OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
9 | 9 |
10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
(...skipping 277 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
288 #ifdef NSS_ENABLE_ECC | 288 #ifdef NSS_ENABLE_ECC |
289 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 289 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
290 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 290 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
291 #endif | 291 #endif |
292 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 292 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
293 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 293 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
294 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 294 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
295 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 295 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
296 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 296 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
297 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 297 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
298 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, | |
299 { ssl_signed_certificate_timestamp_xtn, | 298 { ssl_signed_certificate_timestamp_xtn, |
300 &ssl3_ClientSendSignedCertTimestampXtn } | 299 &ssl3_ClientSendSignedCertTimestampXtn }, |
| 300 /* WebSphere Application Server 7.0 is intolerant to the last extension |
| 301 * being zero-length. It is not intolerant of TLS 1.2, so move |
| 302 * signature_algorithms to the end. */ |
| 303 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } |
301 /* any extra entries will appear as { 0, NULL } */ | 304 /* any extra entries will appear as { 0, NULL } */ |
302 }; | 305 }; |
303 | 306 |
304 static const | 307 static const |
305 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 308 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
306 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 309 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
307 /* any extra entries will appear as { 0, NULL } */ | 310 /* any extra entries will appear as { 0, NULL } */ |
308 }; | 311 }; |
309 | 312 |
310 static PRBool | 313 static PRBool |
(...skipping 2029 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2340 unsigned int recordLength = 1 /* handshake message type */ + | 2343 unsigned int recordLength = 1 /* handshake message type */ + |
2341 3 /* handshake message length */ + | 2344 3 /* handshake message length */ + |
2342 clientHelloLength; | 2345 clientHelloLength; |
2343 unsigned int extensionLength; | 2346 unsigned int extensionLength; |
2344 | 2347 |
2345 if (recordLength < 256 || recordLength >= 512) { | 2348 if (recordLength < 256 || recordLength >= 512) { |
2346 return 0; | 2349 return 0; |
2347 } | 2350 } |
2348 | 2351 |
2349 extensionLength = 512 - recordLength; | 2352 extensionLength = 512 - recordLength; |
2350 /* Extensions take at least four bytes to encode. */ | 2353 /* Extensions take at least four bytes to encode. Always include at least |
2351 if (extensionLength < 4) { | 2354 * one byte of data if including the extension. WebSphere Application Server |
2352 » extensionLength = 4; | 2355 * 7.0 is intolerant to the last extension being zero-length. */ |
| 2356 if (extensionLength < 4 + 1) { |
| 2357 » extensionLength = 4 + 1; |
2353 } | 2358 } |
2354 | 2359 |
2355 return extensionLength; | 2360 return extensionLength; |
2356 } | 2361 } |
2357 | 2362 |
2358 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a | 2363 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a |
2359 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures | 2364 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures |
2360 * that we don't trigger bugs in F5 products. */ | 2365 * that we don't trigger bugs in F5 products. */ |
2361 PRInt32 | 2366 PRInt32 |
2362 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 2367 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2440 | 2445 |
2441 if (!data->len) { | 2446 if (!data->len) { |
2442 /* Empty extension data: RFC 6962 mandates non-empty contents. */ | 2447 /* Empty extension data: RFC 6962 mandates non-empty contents. */ |
2443 return SECFailure; | 2448 return SECFailure; |
2444 } | 2449 } |
2445 *scts = *data; | 2450 *scts = *data; |
2446 /* Keep track of negotiated extensions. */ | 2451 /* Keep track of negotiated extensions. */ |
2447 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 2452 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
2448 return SECSuccess; | 2453 return SECSuccess; |
2449 } | 2454 } |
OLD | NEW |