diff options
| author | Wan-Teh Chang <wtc@google.com> | 2013-08-19 12:23:06 -0700 |
|---|---|---|
| committer | Wan-Teh Chang <wtc@google.com> | 2013-08-19 12:23:06 -0700 |
| commit | 81cd4f570d6bbc0d886c070d87a5bca289a25082 (patch) | |
| tree | a8a87f138762665c52f2e181a930dbca77bc333b | |
| parent | 9883e370bb098767ce03b3e9420e6316f9aa92d9 (diff) | |
| download | nss-hg-81cd4f570d6bbc0d886c070d87a5bca289a25082.tar.gz | |
Bug 848384: Resurrect the SSL cipher policy framework, but change the
default 'policy' setting to SSL_ALLOWED for all ciphers. TBR=rrelyea.
| -rw-r--r-- | lib/ssl/ssl.h | 23 | ||||
| -rw-r--r-- | lib/ssl/ssl3con.c | 251 | ||||
| -rw-r--r-- | lib/ssl/ssl3ecc.c | 2 | ||||
| -rw-r--r-- | lib/ssl/sslcon.c | 97 | ||||
| -rw-r--r-- | lib/ssl/sslimpl.h | 26 | ||||
| -rw-r--r-- | lib/ssl/sslsock.c | 69 |
6 files changed, 329 insertions, 139 deletions
diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h index bd605e31b..f1b864d42 100644 --- a/lib/ssl/ssl.h +++ b/lib/ssl/ssl.h @@ -233,6 +233,7 @@ SSL_IMPORT SECStatus SSL_GetNextProto(PRFileDesc *fd, ** is enabled, otherwise it is disabled. ** The "cipher" values are defined in sslproto.h (the SSL_EN_* values). ** EnableCipher records user preferences. +** SetPolicy sets the policy according to the policy module. */ #ifdef SSL_DEPRECATED_FUNCTION /* Old deprecated function names */ @@ -245,11 +246,7 @@ SSL_IMPORT SECStatus SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 cipher, PRBool en SSL_IMPORT SECStatus SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 cipher, PRBool *enabled); SSL_IMPORT SECStatus SSL_CipherPrefSetDefault(PRInt32 cipher, PRBool enabled); SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled); - -/* Policy functions are deprecated and no longer have any effect. They exist in - * order to maintain ABI compatibility. */ SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy); -/* SSL_CipherPolicyGet sets *policy to SSL_ALLOWED and returns SECSuccess. */ SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy); /* SSL Version Range API @@ -794,12 +791,22 @@ SSL_IMPORT SECStatus NSS_CmpCertChainWCANames(CERTCertificate *cert, */ SSL_IMPORT SSLKEAType NSS_FindCertKEAType(CERTCertificate * cert); -/* -** The NSS_Set*Policy functions have no effect and exist in order to maintain -** ABI compatibility. All supported ciphers are now allowed. -*/ +/* Set cipher policies to a predefined Domestic (U.S.A.) policy. + * This essentially allows all supported ciphers. + */ SSL_IMPORT SECStatus NSS_SetDomesticPolicy(void); + +/* Set cipher policies to a predefined Policy that is exportable from the USA + * according to present U.S. policies as we understand them. + * It is the same as NSS_SetDomesticPolicy now. + */ SSL_IMPORT SECStatus NSS_SetExportPolicy(void); + +/* Set cipher policies to a predefined Policy that is exportable from the USA + * according to present U.S. policies as we understand them, and that the + * nation of France will permit to be imported into their country. + * It is the same as NSS_SetDomesticPolicy now. + */ SSL_IMPORT SECStatus NSS_SetFrancePolicy(void); SSL_IMPORT SSL3Statistics * SSL_GetStatistics(void); diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index c6dcc6839..870a19869 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -85,91 +85,91 @@ static SECStatus ssl3_AESGCMBypass(ssl3KeyMaterial *keys, PRBool doDecrypt, * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c) */ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { - /* cipher_suite enabled is_present */ + /* cipher_suite policy enabled isPresent */ #ifdef NSS_ENABLE_ECC - { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, PR_TRUE, PR_FALSE}, - { TLS_RSA_WITH_AES_128_GCM_SHA256, PR_TRUE, PR_FALSE}, + { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE}, - { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, PR_TRUE, PR_FALSE}, - { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE}, + { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_RSA_WITH_AES_256_CBC_SHA, PR_TRUE, PR_FALSE}, - { TLS_RSA_WITH_AES_256_CBC_SHA256, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_DHE_DSS_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE}, - { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE}, - { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, PR_TRUE, PR_FALSE}, - { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE}, + { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDH_RSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { