diff options
author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:06:40 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-02 21:06:40 +0100 |
commit | f4a12fc67689a830e9da1c87fd11afe5bc09deb3 (patch) | |
tree | 211ae0cd022a6c11b0026ecc7761a550c584583c /security/nss/cmd/selfserv | |
parent | f7d30133221896638f7bf4f66c504255c4b14f48 (diff) | |
download | UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.gz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.lz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.xz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.zip |
Issue #1338 - Part 2: Update NSS to 3.48-RTM
Diffstat (limited to 'security/nss/cmd/selfserv')
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 105 |
1 files changed, 88 insertions, 17 deletions
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index 1784c9ee3..03e39d67b 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -233,7 +233,15 @@ PrintParameterUsage() " ecdsa_secp521r1_sha512,\n" " rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512,\n" " rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,\n" - "-Z enable 0-RTT (for TLS 1.3; also use -u)\n", + "-Z enable 0-RTT (for TLS 1.3; also use -u)\n" + "-E enable post-handshake authentication\n" + " (for TLS 1.3; only has an effect with 3 or more -r options)\n" + "-x Export and print keying material after successful handshake\n" + " The argument is a comma separated list of exporters in the form:\n" + " LABEL[:OUTPUT-LENGTH[:CONTEXT]]\n" + " where LABEL and CONTEXT can be either a free-form string or\n" + " a hex string if it is preceded by \"0x\"; OUTPUT-LENGTH\n" + " is a decimal integer.\n", stderr); } @@ -803,11 +811,15 @@ PRBool enableSessionTickets = PR_FALSE; PRBool failedToNegotiateName = PR_FALSE; PRBool enableExtendedMasterSecret = PR_FALSE; PRBool zeroRTT = PR_FALSE; +SSLAntiReplayContext *antiReplay = NULL; PRBool enableALPN = PR_FALSE; +PRBool enablePostHandshakeAuth = PR_FALSE; SSLNamedGroup *enabledGroups = NULL; unsigned int enabledGroupsCount = 0; const SSLSignatureScheme *enabledSigSchemes = NULL; unsigned int enabledSigSchemeCount = 0; +const secuExporter *enabledExporters = NULL; +unsigned int enabledExporterCount = 0; static char *virtServerNameArray[MAX_VIRT_SERVER_NAME_ARRAY_INDEX]; static int virtServerNameIndex = 1; @@ -1431,15 +1443,28 @@ handle_connection(PRFileDesc *tcp_sock, PRFileDesc *model_sock) errWarn("second SSL_OptionSet SSL_REQUIRE_CERTIFICATE"); break; } - rv = SSL_ReHandshake(ssl_sock, PR_TRUE); - if (rv != 0) { - errWarn("SSL_ReHandshake"); - break; - } - rv = SSL_ForceHandshake(ssl_sock); - if (rv < 0) { - errWarn("SSL_ForceHandshake"); - break; + if (enablePostHandshakeAuth) { + rv = SSL_SendCertificateRequest(ssl_sock); + if (rv != SECSuccess) { + errWarn("SSL_SendCertificateRequest"); + break; + } + rv = SSL_ForceHandshake(ssl_sock); + if (rv != SECSuccess) { + errWarn("SSL_ForceHandshake"); + break; + } + } else { + rv = SSL_ReHandshake(ssl_sock, PR_TRUE); + if (rv != 0) { + errWarn("SSL_ReHandshake"); + break; + } + rv = SSL_ForceHandshake(ssl_sock); + if (rv < 0) { + errWarn("SSL_ForceHandshake"); + break; + } } } } @@ -1805,6 +1830,15 @@ handshakeCallback(PRFileDesc *fd, void *client_data) SECITEM_FreeItem(hostInfo, PR_TRUE); } } + if (enabledExporters) { + SECStatus rv = exportKeyingMaterials(fd, enabledExporters, enabledExporterCount); + if (rv != SECSuccess) { + PRErrorCode err = PR_GetError(); + fprintf(stderr, + "couldn't export keying material: %s\n", + SECU_Strerror(err)); + } + } } void @@ -1909,7 +1943,7 @@ server_main( for (i = 0; i < certNicknameIndex; i++) { if (cert[i] != NULL) { const