;
|
||||
char *asciiString = NULL;
|
||||
PKIX_PL_String *pkixString = NULL;
|
||||
PKIX_Error *errorResult = NULL;
|
||||
|
||||
errorResult = PKIX_PL_Object_ToString
|
||||
(object, &pkixString, NULL);
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
errorResult = PKIX_PL_String_GetEncoded
|
||||
(pkixString, PKIX_ESCASCII, (void **)&asciiString, &length, NULL);
|
||||
|
||||
cleanup:
|
||||
|
||||
if (pkixString){
|
||||
if (PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixString, NULL)){
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
|
||||
if (errorResult){
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
return (asciiString);
|
||||
}
|
||||
|
||||
char *
|
||||
pkix_Cert2ASCII(PKIX_PL_Cert *cert)
|
||||
{
|
||||
PKIX_PL_X500Name *issuer = NULL;
|
||||
void *issuerAscii = NULL;
|
||||
PKIX_PL_X500Name *subject = NULL;
|
||||
void *subjectAscii = NULL;
|
||||
void *asciiString = NULL;
|
||||
PKIX_Error *errorResult = NULL;
|
||||
PKIX_UInt32 numChars;
|
||||
PKIX_UInt32 refCount = 0;
|
||||
|
||||
/* Issuer */
|
||||
errorResult = PKIX_PL_Cert_GetIssuer(cert, &issuer, NULL);
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
issuerAscii = pkix_Object2ASCII((PKIX_PL_Object*)issuer);
|
||||
|
||||
/* Subject */
|
||||
errorResult = PKIX_PL_Cert_GetSubject(cert, &subject, NULL);
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
if (subject){
|
||||
subjectAscii = pkix_Object2ASCII((PKIX_PL_Object*)subject);
|
||||
}
|
||||
|
||||
/* errorResult = PKIX_PL_Object_GetRefCount((PKIX_PL_Object*)cert, &refCount, NULL); */
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
errorResult = PKIX_PL_Malloc(200, &asciiString, NULL);
|
||||
if (errorResult) goto cleanup;
|
||||
|
||||
numChars =
|
||||
PR_snprintf
|
||||
(asciiString,
|
||||
200,
|
||||
"Ref: %d Subject=%s\nIssuer=%s\n",
|
||||
refCount,
|
||||
subjectAscii,
|
||||
issuerAscii);
|
||||
|
||||
if (!numChars) goto cleanup;
|
||||
|
||||
cleanup:
|
||||
|
||||
if (issuer){
|
||||
if (PKIX_PL_Object_DecRef((PKIX_PL_Object*)issuer, NULL)){
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
|
||||
if (subject){
|
||||
if (PKIX_PL_Object_DecRef((PKIX_PL_Object*)subject, NULL)){
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
|
||||
if (PKIX_PL_Free((PKIX_PL_Object*)issuerAscii, NULL)){
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
if (PKIX_PL_Free((PKIX_PL_Object*)subjectAscii, NULL)){
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
if (errorResult){
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
return (asciiString);
|
||||
}
|
||||
|
||||
PKIX_Error *
|
||||
cert_PrintCertChain(
|
||||
PKIX_List *pkixCertChain,
|
||||
void *plContext)
|
||||
{
|
||||
PKIX_PL_Cert *cert = NULL;
|
||||
PKIX_UInt32 numCerts = 0, i = 0;
|
||||
char *asciiResult = NULL;
|
||||
|
||||
PKIX_ENTER(CERTVFYPKIX, "cert_PrintCertChain");
|
||||
|
||||
PKIX_CHECK(
|
||||
PKIX_List_GetLength(pkixCertChain, &numCerts, plContext),
|
||||
PKIX_LISTGETLENGTHFAILED);
|
||||
|
||||
fprintf(stderr, "\n");
|
||||
|
||||