TLS_RSA_WITH_SEED_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, PR_FALSE, PR_FALSE}, - { SSL_RSA_WITH_RC4_128_SHA, PR_TRUE, PR_FALSE}, - { SSL_RSA_WITH_RC4_128_MD5, PR_TRUE, PR_FALSE}, - { TLS_RSA_WITH_AES_128_CBC_SHA, PR_TRUE, PR_FALSE}, - { TLS_RSA_WITH_AES_128_CBC_SHA256, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_SEED_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { SSL_RSA_WITH_RC4_128_MD5, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE}, - { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE}, + { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, + { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, PR_FALSE, PR_FALSE}, - { SSL_RSA_WITH_3DES_EDE_CBC_SHA, PR_TRUE, PR_FALSE}, + { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE}, - { SSL_DHE_RSA_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE}, - { SSL_DHE_DSS_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE}, - { SSL_RSA_FIPS_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE}, - { SSL_RSA_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE}, - { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, PR_FALSE, PR_FALSE}, - { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, PR_FALSE, PR_FALSE}, + { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, - { SSL_RSA_EXPORT_WITH_RC4_40_MD5, PR_FALSE, PR_FALSE}, - { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, PR_FALSE, PR_FALSE}, + { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #ifdef NSS_ENABLE_ECC - { TLS_ECDHE_ECDSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDHE_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE}, - { TLS_ECDH_ECDSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, #endif /* NSS_ENABLE_ECC */ - { SSL_RSA_WITH_NULL_SHA, PR_FALSE, PR_FALSE}, - { TLS_RSA_WITH_NULL_SHA256, PR_FALSE, PR_FALSE}, - { SSL_RSA_WITH_NULL_MD5, PR_FALSE, PR_FALSE}, + { SSL_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { TLS_RSA_WITH_NULL_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, + { SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE}, }; /* This list of SSL3 compression methods is sorted in descending order of @@ -664,13 +664,13 @@ ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, ssl3CipherSuiteCfg *suites) } -/* Initialize the suite->isPresent value for cipher_suite_available. +/* Initialize the suite->isPresent value for config_match * Returns count of enabled ciphers supported by extant tokens, - * regardless of user preference. + * regardless of policy or user preference. * If this returns zero, the user cannot do SSL v3. */ int -ssl3_cipher_suite_available_init(sslSocket *ss) +ssl3_config_match_init(sslSocket *ss) { ssl3CipherSuiteCfg * suite; const ssl3CipherSuiteDef *cipher_def; @@ -766,17 +766,29 @@ ssl3_cipher_suite_available_init(sslSocket *ss) } -/* return PR_TRUE if the given cipher suite is enabled and present. */ +/* return PR_TRUE if suite matches policy and enabled state */ +/* It would be a REALLY BAD THING (tm) if we ever permitted the use +** of a cipher that was NOT_ALLOWED. So, if this is ever called with +** policy == SSL_NOT_ALLOWED, report no match. +*/ +/* adjust suite enabled to the availability of a token that can do the + * cipher suite. */ static PRBool -cipher_suite_available(ssl3CipherSuiteCfg *suite) +config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled) { - return (PRBool)(suite->enabled && suite->isPresent); + PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE); + if (policy == SSL_NOT_ALLOWED || !enabled) + return PR_FALSE; + return (PRBool)(suite->enabled && + suite->isPresent && + suite->policy != SSL_NOT_ALLOWED && + suite->policy <= policy); } -/* return number of cipher suites that are enabled and present. - * called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */ +/* return number of cipher suites that match policy and enabled state */ +/* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */ static int -count_cipher_suites(sslSocket *ss) +count_cipher_suites(sslSocket *ss, int policy, PRBool enabled) { int i, count = 0; @@ -784,7 +796,7 @@ count_cipher_suites(sslSocket *ss) return 0; } for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { - if (cipher_suite_available(&ss->cipherSuites[i])) + if (config_match(&ss->cipherSuites[i], policy, enabled)) count++; } if (count <= 0) { @@ -4944,6 +4956,8 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); + + ss->ssl3.policy = sid->u.ssl3.policy; } else { SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_misses ); @@ -4993,11 +5007,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) return SECFailure; } - /* how many suites does our PKCS11 support? */ - num_suites = ssl3_cipher_suite_available_init(ss); + /* how many suites does our PKCS11 support (regardless of policy)? */ + num_suites = ssl3_config_match_init(ss); if (!num_suites) - return SECFailure; /* ssl3_cipher_suite_available_init has set - * error code. */ + return SECFailure; /* ssl3_config_match_init has set error code. */ /* HACK for SCSV in SSL 3.0. On initial handshake, prepend SCSV, * only if we're willing to complete an SSL 3.0 handshake. @@ -5035,8 +5048,8 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) ssl3_DisableNonDTLSSuites(ss); } - /* how many suites are permitted by user preference? */ - num_suites = count_cipher_suites(ss); + /* how many suites are permitted by policy and user preference? */ + num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); if (!num_suites) return SECFailure; /* count_cipher_suites has set error code. */ if (ss->ssl3.hs.sendingSCSV) { @@ -5126,7 +5139,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) } for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; - if (cipher_suite_available(suite)) { + if (config_match(suite, ss->ssl3.policy, PR_TRUE)) { actual_count++; if (actual_count > num_suites) { /* set error card removal/insertion error */ @@ -6157,11 +6170,11 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) if (temp < 0) { goto loser; /* alert has been sent */ } - ssl3_cipher_suite_available_init(ss); + ssl3_config_match_init(ss); for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; if (temp == suite->cipher_suite) { - if (!cipher_suite_available(suite)) { + if (!config_match(suite, ss->ssl3.policy, PR_TRUE)) { break; /* failure */ } if (!ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, @@ -7163,6 +7176,7 @@ ssl3_NewSessionID(sslSocket *ss, PRBool is_server) sid->version = ss->version; sid->u.ssl3.keys.resumable = PR_TRUE; + sid->u.ssl3.policy = SSL_ALLOWED; sid->u.ssl3.clientWriteKey = NULL; sid->u.ssl3.serverWriteKey = NULL; @@ -7543,8 +7557,8 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) } #ifdef PARANOID - /* Look for an available cipher suite. */ - j = ssl3_cipher_suite_available_init(ss); + /* Look for a matching cipher suite. */ + j = ssl3_config_match_init(ss); if (j <= 0) { /* no ciphers are working/supported by PK11 */ errCode = PORT_GetError(); /* error code is already set. */ goto alert_loser; @@ -7580,11 +7594,12 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) if (j <= 0) break; #ifdef PARANOID - /* Double check that the cached cipher suite is still enabled and - * implemented. Might have been disabled. + /* Double check that the cached cipher suite is still enabled, + * implemented, and allowed by policy. Might have been disabled. + * The product policy won't change during the process lifetime. * Implemented ("isPresent") shouldn't change for servers. */ - if (!cipher_suite_available(suite)) + if (!config_match(suite, ss->ssl3.policy, PR_TRUE)) break; #else if (!suite->enabled) @@ -7608,8 +7623,8 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) /* START A NEW SESSION */ #ifndef PARANOID - /* Look for an available cipher suite. */ - j = ssl3_cipher_suite_available_init(ss); + /* Look for a matching cipher suite. */ + j = ssl3_config_match_init(ss); if (j <= 0) { /* no ciphers are working/supported by PK11 */ errCode = PORT_GetError(); /* error code is already set. */ goto alert_loser; @@ -7632,7 +7647,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) */ for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; - if (!cipher_suite_available(suite) || + if (!config_match(suite, ss->ssl3.policy, PR_TRUE) || !