diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-02-06 12:02:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-06 12:02:47 +0100 |
commit | 389c60da5e01761f4a11ef539ffa26e4c1b17875 (patch) | |
tree | c6033924a0de9be1ab140596e305898c651bf57e /security/nss/lib/ssl/sslinfo.c | |
parent | 7c9b585349c985df0cf6ace83da5dadba8b5c677 (diff) | |
parent | f017b749ea9f1586d2308504553d40bf4cc5439d (diff) | |
download | UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.gz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.lz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.xz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.zip |
Merge pull request #13 from MoonchildProductions/ported-upstream
Ported upstream
Diffstat (limited to 'security/nss/lib/ssl/sslinfo.c')
-rw-r--r-- | security/nss/lib/ssl/sslinfo.c | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c index 665109d65..88162d814 100644 --- a/security/nss/lib/ssl/sslinfo.c +++ b/security/nss/lib/ssl/sslinfo.c @@ -140,6 +140,20 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd, inf.valuesSet = ss->ssl3.hs.preliminaryInfo; inf.protocolVersion = ss->version; inf.cipherSuite = ss->ssl3.hs.cipher_suite; + inf.canSendEarlyData = !ss->sec.isServer && + (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted); + /* We shouldn't be able to send early data if the handshake is done. */ + PORT_Assert(!ss->firstHsDone || !inf.canSendEarlyData); + + if (ss->sec.ci.sid && + (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted)) { + inf.maxEarlyDataSize = + ss->sec.ci.sid->u.ssl3.locked.sessionTicket.max_early_data_size; + } else { + inf.maxEarlyDataSize = 0; + } memcpy(info, &inf, inf.length); return SECSuccess; @@ -219,6 +233,9 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd, #define F_NFIPS_NSTD 0, 0, 1, 0 /* i.e., trash */ #define F_EXPORT 0, 1, 0, 0 /* i.e., trash */ +// RFC 5705 +#define MAX_CONTEXT_LEN PR_UINT16_MAX - 1 + static const SSLCipherSuiteInfo suiteInfo[] = { /* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */ { 0, CS_(TLS_AES_128_GCM_SHA256), S_ANY, K_ANY, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_ANY }, @@ -425,6 +442,11 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd, out, outLen); } + if (hasContext && contextLen > MAX_CONTEXT_LEN) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* construct PRF arguments */ valLen = SSL3_RANDOM_LENGTH * 2; if (hasContext) { @@ -455,9 +477,8 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd, PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); rv = SECFailure; } else { - HASH_HashType ht = ssl3_GetTls12HashType(ss); - rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, - valLen, out, outLen, ht); + rv = ssl3_TLSPRFWithMasterSecret(ss, ss->ssl3.cwSpec, label, labelLen, + val, valLen, out, outLen); } ssl_ReleaseSpecReadLock(ss); |