for (i = 0; i < numCerts; i++){
|
||||
PKIX_CHECK
|
||||
(PKIX_List_GetItem
|
||||
(pkixCertChain, i, (PKIX_PL_Object**)&cert, plContext),
|
||||
PKIX_LISTGETITEMFAILED);
|
||||
|
||||
asciiResult = pkix_Cert2ASCII(cert);
|
||||
|
||||
fprintf(stderr, "CERT[%d]:\n%s\n", i, asciiResult);
|
||||
|
||||
PKIX_PL_Free(asciiResult, plContext);
|
||||
asciiResult = NULL;
|
||||
|
||||
PKIX_DECREF(cert);
|
||||
}
|
||||
|
||||
cleanup:
|
||||
PKIX_DECREF(cert);
|
||||
|
||||
PKIX_RETURN(CERTVFYPKIX);
|
||||
}
|
||||
|
||||
void
|
||||
cert_PrintCert(
|
||||
PKIX_PL_Cert *pkixCert,
|
||||
void *plContext)
|
||||
{
|
||||
char *asciiResult = NULL;
|
||||
|
||||
asciiResult = pkix_Cert2ASCII(pkixCert);
|
||||
|
||||
fprintf(stderr, "CERT[0]:\n%s\n", asciiResult);
|
||||
|
||||
PKIX_PL_Free(asciiResult, plContext);
|
||||
}
|
||||
|
||||
#endif /* DEBUG */
|
|
@ -25,7 +25,6 @@ CSRCS = \
|
|||
certhigh.c \
|
||||
certvfy.c \
|
||||
certvfypkix.c \
|
||||
certvfypkixprint.c \
|
||||
xcrldist.c \
|
||||
$(NULL)
|
||||
|
||||
|
|
|
@ -33,12 +33,12 @@
|
|||
* The format of the version string should be
|
||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
||||
*/
|
||||
#define NSS_VERSION "3.17" _NSS_ECC_STRING _NSS_CUSTOMIZED
|
||||
#define NSS_VERSION "3.17.1" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
|
||||
#define NSS_VMAJOR 3
|
||||
#define NSS_VMINOR 17
|
||||
#define NSS_VPATCH 0
|
||||
#define NSS_VPATCH 1
|
||||
#define NSS_VBUILD 0
|
||||
#define NSS_BETA PR_FALSE
|
||||
#define NSS_BETA PR_TRUE
|
||||
|
||||
#ifndef RC_INVOKED
|
||||
|
||||
|
|
|
@ -92,14 +92,14 @@ nssSession_Destroy
|
|||
nssSession *s
|
||||
)
|
||||
{
|
||||
CK_RV ckrv = CKR_OK;
|
||||
PRStatus rv = PR_SUCCESS;
|
||||
if (s) {
|
||||
if (s->isRW) {
|
||||
PK11_RestoreROSession(s->slot->pk11slot, s->handle);
|
||||
}
|
||||
nss_ZFreeIf(s);
|
||||
rv = nss_ZFreeIf(s);
|
||||
}
|
||||
return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
|
||||
return rv;
|
||||
}
|
||||
|
||||
static NSSSlot *
|
||||
|
|
|
@ -25,11 +25,11 @@
|
|||
* The format of the version string should be
|
||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
||||
*/
|
||||
#define SOFTOKEN_VERSION "3.17" SOFTOKEN_ECC_STRING
|
||||
#define SOFTOKEN_VERSION "3.17.1" SOFTOKEN_ECC_STRING " Beta"
|
||||
#define SOFTOKEN_VMAJOR 3
|
||||
#define SOFTOKEN_VMINOR 17
|
||||
#define SOFTOKEN_VPATCH 0
|
||||
#define SOFTOKEN_VPATCH 1
|
||||
#define SOFTOKEN_VBUILD 0
|
||||
#define SOFTOKEN_BETA PR_FALSE
|
||||
#define SOFTOKEN_BETA PR_TRUE
|
||||
|
||||
#endif /* _SOFTKVER_H_ */
|
||||
|
|
|
@ -418,3 +418,7 @@ ER3(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK, (SSL_ERROR_BASE + 129),
|
|||
|
||||
ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE + 130),
|
||||
"The server supports no protocols that the client advertises in the ALPN extension.")
|
||||
|
||||
ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131),
|
||||
"The server rejected the handshake because the client downgraded to a lower "
|
||||
"TLS version than the server supports.")