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, ss->version)) { continue; @@ -7954,7 +7969,7 @@ compression_found: ret = SSL_SNI_SEND_ALERT; break; } - configedCiphers = ssl3_cipher_suite_available_init(ss); + configedCiphers = ssl3_config_match_init(ss); if (configedCiphers <= 0) { /* no ciphers are working/supported */ errCode = PORT_GetError(); @@ -8151,7 +8166,7 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length) /* Disable any ECC cipher suites for which we have no cert. */ ssl3_FilterECCipherSuitesByServerCerts(ss); #endif - i = ssl3_cipher_suite_available_init(ss); + i = ssl3_config_match_init(ss); if (i <= 0) { errCode = PORT_GetError(); /* error code is already set. */ goto alert_loser; @@ -8166,7 +8181,7 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length) */ for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) { ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j]; - if (!cipher_suite_available(suite) || + if (!config_match(suite, ss->ssl3.policy, PR_TRUE) || !ssl3_CipherSuiteAllowedForVersion(suite->cipher_suite, ss->version)) { continue; @@ -10253,6 +10268,7 @@ xmit_loser: /* fill in the sid */ sid->u.ssl3.cipherSuite = ss->ssl3.hs.cipher_suite; sid->u.ssl3.compression = ss->ssl3.hs.compression; + sid->u.ssl3.policy = ss->ssl3.policy; #ifdef NSS_ENABLE_ECC sid->u.ssl3.negotiatedECCurves = ss->ssl3.hs.negotiatedECCurves; #endif @@ -11349,6 +11365,8 @@ ssl3_InitState(sslSocket *ss) if (ss->ssl3.initialized) return SECSuccess; /* Function should be idempotent */ + ss->ssl3.policy = SSL_ALLOWED; + ssl_GetSpecWriteLock(ss); ss->ssl3.crSpec = ss->ssl3.cwSpec = &ss->ssl3.specs[0]; ss->ssl3.prSpec = ss->ssl3.pwSpec = &ss->ssl3.specs[1]; @@ -11458,6 +11476,40 @@ ssl3_CreateRSAStepDownKeys(sslSocket *ss) } +/* record the export policy for this cipher suite */ +SECStatus +ssl3_SetPolicy(ssl3CipherSuite which, int policy) +{ + ssl3CipherSuiteCfg *suite; + + suite = ssl_LookupCipherSuiteCfg(which, cipherSuites); + if (suite == NULL) { + return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */ + } + suite->policy = policy; + + return SECSuccess; +} + +SECStatus +ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy) +{ + ssl3CipherSuiteCfg *suite; + PRInt32 policy; + SECStatus rv; + + suite = ssl_LookupCipherSuiteCfg(which, cipherSuites); + if (suite) { + policy = suite->policy; + rv = SECSuccess; + } else { + policy = SSL_NOT_ALLOWED; + rv = SECFailure; /* err code was set by Lookup. */ + } + *oPolicy = policy; + return rv; +} + /* record the user preference for this suite */ SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled) @@ -11524,15 +11576,15 @@ ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *enabled) return rv; } -/* copy global default ciphersuite preferences into socket. */ +/* copy global default policy into socket. */ void -ssl3_InitSocketCipherSuites(sslSocket *ss) +ssl3_InitSocketPolicy(sslSocket *ss) { PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites); } -/* ssl3_cipher_suite_available_init must have already been called by the caller - * of this function. +/* ssl3_config_match_init must have already been called by + * the caller of this function. */ SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size) @@ -11549,15 +11601,14 @@ ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size) return SECSuccess; } if (cs == NULL) { - *size = count_cipher_suites(ss); + *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE); return SECSuccess; } - /* ssl3_cipher_suite_available_init was called by the caller of this - * function. */ + /* ssl3_config_match_init was called by the caller of this function. */ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; - if (cipher_suite_available(suite)) { + if (config_match(suite, SSL_ALLOWED, PR_TRUE)) { if (cs != NULL) { *cs++ = 0x00; *cs++ = (suite->cipher_suite >> 8) & 0xFF; diff --git