diff options
author | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2017-10-04 10:05:29 +0200 |
---|---|---|
committer | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2017-10-04 10:05:29 +0200 |
commit | c21e2ced85ff55b338ea1758179d358126d9204b (patch) | |
tree | 3668ddadcb3fd25e22f924ed134802ef00e53803 /lib/ssl/sslinfo.c | |
parent | 3115c20ff63a76c52371a1ea506deea36514f9ad (diff) | |
download | nss-hg-c21e2ced85ff55b338ea1758179d358126d9204b.tar.gz |
Bug 1396525 - put keaGroup and sigScheme in the cache so we can put it in SSLChannelInfo, r=mt
Summary: This adds originalKeaGroup and resumed fields to the SSLChannelInfo, which provide information about the key exchange group of the original TLS handshake when the session is resumed, and information whether a session is resumed or not.
To do this this patch adds the keaGroup and sigScheme to the session cache and the session ticket.
Reviewers: mt
Reviewed By: mt
Bug #: 1396525
Differential Revision: https://phabricator.services.mozilla.com/D29
Diffstat (limited to 'lib/ssl/sslinfo.c')
-rw-r--r-- | lib/ssl/sslinfo.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/lib/ssl/sslinfo.c b/lib/ssl/sslinfo.c index 88162d814..e4416a57c 100644 --- a/lib/ssl/sslinfo.c +++ b/lib/ssl/sslinfo.c @@ -78,11 +78,22 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) /* Get these fromm |ss->sec| because that is accurate * even with TLS 1.3 disaggregated cipher suites. */ inf.keaType = ss->sec.keaType; - inf.keaGroup = ss->sec.keaGroup ? ss->sec.keaGroup->name : ssl_grp_none; + inf.originalKeaGroup = ss->sec.originalKeaGroup + ? ss->sec.originalKeaGroup->name + : ssl_grp_none; + inf.keaGroup = ss->sec.keaGroup + ? ss->sec.keaGroup->name + : ssl_grp_none; inf.keaKeyBits = ss->sec.keaKeyBits; inf.authType = ss->sec.authType; inf.authKeyBits = ss->sec.authKeyBits; inf.signatureScheme = ss->sec.signatureScheme; + /* If this is a resumed session, signatureScheme isn't set in ss->sec. + * Use the signature scheme from the previous handshake. */ + if (inf.signatureScheme == ssl_sig_none && sid->sigScheme) { + inf.signatureScheme = sid->sigScheme; + } + inf.resumed = ss->statelessResume || ss->ssl3.hs.isResuming; } if (sid) { unsigned int sidLen; |