|
||||
|
|
|
@ -7,6 +7,11 @@ ifdef NISCC_TEST
|
|||
DEFINES += -DNISCC_TEST
|
||||
endif
|
||||
|
||||
# Allow build-time configuration of TLS 1.3 (Experimental)
|
||||
ifdef NSS_ENABLE_TLS_1_3
|
||||
DEFINES += -DNSS_ENABLE_TLS_1_3
|
||||
endif
|
||||
|
||||
ifdef NSS_NO_PKCS11_BYPASS
|
||||
DEFINES += -DNO_PKCS11_BYPASS
|
||||
else
|
||||
|
|
|
@ -52,6 +52,7 @@ static const ssl3CipherSuite nonDTLSSuites[] = {
|
|||
* TLS DTLS
|
||||
* 1.1 (0302) 1.0 (feff)
|
||||
* 1.2 (0303) 1.2 (fefd)
|
||||
* 1.3 (0304) 1.3 (fefc)
|
||||
*/
|
||||
SSL3ProtocolVersion
|
||||
dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv)
|
||||
|
@ -62,6 +63,9 @@ dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv)
|
|||
if (tlsv == SSL_LIBRARY_VERSION_TLS_1_2) {
|
||||
return SSL_LIBRARY_VERSION_DTLS_1_2_WIRE;
|
||||
}
|
||||
if (tlsv == SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
return SSL_LIBRARY_VERSION_DTLS_1_3_WIRE;
|
||||
}
|
||||
|
||||
/* Anything other than TLS 1.1 or 1.2 is an error, so return
|
||||
* the invalid version 0xffff. */
|
||||
|
@ -85,6 +89,9 @@ dtls_DTLSVersionToTLSVersion(SSL3ProtocolVersion dtlsv)
|
|||
if (dtlsv == SSL_LIBRARY_VERSION_DTLS_1_2_WIRE) {
|
||||
return SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
}
|
||||
if (dtlsv == SSL_LIBRARY_VERSION_DTLS_1_3_WIRE) {
|
||||
return SSL_LIBRARY_VERSION_TLS_1_3;
|
||||
}
|
||||
|
||||
/* Return a fictional higher version than we know of */
|
||||
return SSL_LIBRARY_VERSION_TLS_1_2 + 1;
|
||||
|
|
|
@ -188,6 +188,9 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
|
|||
*/
|
||||
#define SSL_REUSE_SERVER_ECDHE_KEY 27
|
||||
|
||||
#define SSL_ENABLE_FALLBACK_SCSV 28 /* Send fallback SCSV in
|
||||
* handshakes. */
|
||||
|
||||
#ifdef SSL_DEPRECATED_FUNCTION
|
||||
/* Old deprecated function names */
|
||||
SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
|
||||
|
|
|
@ -215,7 +215,10 @@ compressionEnabled(sslSocket *ss, SSLCompressionMethod compression)
|
|||
return PR_TRUE; /* Always enabled */
|
||||
#ifdef NSS_ENABLE_ZLIB
|
||||
case ssl_compression_deflate:
|
||||
return ss->opt.enableDeflate;
|
||||
if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
return ss->opt.enableDeflate;
|
||||
}
|
||||
return PR_FALSE;
|
||||
#endif
|
||||
default:
|
||||
return PR_FALSE;
|
||||
|
@ -637,14 +640,16 @@ ssl3_CipherSuiteAllowedForVersionRange(
|
|||
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
|
||||
case TLS_RSA_WITH_AES_256_CBC_SHA256:
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
|
||||
case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_RSA_WITH_AES_128_CBC_SHA256:
|
||||
case TLS_RSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_RSA_WITH_NULL_SHA256:
|
||||
return vrange->max == SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
|
||||
case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
|
||||
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
|
||||
/* RFC 4492: ECC cipher suites need TLS extensions to negotiate curves and
|
||||
|
@ -669,10 +674,11 @@ ssl3_CipherSuiteAllowedForVersionRange(
|
|||
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
|
||||
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
|
||||
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_0;
|
||||
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_0 &&
|
||||
vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
|
||||
|
||||
default:
|
||||
return PR_TRUE;
|
||||
return vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -3352,6 +3358,9 @@ ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
|
|||
case certificate_unknown: error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
|
||||
break;
|
||||
case illegal_parameter: error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;break;
|
||||
case inappropriate_fallback:
|
||||
error = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
|
||||
break;
|
||||
|
||||
/* All alerts below are TLS only. */
|
||||
case unknown_ca: error = SSL_ERROR_UNKNOWN_CA_ALERT; break;
|
||||
|
@ -4873,6 +4882,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
|||
int num_suites;
|
||||
int actual_count = 0;
|
||||
PRBool isTLS = PR_FALSE;
|
||||
PRBool requestingResume = PR_FALSE, fallbackSCSV = PR_FALSE;
|
||||
PRInt32 total_exten_len = 0;
|
||||
unsigned paddingExtensionLen;
|
||||
unsigned numCompressionMethods;
|
||||
|
@ -5015,6 +5025,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
