diff options
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.c | 4 | ||||
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.h | 1 | ||||
-rw-r--r-- | gtests/ssl_gtest/ssl_0rtt_unittest.cc | 9 | ||||
-rw-r--r-- | gtests/ssl_gtest/tls_agent.cc | 4 | ||||
-rw-r--r-- | gtests/ssl_gtest/tls_connect.cc | 1 | ||||
-rw-r--r-- | lib/ssl/ssl3exthandle.c | 2 | ||||
-rw-r--r-- | lib/ssl/sslexp.h | 8 | ||||
-rw-r--r-- | lib/ssl/sslimpl.h | 2 | ||||
-rw-r--r-- | lib/ssl/sslsock.c | 70 | ||||
-rw-r--r-- | lib/ssl/tls13con.c | 4 |
10 files changed, 41 insertions, 64 deletions
diff --git a/gtests/ssl_gtest/libssl_internals.c b/gtests/ssl_gtest/libssl_internals.c index 17b4ffe49..887d85278 100644 --- a/gtests/ssl_gtest/libssl_internals.c +++ b/gtests/ssl_gtest/libssl_internals.c @@ -332,6 +332,10 @@ void SSLInt_SetTicketLifetime(uint32_t lifetime) { ssl_ticket_lifetime = lifetime; } +void SSLInt_SetMaxEarlyDataSize(uint32_t size) { + ssl_max_early_data_size = size; +} + SECStatus SSLInt_SetSocketMaxEarlyDataSize(PRFileDesc *fd, uint32_t size) { sslSocket *ss; diff --git a/gtests/ssl_gtest/libssl_internals.h b/gtests/ssl_gtest/libssl_internals.h index 3efb362c2..95d4afdaf 100644 --- a/gtests/ssl_gtest/libssl_internals.h +++ b/gtests/ssl_gtest/libssl_internals.h @@ -50,6 +50,7 @@ PK11SymKey *SSLInt_CipherSpecToKey(const ssl3CipherSpec *spec); SSLCipherAlgorithm SSLInt_CipherSpecToAlgorithm(const ssl3CipherSpec *spec); const PRUint8 *SSLInt_CipherSpecToIv(const ssl3CipherSpec *spec); void SSLInt_SetTicketLifetime(uint32_t lifetime); +void SSLInt_SetMaxEarlyDataSize(uint32_t size); SECStatus SSLInt_SetSocketMaxEarlyDataSize(PRFileDesc *fd, uint32_t size); void SSLInt_RolloverAntiReplay(void); diff --git a/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/gtests/ssl_gtest/ssl_0rtt_unittest.cc index 2b4f21096..a60295490 100644 --- a/gtests/ssl_gtest/ssl_0rtt_unittest.cc +++ b/gtests/ssl_gtest/ssl_0rtt_unittest.cc @@ -455,13 +455,10 @@ static void CheckEarlyDataLimit(const std::shared_ptr<TlsAgent>& agent, } TEST_P(TlsConnectTls13, SendTooMuchEarlyData) { - EnsureTlsSetup(); const char* big_message = "0123456789abcdef"; const size_t short_size = strlen(big_message) - 1; const PRInt32 short_length = static_cast<PRInt32>(short_size); - EXPECT_EQ(SECSuccess, - SSL_SetMaxEarlyDataSize(server_->ssl_fd(), - static_cast<PRUint32>(short_size))); + SSLInt_SetMaxEarlyDataSize(static_cast<PRUint32>(short_size)); SetupForZeroRtt(); client_->Set0RttEnabled(true); @@ -513,10 +510,8 @@ TEST_P(TlsConnectTls13, SendTooMuchEarlyData) { } TEST_P(TlsConnectTls13, ReceiveTooMuchEarlyData) { - EnsureTlsSetup(); - const size_t limit = 5; - EXPECT_EQ(SECSuccess, SSL_SetMaxEarlyDataSize(server_->ssl_fd(), limit)); + SSLInt_SetMaxEarlyDataSize(limit); SetupForZeroRtt(); client_->Set0RttEnabled(true); diff --git a/gtests/ssl_gtest/tls_agent.cc b/gtests/ssl_gtest/tls_agent.cc index a038b572e..3b939bba8 100644 --- a/gtests/ssl_gtest/tls_agent.cc +++ b/gtests/ssl_gtest/tls_agent.cc @@ -182,10 +182,6 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { ScopedCERTCertList