a/lib/ssl/ssl3ecc.c b/lib/ssl/ssl3ecc.c index 4df9b6270..6380cfe3c 100644 --- a/lib/ssl/ssl3ecc.c +++ b/lib/ssl/ssl3ecc.c @@ -1006,7 +1006,7 @@ ssl3_FilterECCipherSuitesByServerCerts(sslSocket * ss) } /* Ask: is ANY ECC cipher suite enabled on this socket? */ -/* Order(N^2). Yuk. */ +/* Order(N^2). Yuk. Also, this ignores export policy. */ PRBool ssl3_IsECCEnabled(sslSocket * ss) { diff --git a/lib/ssl/sslcon.c b/lib/ssl/sslcon.c index 626839e90..bd0ffb8c8 100644 --- a/lib/ssl/sslcon.c +++ b/lib/ssl/sslcon.c @@ -20,6 +20,8 @@ #include "prinit.h" #include "prtime.h" /* for PR_Now() */ +static PRBool policyWasSet; + /* This ordered list is indexed by (SSL_CK_xx * 3) */ /* Second and third bytes are MSB and LSB of master key length. */ static const PRUint8 allCipherSuites[] = { @@ -112,12 +114,14 @@ const char * const ssl_cipherName[] = { }; -/* bit-mask, showing which SSLv2 suites are allowed. +/* bit-masks, showing which SSLv2 suites are allowed. * lsb corresponds to first cipher suite in allCipherSuites[]. */ +static PRUint16 allowedByPolicy; /* all off by default */ +static PRUint16 maybeAllowedByPolicy; /* all off by default */ static PRUint16 chosenPreference = 0xff; /* all on by default */ -/* bit values for the above bit mask */ +/* bit values for the above two bit masks */ #define SSL_CB_RC4_128_WITH_MD5 (1 << SSL_CK_RC4_128_WITH_MD5) #define SSL_CB_RC4_128_EXPORT40_WITH_MD5 (1 << SSL_CK_RC4_128_EXPORT40_WITH_MD5) #define SSL_CB_RC2_128_CBC_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_WITH_MD5) @@ -152,19 +156,19 @@ ssl2_ConstructCipherSpecs(sslSocket *ss) count = 0; PORT_Assert(ss != 0); allowed = !ss->opt.enableSSL2 ? 0 : - (ss->chosenPreference & SSL_CB_IMPLEMENTED); + (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED); while (allowed) { if (allowed & 1) ++count; allowed >>= 1; } - /* Call ssl3_cipher_suite_available_init() once here, + /* Call ssl3_config_match_init() once here, * instead of inside ssl3_ConstructV2CipherSpecsHack(), * because the latter gets called twice below, * and then again in ssl2_BeginClientHandshake(). */ - ssl3_cipher_suite_available_init(ss); + ssl3_config_match_init(ss); /* ask SSL3 how many cipher suites it has. */ rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count); @@ -188,7 +192,7 @@ ssl2_ConstructCipherSpecs(sslSocket *ss) /* fill in cipher specs for SSL2 cipher suites */ allowed = !ss->opt.enableSSL2 ? 0 : - (ss->chosenPreference & SSL_CB_IMPLEMENTED); + (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED); for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) { const PRUint8 * hs = implementedCipherSuites + i; int ok = allowed & (1U << hs[0]); @@ -220,6 +224,7 @@ ssl2_ConstructCipherSpecs(sslSocket *ss) static SECStatus ssl2_CheckConfigSanity(sslSocket *ss) { + unsigned int allowed; int ssl3CipherCount = 0; SECStatus rv; @@ -229,11 +234,11 @@ ssl2_CheckConfigSanity(sslSocket *ss) if (!ss->cipherSpecs) goto disabled; - if (!ss->chosenPreference) + allowed = ss->allowedByPolicy & ss->chosenPreference; + if (! allowed) ss->opt.enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */ - /* ssl3_cipher_suite_available_init was called in - * ssl2_ConstructCipherSpecs(). */ + /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */ /* Ask how many ssl3 CipherSuites were enabled. */ rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount); if (rv != SECSuccess || ssl3CipherCount <= 0) { @@ -255,6 +260,67 @@ disabled: /* * Since this is a global (not per-socket) setting, we cannot use the * HandshakeLock to protect this. Probably want a global lock. + */ +SECStatus +ssl2_SetPolicy(PRInt32 which, PRInt32 policy) +{ + PRUint32 bitMask; + SECStatus rv = SECSuccess; + + which &= 0x000f; + bitMask = 1 << which; + + if (!(bitMask & SSL_CB_IMPLEMENTED)) { + PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); + return SECFailure; + } + + if (policy == SSL_ALLOWED) { + allowedByPolicy |= bitMask; + maybeAllowedByPolicy |= bitMask; + } else if (policy == SSL_RESTRICTED) { + allowedByPolicy &= ~bitMask; + maybeAllowedByPolicy |= bitMask; + } else { + allowedByPolicy &= ~bitMask; + maybeAllowedByPolicy &= ~bitMask; + } + allowedByPolicy &= SSL_CB_IMPLEMENTED; + maybeAllowedByPolicy &= SSL_CB_IMPLEMENTED; + + policyWasSet = PR_TRUE; + return rv; +} + +SECStatus +ssl2_GetPolicy(PRInt32 which, PRInt32 *oPolicy) +{ + PRUint32 bitMask; + PRInt32 policy; + + which &= 0x000f; + bitMask = 1 << which; + + /* Caller assures oPolicy is not null. */ + if (!