|||
}
|
||||
|
||||
if (sid) {
|
||||
requestingResume = PR_TRUE;
|
||||
SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_hits );
|
||||
|
||||
PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
|
||||
|
@ -5129,8 +5140,15 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
|||
if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); }
|
||||
return SECFailure; /* count_cipher_suites has set error code. */
|
||||
}
|
||||
|
||||
fallbackSCSV = ss->opt.enableFallbackSCSV && (!requestingResume ||
|
||||
ss->version < sid->version);
|
||||
/* make room for SCSV */
|
||||
if (ss->ssl3.hs.sendingSCSV) {
|
||||
++num_suites; /* make room for SCSV */
|
||||
++num_suites;
|
||||
}
|
||||
if (fallbackSCSV) {
|
||||
++num_suites;
|
||||
}
|
||||
|
||||
/* count compression methods */
|
||||
|
@ -5236,6 +5254,15 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
|||
}
|
||||
actual_count++;
|
||||
}
|
||||
if (fallbackSCSV) {
|
||||
rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV,
|
||||
sizeof(ssl3CipherSuite));
|
||||
if (rv != SECSuccess) {
|
||||
if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); }
|
||||
return rv; /* err set by ssl3_AppendHandshake* */
|
||||
}
|
||||
actual_count++;
|
||||
}
|
||||
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
|
||||
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
|
||||
if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) {
|
||||
|
@ -7711,12 +7738,31 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
|||
goto loser; /* malformed */
|
||||
}
|
||||
|
||||
/* If the ClientHello version is less than our maximum version, check for a
|
||||
* TLS_FALLBACK_SCSV and reject the connection if found. */
|
||||
if (ss->vrange.max > ss->clientHelloVersion) {
|
||||
for (i = 0; i + 1 < suites.len; i += 2) {
|
||||
PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
|
||||
if (suite_i != TLS_FALLBACK_SCSV)
|
||||
continue;
|
||||
desc = inappropriate_fallback;
|
||||
errCode = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
|
||||
goto alert_loser;
|
||||
}
|
||||
}
|
||||
|
||||
/* grab the list of compression methods. */
|
||||
rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
|
||||
if (rv != SECSuccess) {
|
||||
goto loser; /* malformed */
|
||||
}
|
||||
|
||||
/* TLS 1.3 requires that compression be empty */
|
||||
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
if (comps.len != 1 || comps.data[0] != ssl_compression_null) {
|
||||
goto loser;
|
||||
}
|
||||
}
|
||||
desc = handshake_failure;
|
||||
|
||||
/* Handle TLS hello extensions for SSL3 & TLS. We do not know if
|
||||
|
|
|
@ -82,6 +82,11 @@ static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append,
|
|||
static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type,
|
||||
SECItem *data);
|
||||
|
||||
static PRInt32 ssl3_ClientSendDraftVersionXtn(sslSocket *ss, PRBool append,
|
||||
PRUint32 maxBytes);
|
||||
static SECStatus ssl3_ServerHandleDraftVersionXtn(sslSocket *ss, PRUint16 ex_type,
|
||||
SECItem *data);
|
||||
|
||||
/*
|
||||
* Write bytes. Using this function means the SECItem structure
|
||||
* cannot be freed. The caller is expected to call this function
|
||||
|
@ -245,6 +250,7 @@ static const ssl3HelloExtensionHandler clientHelloHandlers[] = {
|
|||
{ ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn },
|
||||
{ ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn },
|
||||
{ ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn },
|
||||
{ ssl_tls13_draft_version_xtn, &ssl3_ServerHandleDraftVersionXtn },
|
||||
{ -1, NULL }
|
||||
};
|
||||
|
||||
|
@ -286,7 +292,8 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
|
|||
{ ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn },
|
||||
{ ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn },
|
||||
{ ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
|
||||
{ ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }
|
||||
{ ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
|
||||
{ ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },
|
||||
/* any extra entries will appear as { 0, NULL } */
|
||||
};
|
||||
|
||||
|
@ -2421,3 +2428,93 @@ ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen,
|
|||
|
||||
return extensionLen;
|
||||
}
|
||||
|
||||
/* ssl3_ClientSendDraftVersionXtn sends the TLS 1.3 temporary draft
|
||||
* version extension.
