summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/ssl/sslinfo.c
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-02-06 11:46:26 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-06 11:46:26 +0100
commitf017b749ea9f1586d2308504553d40bf4cc5439d (patch)
treec6033924a0de9be1ab140596e305898c651bf57e /security/nss/lib/ssl/sslinfo.c
parent7c728b3c7680662fc4e92b5d03697b8339560b08 (diff)
downloadUXP-f017b749ea9f1586d2308504553d40bf4cc5439d.tar
UXP-f017b749ea9f1586d2308504553d40bf4cc5439d.tar.gz
UXP-f017b749ea9f1586d2308504553d40bf4cc5439d.tar.lz
UXP-f017b749ea9f1586d2308504553d40bf4cc5439d.tar.xz
UXP-f017b749ea9f1586d2308504553d40bf4cc5439d.zip
Update NSS to 3.32.1-RTM
Diffstat (limited to 'security/nss/lib/ssl/sslinfo.c')
-rw-r--r--security/nss/lib/ssl/sslinfo.c27
1 files changed, 24 insertions, 3 deletions
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
index 665109d65..88162d814 100644
--- a/security/nss/lib/ssl/sslinfo.c
+++ b/security/nss/lib/ssl/sslinfo.c
@@ -140,6 +140,20 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
inf.valuesSet = ss->ssl3.hs.preliminaryInfo;
inf.protocolVersion = ss->version;
inf.cipherSuite = ss->ssl3.hs.cipher_suite;
+ inf.canSendEarlyData = !ss->sec.isServer &&
+ (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted);
+ /* We shouldn't be able to send early data if the handshake is done. */
+ PORT_Assert(!ss->firstHsDone || !inf.canSendEarlyData);
+
+ if (ss->sec.ci.sid &&
+ (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted)) {
+ inf.maxEarlyDataSize =
+ ss->sec.ci.sid->u.ssl3.locked.sessionTicket.max_early_data_size;
+ } else {
+ inf.maxEarlyDataSize = 0;
+ }
memcpy(info, &inf, inf.length);
return SECSuccess;
@@ -219,6 +233,9 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
#define F_NFIPS_NSTD 0, 0, 1, 0 /* i.e., trash */
#define F_EXPORT 0, 1, 0, 0 /* i.e., trash */
+// RFC 5705
+#define MAX_CONTEXT_LEN PR_UINT16_MAX - 1
+
static const SSLCipherSuiteInfo suiteInfo[] = {
/* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */
{ 0, CS_(TLS_AES_128_GCM_SHA256), S_ANY, K_ANY, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_ANY },
@@ -425,6 +442,11 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd,
out, outLen);
}
+ if (hasContext && contextLen > MAX_CONTEXT_LEN) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
/* construct PRF arguments */
valLen = SSL3_RANDOM_LENGTH * 2;
if (hasContext) {
@@ -455,9 +477,8 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd,
PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
rv = SECFailure;
} else {
- HASH_HashType ht = ssl3_GetTls12HashType(ss);
- rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val,
- valLen, out, outLen, ht);
+ rv = ssl3_TLSPRFWithMasterSecret(ss, ss->ssl3.cwSpec, label, labelLen,
+ val, valLen, out, outLen);
}
ssl_ReleaseSpecReadLock(ss);