(bitMask & SSL_CB_IMPLEMENTED)) { + PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); + *oPolicy = SSL_NOT_ALLOWED; + return SECFailure; + } + + if (maybeAllowedByPolicy & bitMask) { + policy = (allowedByPolicy & bitMask) ? SSL_ALLOWED : SSL_RESTRICTED; + } else { + policy = SSL_NOT_ALLOWED; + } + + *oPolicy = policy; + return SECSuccess; +} + +/* + * Since this is a global (not per-socket) setting, we cannot use the + * HandshakeLock to protect this. Probably want a global lock. * Called from SSL_CipherPrefSetDefault in sslsock.c * These changes have no effect on any sslSockets already created. */ @@ -343,10 +409,12 @@ ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled) } -/* copy global default cipher suite preferences into socket. */ +/* copy global default policy into socket. */ void -ssl2_InitSocketCipherSuites(sslSocket *ss) +ssl2_InitSocketPolicy(sslSocket *ss) { + ss->allowedByPolicy = allowedByPolicy; + ss->maybeAllowedByPolicy = maybeAllowedByPolicy; ss->chosenPreference = chosenPreference; } @@ -1487,7 +1555,7 @@ ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits, unsigned int dkLen; /* decrypted key length in bytes */ int modulusLen; SECStatus rv; - PRUint16 allowed; /* cipher kinds enabled */ + PRUint16 allowed; /* cipher kinds enabled and allowed by policy */ PRUint8 mkbuf[SSL_MAX_MASTER_KEY_BYTES]; PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); @@ -1515,7 +1583,7 @@ ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits, goto loser; } - allowed = ss->chosenPreference & SSL_CB_IMPLEMENTED; + allowed = ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED; if (!(allowed & (1 << cipher))) { /* client chose a kind we don't allow! */ SSL_DBG(("%d: SSL[%d]: disallowed cipher=%d", @@ -1745,7 +1813,8 @@ ssl2_ChooseSessionCypher(sslSocket *ss, } if (!ss->preferredCipher) { - unsigned int allowed = ss->chosenPreference & SSL_CB_IMPLEMENTED; + unsigned int allowed = ss->allowedByPolicy & ss->chosenPreference & + SSL_CB_IMPLEMENTED; if (allowed) { preferred = implementedCipherSuites; for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) { diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h index c98be1855..bf12e6b0b 100644 --- a/lib/ssl/sslimpl.h +++ b/lib/ssl/sslimpl.h @@ -264,15 +264,17 @@ struct sslBufferStr { }; /* -** SSL3 cipher suite preference struct. +** SSL3 cipher suite policy and preference struct. */ typedef struct { #if !defined(_WIN32) unsigned int cipher_suite : 16; + unsigned int policy : 8; unsigned int enabled : 1; unsigned int isPresent : 1; #else ssl3CipherSuite cipher_suite; + PRUint8 policy; unsigned char enabled : 1; unsigned char isPresent : 1; #endif @@ -628,6 +630,7 @@ struct sslSessionIDStr { ssl3CipherSuite cipherSuite; SSLCompressionMethod compression; + int policy; ssl3SidKeys keys; CK_MECHANISM_TYPE masterWrapMech; /* mechanism used to wrap master secret */ @@ -906,6 +909,10 @@ struct ssl3StateStr { CERTCertificateList *clientCertChain; /* used by client */ PRBool sendEmptyCert; /* used by client */ + int policy; + /* This says what cipher suites we can do, and should + * be either SSL_ALLOWED or SSL_RESTRICTED + */ PLArenaPool * peerCertArena; /* These are used to keep track of the peer CA */ void * peerCertChain; @@ -1201,6 +1208,8 @@ const unsigned char * preferredCipher; PRUint16 shutdownHow; /* See ssl_SHUTDOWN defines below. */ + PRUint16 allowedByPolicy; /* copy of global policy bits. */ + PRUint16 maybeAllowedByPolicy; /* copy of global policy bits. */ PRUint16 chosenPreference; /* SSL2 cipher preferences. */ sslHandshakingType handshaking; @@ -1592,8 +1601,13 @@ extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled); extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled); -extern void ssl2_InitSocketCipherSuites(sslSocket *ss); -extern void ssl3_InitSocketCipherSuites(sslSocket *ss); +extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy); +extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy); +extern SECStatus ssl2_SetPolicy(PRInt32 which, PRInt32 policy); +extern SECStatus ssl2_GetPolicy(PRInt32 which, PRInt32 *policy); + +extern void ssl2_InitSocketPolicy(sslSocket *ss); +extern void ssl3_InitSocketPolicy(sslSocket *ss); extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size); @@ -1729,9 +1743,9 @@ extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char* data, extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd); extern void ssl_FreePRSocket(PRFileDesc *fd); -/* Internal config function so SSL3 can test the present state of various - * ciphers */ -extern int ssl3_cipher_suite_available_init(sslSocket *); +/* Internal config function so SSL3 can initialize the present state of + * various ciphers */ +extern int ssl3_config_match_init(sslSocket *); /* Create a new ref counted key pair object from two keys. */ diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c index 593a03434..273bc12d4 100644 --- a/lib/ssl/sslsock.c +++ b/lib/ssl/sslsock.c @@ -202,7 +202,9 @@ ssl_DupSocket(sslSocket *os) ss->cTimeout = os->cTimeout; ss->dbHandle = os->dbHandle; - /* copy ssl2&3 prefs, even if it's not selected (yet) */ + /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */ + ss->allowedByPolicy = os->allowedByPolicy; + ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy; ss->chosenPreference = os->chosenPreference; PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites); PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, os->ssl3.dtlsSRTPCiphers, @@ -1079,23 +1081,62 @@ ssl_IsRemovedCipherSuite(PRInt32 suite) } } +/* Part of the public NSS API. + * Since this is a global (not per-socket) setting, we cannot use the + * HandshakeLock to protect this. Probably want a global lock. + */ SECStatus SSL_SetPolicy(long which, int policy) { - return SECSuccess; + if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) { + /* one of the two old FIPS ciphers */ + if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) + which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA; + else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA) + which = SSL_RSA_FIPS_WITH_DES_CBC_SHA; + } + if (ssl_IsRemovedCipherSuite(which)) + return SECSuccess; + return SSL_CipherPolicySet(which, policy); } SECStatus SSL_CipherPolicySet(PRInt32 which, PRInt32 policy) { - return SECSuccess; + SECStatus rv = ssl_Init(); + + if (rv != SECSuccess) { + return rv; + } + + if (ssl_IsRemovedCipherSuite(which)) { + rv = SECSuccess; + } else if (SSL_IS_SSL2_CIPHER(which)) { + rv = ssl2_SetPolicy(which, policy); + } else { + rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy); + } + return rv; } SECStatus SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy) { - *oPolicy = SSL_ALLOWED; - return SECSuccess; + SECStatus rv; + + if (!oPolicy) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (ssl_IsRemovedCipherSuite(which)) { + *oPolicy = SSL_NOT_ALLOWED; + rv = SECSuccess; + } else if (SSL_IS_SSL2_CIPHER(which)) { + rv = ssl2_GetPolicy(which, oPolicy); + } else { + rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy); + } + return rv; } /* Part of the public NSS API. @@ -1214,19 +1255,27 @@ SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled) SECStatus NSS_SetDomesticPolicy(void) { - return SECSuccess; + SECStatus status = SECSuccess; + const PRUint16 *cipher; + + for (cipher = SSL_ImplementedCiphers; *cipher != 0; ++cipher) { + status = SSL_SetPolicy(*cipher, SSL_ALLOWED); + if (status != SECSuccess) + break; + } + return status; } SECStatus NSS_SetExportPolicy(void) { - return SECSuccess; + return NSS_SetDomesticPolicy(); } SECStatus NSS_SetFrancePolicy(void) { - return SECSuccess; + return NSS_SetDomesticPolicy(); } @@ -2850,8 +2899,8 @@ ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protocolVariant) ss->ephemeralECDHKeyPair = NULL; ssl_ChooseOps(ss); - ssl2_InitSocketCipherSuites(ss); - ssl3_InitSocketCipherSuites(ss); + ssl2_InitSocketPolicy(ss); + ssl3_InitSocketPolicy(ss); PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight); if (makeLocks) { |