|
||||
* TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
|
||||
static PRInt32
|
||||
ssl3_ClientSendDraftVersionXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes)
|
||||
{
|
||||
PRInt32 extension_length;
|
||||
|
||||
if (ss->version != SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
extension_length = 6; /* Type + length + number */
|
||||
if (append && maxBytes >= extension_length) {
|
||||
SECStatus rv;
|
||||
rv = ssl3_AppendHandshakeNumber(ss, ssl_tls13_draft_version_xtn, 2);
|
||||
if (rv != SECSuccess)
|
||||
goto loser;
|
||||
rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2);
|
||||
if (rv != SECSuccess)
|
||||
goto loser;
|
||||
rv = ssl3_AppendHandshakeNumber(ss, TLS_1_3_DRAFT_VERSION, 2);
|
||||
if (rv != SECSuccess)
|
||||
goto loser;
|
||||
ss->xtnData.advertised[ss->xtnData.numAdvertised++] =
|
||||
ssl_tls13_draft_version_xtn;
|
||||
} else if (maxBytes < extension_length) {
|
||||
PORT_Assert(0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return extension_length;
|
||||
|
||||
loser:
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* ssl3_ServerHandleDraftVersionXtn handles the TLS 1.3 temporary draft
|
||||
* version extension.
|
||||
* TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
|
||||
static SECStatus
|
||||
ssl3_ServerHandleDraftVersionXtn(sslSocket * ss, PRUint16 ex_type,
|
||||
SECItem *data)
|
||||
{
|
||||
PRInt32 draft_version;
|
||||
|
||||
/* Ignore this extension if we aren't doing TLS 1.3 */
|
||||
if (ss->version != SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
if (data->len != 2)
|
||||
goto loser;
|
||||
|
||||
/* Get the draft version out of the handshake */
|
||||
draft_version = ssl3_ConsumeHandshakeNumber(ss, 2,
|
||||
&data->data, &data->len);
|
||||
if (draft_version < 0) {
|
||||
goto loser;
|
||||
}
|
||||
|
||||
/* Keep track of negotiated extensions. */
|
||||
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
|
||||
|
||||
/* Compare the version */
|
||||
if (draft_version != TLS_1_3_DRAFT_VERSION) {
|
||||
SSL_TRC(30, ("%d: SSL3[%d]: Incompatible version of TLS 1.3 (%d), "
|
||||
"expected %d",
|
||||
SSL_GETPID(), ss->fd, draft_version, TLS_1_3_DRAFT_VERSION));
|
||||
goto loser;
|
||||
}
|
||||
|
||||
return SECSuccess;
|
||||
|
||||
loser:
|
||||
/*
|
||||
* Incompatible/broken TLS 1.3 implementation. Fall back to TLS 1.2.
|
||||
* TODO(ekr@rtfm.com): It's not entirely clear it's safe to roll back
|
||||
* here. Need to double-check.
|
||||
* TODO(ekr@rtfm.com): Currently we fall back even on broken extensions.
|
||||
* because SECFailure does not cause handshake failures. See bug
|
||||
* 753136.