SSLExtraServerCertData ocspData = { - ssl_auth_null, NULL, certStatus[i], NULL + ssl_auth_null, NULL, certStatus[i], NULL, NULL, NULL }; secStatus = SSL_ConfigServerCert(model_sock, cert[i], @@ -1938,7 +1972,7 @@ server_main( if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) { errExit("You tried enabling 0RTT without enabling TLS 1.3!"); } - rv = SSL_SetupAntiReplay(10 * PR_USEC_PER_SEC, 7, 14); + rv = SSL_SetAntiReplayContext(model_sock, antiReplay); if (rv != SECSuccess) { errExit("error configuring anti-replay "); } @@ -1948,6 +1982,16 @@ server_main( } } + if (enablePostHandshakeAuth) { + if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) { + errExit("You tried enabling post-handshake auth without enabling TLS 1.3!"); + } + rv = SSL_OptionSet(model_sock, SSL_ENABLE_POST_HANDSHAKE_AUTH, PR_TRUE); + if (rv != SECSuccess) { + errExit("error enabling post-handshake auth"); + } + } + if (enableALPN) { PRUint8 alpnVal[] = { 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 }; @@ -1985,7 +2029,7 @@ server_main( errExit("SSL_CipherPrefSetDefault:TLS_RSA_WITH_NULL_MD5"); } - if (expectedHostNameVal) { + if (expectedHostNameVal || enabledExporters) { SSL_HandshakeCallback(model_sock, handshakeCallback, (void *)expectedHostNameVal); } @@ -2219,11 +2263,11 @@ main(int argc, char **argv) /* please keep this list of options in ASCII collating sequence. ** numbers, then capital letters, then lower case, alphabetical. - ** XXX: 'B', 'E', 'q', and 'x' were used in the past but removed + ** XXX: 'B', and 'q' were used in the past but removed ** in 3.28, please leave some time before resuing those. ** 'z' was removed in 3.39. */ optstate = PL_CreateOptState(argc, argv, - "2:A:C:DGH:I:J:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:y"); + "2:A:C:DEGH:I:J:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:x:y"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { ++optionsFound; switch (optstate->option) { @@ -2243,6 +2287,11 @@ main(int argc, char **argv) case 'D': noDelay = PR_TRUE; break; + + case 'E': + enablePostHandshakeAuth = PR_TRUE; + break; + case 'H': configureDHE = (PORT_Atoi(optstate->value) != 0); break; @@ -2464,6 +2513,17 @@ main(int argc, char **argv) } break; + case 'x': + rv = parseExporters(optstate->value, + &enabledExporters, &enabledExporterCount); + if (rv != SECSuccess) { + PL_DestroyOptState(optstate); + fprintf(stderr, "Bad exporter specified.\n"); + fprintf(stderr, "Run '%s -h' for usage information.\n", progName); + exit(5); + } + break; + default: case '?': fprintf(stderr, "Unrecognized or bad option specified.\n"); @@ -2653,8 +2713,10 @@ main(int argc, char **argv) } if (cipher > 0) { rv = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED); - if (rv != SECSuccess) - SECU_PrintError(progName, "SSL_CipherPrefSet()"); + if (rv != SECSuccess) { + SECU_PrintError(progName, "SSL_CipherPrefSetDefault()"); + exit(9); + } } else { fprintf(stderr, "Invalid cipher specification (-c arg).\n"); @@ -2692,6 +2754,12 @@ main(int argc, char **argv) } fprintf(stderr, "selfserv: Done creating dynamic weak DH parameters\n"); } + if (zeroRTT) { + rv = SSL_CreateAntiReplayContext(PR_Now(), 10L * PR_USEC_PER_SEC, 7, 14, &antiReplay); + if (rv != SECSuccess) { + errExit("Unable to create anti-replay context for 0-RTT."); + } + } /* allocate the array of thread slots, and launch the worker threads. */ rv = launch_threads(&jobLoop, 0, 0, useLocalThreads); @@ -2767,6 +2835,9 @@ cleanup: if (enabledGroups) { PORT_Free(enabledGroups); } + if (antiReplay) { + SSL_ReleaseAntiReplayContext(antiReplay); + } if (NSS_Shutdown() != SECSuccess) { SECU_PrintError(progName, "NSS_Shutdown"); if (loggerThread) { |