anchors(CERT_NewCertList()); rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); if (rv != SECSuccess) return false; - - rv = SSL_SetMaxEarlyDataSize(ssl_fd(), 1024); - EXPECT_EQ(SECSuccess, rv); - if (rv != SECSuccess) return false; } else { rv = SSL_SetURL(ssl_fd(), "server"); EXPECT_EQ(SECSuccess, rv); diff --git a/gtests/ssl_gtest/tls_connect.cc b/gtests/ssl_gtest/tls_connect.cc index 966d79065..0116bda45 100644 --- a/gtests/ssl_gtest/tls_connect.cc +++ b/gtests/ssl_gtest/tls_connect.cc @@ -197,6 +197,7 @@ void TlsConnectTestBase::SetUp() { SSL_ConfigServerSessionIDCache(1024, 0, 0, g_working_dir_path.c_str()); SSLInt_ClearSelfEncryptKey(); SSLInt_SetTicketLifetime(30); + SSLInt_SetMaxEarlyDataSize(1024); SSL_SetupAntiReplay(1 * PR_USEC_PER_SEC, 1, 3); ClearStats(); Init(); diff --git a/lib/ssl/ssl3exthandle.c b/lib/ssl/ssl3exthandle.c index 608332936..c0fbda7ab 100644 --- a/lib/ssl/ssl3exthandle.c +++ b/lib/ssl/ssl3exthandle.c @@ -821,7 +821,7 @@ ssl3_EncodeSessionTicket(sslSocket *ss, const NewSessionTicket *ticket, if (rv != SECSuccess) goto loser; - rv = sslBuffer_AppendNumber(&plaintext, ss->opt.maxEarlyDataSize, 4); + rv = sslBuffer_AppendNumber(&plaintext, ssl_max_early_data_size, 4); if (rv != SECSuccess) goto loser; diff --git a/lib/ssl/sslexp.h b/lib/ssl/sslexp.h index 697dcb520..569add861 100644 --- a/lib/ssl/sslexp.h +++ b/lib/ssl/sslexp.h @@ -350,14 +350,6 @@ typedef SSLHelloRetryRequestAction(PR_CALLBACK *SSLHelloRetryRequestCallback)( (PRFileDesc * _fd, PRBool _requestUpdate), \ (fd, requestUpdate)) -/* TLS 1.3 allows a server to set a limit on the number of bytes of early data - * that can be received. This allows that limit to be set. Calling this function - * has no effect on a client. */ -#define SSL_SetMaxEarlyDataSize(fd, size) \ - SSL_EXPERIMENTAL_API("SSL_SetMaxEarlyDataSize", \ - (PRFileDesc * _fd, PRUint32 _size), \ - (fd, size)) - #define SSL_UseAltServerHelloType(fd, enable) \ SSL_DEPRECATED_EXPERIMENTAL_API diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h index 5964e5005..dee9aa20f 100644 --- a/lib/ssl/sslimpl.h +++ b/lib/ssl/sslimpl.h @@ -230,7 +230,6 @@ typedef struct sslOptionsStr { * list of supported protocols. */ SECItem nextProtoNego; - PRUint32 maxEarlyDataSize; unsigned int useSecurity : 1; unsigned int useSocks : 1; unsigned int requestCertificate : 1; @@ -1076,6 +1075,7 @@ extern FILE *ssl_keylog_iob; extern PZLock *ssl_keylog_lock; extern PRUint32 ssl3_sid_timeout; extern PRUint32 ssl_ticket_lifetime; +extern PRUint32 ssl_max_early_data_size; extern const char *const ssl3_cipherName[]; diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c index 02ca3ad1b..4893cb9f9 100644 --- a/lib/ssl/sslsock.c +++ b/lib/ssl/sslsock.c @@ -53,35 +53,34 @@ static const sslSocketOps ssl_secure_ops = { /* SSL. */ ** default settings for socket enables */ static sslOptions ssl_defaults = { - .nextProtoNego = { siBuffer, NULL, 0 }, - .maxEarlyDataSize = 1 << 16, - .useSecurity = PR_TRUE, - .useSocks = PR_FALSE, - .requestCertificate = PR_FALSE, - .requireCertificate = SSL_REQUIRE_FIRST_HANDSHAKE, - .handshakeAsClient = PR_FALSE, - .handshakeAsServer = PR_FALSE, - .noCache = PR_FALSE, - .fdx = PR_FALSE, - .detectRollBack = PR_TRUE, - .noLocks = PR_FALSE, - .enableSessionTickets = PR_FALSE, - .enableDeflate = PR_FALSE, - .enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN, - .requireSafeNegotiation = PR_FALSE, - .enableFalseStart = PR_FALSE, - .cbcRandomIV = PR_TRUE, - .enableOCSPStapling = PR_FALSE, - .enableNPN = PR_FALSE, - .enableALPN = PR_TRUE, - .reuseServerECDHEKey = PR_TRUE, - .enableFallbackSCSV = PR_FALSE, - .enableServerDhe = PR_TRUE, - .enableExtendedMS = PR_FALSE, - .enableSignedCertTimestamps = PR_FALSE, - .requireDHENamedGroups = PR_FALSE, - .enable0RttData = PR_FALSE, - .enableTls13CompatMode = PR_FALSE + { siBuffer, NULL, 0 }, /* nextProtoNego */ + PR_TRUE, /* useSecurity */ + PR_FALSE, /* useSocks */ + PR_FALSE, /* requestCertificate */ + 2, /* requireCertificate */ + PR_FALSE, /* handshakeAsClient */ + PR_FALSE, /* handshakeAsServer */ + PR_FALSE, /* noCache */ + PR_FALSE, /* fdx */ + PR_TRUE, /* detectRollBack */ + PR_FALSE, /* noLocks */ + PR_FALSE, /* enableSessionTickets */ + PR_FALSE, /* enableDeflate */ + 2, /* enableRenegotiation (default: requires extension) */ + PR_FALSE, /* requireSafeNegotiation */ + PR_FALSE, /* enableFalseStart */ + PR_TRUE, /* cbcRandomIV */ + PR_FALSE, /* enableOCSPStapling */ + PR_FALSE, /* enableNPN */ + PR_TRUE, /* enableALPN */ + PR_TRUE, /* reuseServerECDHEKey */ + PR_FALSE, /* enableFallbackSCSV */ + PR_TRUE, /* enableServerDhe */ + PR_FALSE, /* enableExtendedMS */ + PR_FALSE, /* enableSignedCertTimestamps */ + PR_FALSE, /* requireDHENamedGroups */ + PR_FALSE, /* enable0RttData */ + PR_FALSE /* enableTls13CompatMode */ }; /* @@ -1253,18 +1252,6 @@ SSL_OptionSetDefault(PRInt32 which, PRIntn val) return SECSuccess; } -SECStatus -SSLExp_SetMaxEarlyDataSize(PRFileDesc *fd, PRUint32 size) -{ - sslSocket *ss = ssl_FindSocket(fd); - if (!ss) { - return SECFailure; /* Error code already set. */ - } - - ss->opt.maxEarlyDataSize = size; - return SECSuccess; -} - /* function tells us if the cipher suite is one that we no longer support. */ static PRBool ssl_IsRemovedCipherSuite(PRInt32 suite) @@ -3945,7 +3932,6 @@ struct { EXP(InstallExtensionHooks), EXP(KeyUpdate), EXP(SendSessionTicket), - EXP(SetMaxEarlyDataSize), EXP(SetupAntiReplay), #endif { "", NULL } diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c index 0fbe78fe9..cef40e10d 100644 --- a/lib/ssl/tls13con.c +++ b/lib/ssl/tls13con.c @@ -4418,6 +4418,8 @@ tls13_SendClientSecondRound(sslSocket *ss) * } NewSessionTicket; */ +PRUint32 ssl_max_early_data_size = (2 << 16); /* Arbitrary limit. */ + static SECStatus tls13_SendNewSessionTicket(sslSocket *ss, const PRUint8 *appToken, unsigned int appTokenLen) @@ -4519,7 +4521,7 @@ tls13_SendNewSessionTicket(sslSocket *ss, const PRUint8 *appToken, if (rv != SECSuccess) goto loser; - rv = ssl3_AppendHandshakeNumber(ss, ss->opt.maxEarlyDataSize, 4); + rv = ssl3_AppendHandshakeNumber(ss, ssl_max_early_data_size, 4); if (rv != SECSuccess) goto loser; } |