|
||||
*/
|
||||
SSL_TRC(30, ("%d: SSL3[%d]: Rolling back to TLS 1.2", SSL_GETPID(), ss->fd));
|
||||
ss->version = SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ typedef PRUint8 SSL3Opaque;
|
|||
typedef PRUint16 SSL3ProtocolVersion;
|
||||
/* version numbers are defined in sslproto.h */
|
||||
|
||||
/* The TLS 1.3 draft version. Used to avoid negotiating
|
||||
* between incompatible pre-standard TLS 1.3 drafts.
|
||||
* TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
|
||||
#define TLS_1_3_DRAFT_VERSION 3
|
||||
|
||||
typedef PRUint16 ssl3CipherSuite;
|
||||
/* The cipher suites are defined in sslproto.h */
|
||||
|
||||
|
@ -98,6 +103,7 @@ typedef enum {
|
|||
protocol_version = 70,
|
||||
insufficient_security = 71,
|
||||
internal_error = 80,
|
||||
inappropriate_fallback = 86, /* could also be sent for SSLv3 */
|
||||
user_canceled = 90,
|
||||
no_renegotiation = 100,
|
||||
|
||||
|
|
|
@ -196,6 +196,8 @@ SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 128),
|
|||
SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK = (SSL_ERROR_BASE + 129),
|
||||
SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL = (SSL_ERROR_BASE + 130),
|
||||
|
||||
SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 131),
|
||||
|
||||
SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
|
||||
} SSLErrorCodes;
|
||||
#endif /* NO_SECURITY_ERROR_ENUM */
|
||||
|
|
|
@ -327,6 +327,7 @@ typedef struct sslOptionsStr {
|
|||
unsigned int enableNPN : 1; /* 26 */
|
||||
unsigned int enableALPN : 1; /* 27 */
|
||||
unsigned int reuseServerECDHEKey : 1; /* 28 */
|
||||
unsigned int enableFallbackSCSV : 1; /* 29 */
|
||||
} sslOptions;
|
||||
|
||||
typedef enum { sslHandshakingUndetermined = 0,
|
||||
|
@ -1535,7 +1536,11 @@ extern PRInt32 ssl3_SendRecord(sslSocket *ss, DTLSEpoch epoch,
|
|||
* runtime to determine which versions are supported by the version of libssl
|
||||
* in use.
|
||||
*/
|
||||
#ifdef NSS_ENABLE_TLS_1_3
|
||||
#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_3
|
||||
#else
|
||||
#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_2
|
||||
#endif
|
||||
|
||||
/* Rename this macro SSL_ALL_VERSIONS_DISABLED when SSL 2.0 is removed. */
|
||||
#define SSL3_ALL_VERSIONS_DISABLED(vrange) \
|
||||
|
|
|
@ -16,9 +16,12 @@
|
|||
#define SSL_LIBRARY_VERSION_TLS_1_0 0x0301
|
||||
#define SSL_LIBRARY_VERSION_TLS_1_1 0x0302
|
||||
#define SSL_LIBRARY_VERSION_TLS_1_2 0x0303
|
||||
#define SSL_LIBRARY_VERSION_TLS_1_3 0x0304
|
||||
|
||||
/* Note: this is the internal format, not the wire format */
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_0 0x0302
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_2 0x0303
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_3 0x0304
|
||||
|
||||
/* deprecated old name */
|
||||
#define SSL_LIBRARY_VERSION_3_1_TLS SSL_LIBRARY_VERSION_TLS_1_0
|
||||
|
@ -26,6 +29,7 @@
|
|||
/* The DTLS versions used in the spec */
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_0_WIRE ((~0x0100) & 0xffff)
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_2_WIRE ((~0x0102) & 0xffff)
|
||||
#define SSL_LIBRARY_VERSION_DTLS_1_3_WIRE ((~0x0103) & 0xffff)
|
||||
|
||||
/* Header lengths of some of the messages */
|
||||
#define SSL_HL_ERROR_HBYTES 3
|
||||
|
@ -208,6 +212,11 @@
|
|||
*/
|
||||
#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF
|
||||
|
||||
/* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a
|
||||
* handshake is the result of TLS version fallback.
|
||||
*/
|
||||
#define TLS_FALLBACK_SCSV 0x5600
|
||||
|
||||
/* Cipher Suite Values starting with 0xC000 are defined in informational
|
||||
* RFCs.
|
||||
*/
|
||||
|
|
|
@ -81,7 +81,8 @@ static sslOptions ssl_defaults = {
|
|||
PR_FALSE, /* enableOCSPStapling */
|
||||
PR_TRUE, /* enableNPN */
|
||||
PR_FALSE, /* enableALPN */
|
||||
PR_TRUE /* reuseServerECDHEKey */
|
||||
PR_TRUE, /* reuseServerECDHEKey */
|
||||
PR_FALSE /* enableFallbackSCSV */
|
||||
};
|
||||
|
||||
/*
|
||||
|
@ -789,6 +790,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
|
|||
ss->opt.reuseServerECDHEKey = on;
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_FALLBACK_SCSV:
|
||||
ss->opt.enableFallbackSCSV = on;
|
||||
break;
|
||||
|
||||
default:
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
rv = SECFailure;
|
||||
|
@ -863,6 +868,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
|
|||
case SSL_ENABLE_ALPN: on = ss->opt.enableALPN; break;
|
||||
case SSL_REUSE_SERVER_ECDHE_KEY:
|
||||
on = ss->opt.reuseServerECDHEKey; break;
|
||||
case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break;
|
||||
|
||||
default:
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
|
@ -929,6 +935,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
|
|||
case SSL_REUSE_SERVER_ECDHE_KEY:
|
||||
on = ssl_defaults.reuseServerECDHEKey;
|
||||
break;
|
||||
case SSL_ENABLE_FALLBACK_SCSV:
|
||||
on = ssl_defaults.enableFallbackSCSV;
|
||||
break;
|
||||
|
||||
default:
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
|
@ -1108,6 +1117,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBool on)
|
|||
ssl_defaults.reuseServerECDHEKey = on;
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_FALLBACK_SCSV:
|
||||
ssl_defaults.enableFallbackSCSV = on;
|
||||
break;
|
||||
|
||||
default:
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
|
|
|
@ -191,9 +191,10 @@ typedef enum {
|
|||
ssl_padding_xtn = 21,
|
||||
ssl_session_ticket_xtn = 35,
|
||||
ssl_next_proto_nego_xtn = 13172,
|
||||
ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
|
||||
ssl_renegotiation_info_xtn = 0xff01,
|
||||
ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */
|
||||
} SSLExtensionType;
|
||||
|
||||
#define SSL_MAX_EXTENSIONS 10 /* doesn't include ssl_padding_xtn. */
|
||||
#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. */
|
||||
|
||||
#endif /* __sslt_h_ */
|
||||
|
|
|
@ -19,12 +19,12 @@
|
|||
* The format of the version string should be
|
||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
|
||||
*/
|
||||
#define NSSUTIL_VERSION "3.17"
|
||||
#define NSSUTIL_VERSION "3.17.1 Beta"
|
||||
#define NSSUTIL_VMAJOR 3
|
||||
#define NSSUTIL_VMINOR 17
|
||||
#define NSSUTIL_VPATCH 0
|
||||
#define NSSUTIL_VPATCH 1
|
||||
#define NSSUTIL_VBUILD 0
|
||||
#define NSSUTIL_BETA PR_FALSE
|
||||
#define NSSUTIL_BETA PR_TRUE
|
||||
|
||||
SEC_BEGIN_PROTOS
|
||||
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#define VERION_MAJOR 1
|
||||
#define VERION_MINOR 0
|
||||
#define VERSION_MAJOR 1
|
||||
#define VERSION_MINOR 0
|
||||
#define VERSION_POINT 7
|
||||
/* NSPR header files */
|
||||
#include <prinit.h>
|
||||
|
@ -174,7 +174,7 @@ PRIntn main(PRIntn ac, char **av, char **ev) {
|
|||
"\nSSL Test Suite Version %d.%d.%d\n\
|
||||
All Rights Reserved\n\
|
||||
Usage: sslt [-c client_nickname] [-n server_nickname] [-p passwd] [-d] testid\n",
|
||||
VERION_MAJOR, VERION_MINOR, VERSION_POINT);
|
||||
VERSION_MAJOR, VERSION_MINOR, VERSION_POINT);
|
||||
|
||||
exit(0);
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче