Bug 537356: Rename SCSV. In the final RFC, the symbolic name of the SCSV
authorwtc%google.com
Tue, 16 Feb 2010 18:56:48 +0000
changeset 9563 928e5554cbf1d3b9d656e0bf01539ad259cf897c
parent 9562 cc69c93c73b58ea4de1f890725a7488207268665
child 9564 0dfdbdc3f5bc98572c2595cdd0d08495b54134ee
push idunknown
push userunknown
push dateunknown
bugs537356
Bug 537356: Rename SCSV. In the final RFC, the symbolic name of the SCSV changed to TLS_EMPTY_RENEGOTIATION_INFO_SCSV. r=christophe,rrelyea. Modified Files: cmd/ssltap/ssltap.c lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/sslproto.h
security/nss/cmd/ssltap/ssltap.c
security/nss/lib/ssl/ssl.h
security/nss/lib/ssl/ssl3con.c
security/nss/lib/ssl/sslproto.h
--- a/security/nss/cmd/ssltap/ssltap.c
+++ b/security/nss/cmd/ssltap/ssltap.c
@@ -421,17 +421,17 @@ const char * V2CipherString(int cs_int)
   case 0x000095:    cs_str = "TLS/RSA-PSK/AES256-CBC/SHA";	break;  
   case 0x000096:    cs_str = "TLS/RSA/SEED-CBC/SHA";		break;         
   case 0x000097:    cs_str = "TLS/DH-DSS/SEED-CBC/SHA";		break;      
   case 0x000098:    cs_str = "TLS/DH-RSA/SEED-CBC/SHA";		break;      
   case 0x000099:    cs_str = "TLS/DHE-DSS/SEED-CBC/SHA";	break;     
   case 0x00009A:    cs_str = "TLS/DHE-RSA/SEED-CBC/SHA";	break;     
   case 0x00009B:    cs_str = "TLS/DH-ANON/SEED-CBC/SHA";	break;     
 
-  case 0x0000FF:    cs_str = "TLS_RENEGO_PROTECTION_REQUEST";	break;
+  case 0x0000FF:    cs_str = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; break;
 
   case 0x00C001:    cs_str = "TLS/ECDH-ECDSA/NULL/SHA";         break;
   case 0x00C002:    cs_str = "TLS/ECDH-ECDSA/RC4-128/SHA";      break;
   case 0x00C003:    cs_str = "TLS/ECDH-ECDSA/3DES-EDE-CBC/SHA"; break;
   case 0x00C004:    cs_str = "TLS/ECDH-ECDSA/AES128-CBC/SHA";   break;
   case 0x00C005:    cs_str = "TLS/ECDH-ECDSA/AES256-CBC/SHA";   break;
   case 0x00C006:    cs_str = "TLS/ECDHE-ECDSA/NULL/SHA";        break;
   case 0x00C007:    cs_str = "TLS/ECDHE-ECDSA/RC4-128/SHA";     break;
--- a/security/nss/lib/ssl/ssl.h
+++ b/security/nss/lib/ssl/ssl.h
@@ -118,17 +118,17 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFi
 					  /* step-down keys if needed.      */
 #define SSL_BYPASS_PKCS11              16 /* use PKCS#11 for pub key only   */
 #define SSL_NO_LOCKS                   17 /* Don't use locks for protection */
 #define SSL_ENABLE_SESSION_TICKETS     18 /* Enable TLS SessionTicket       */
                                           /* extension (off by default)     */
 #define SSL_ENABLE_DEFLATE             19 /* Enable TLS compression with    */
                                           /* DEFLATE (off by default)       */
 #define SSL_ENABLE_RENEGOTIATION       20 /* Values below (default: never)  */
-#define SSL_REQUIRE_SAFE_NEGOTIATION   21 /* Peer must send Signalling      */
+#define SSL_REQUIRE_SAFE_NEGOTIATION   21 /* Peer must send Signaling       */
 					  /* Cipher Suite Value (SCSV) or   */
                                           /* Renegotiation  Info (RI)       */
 					  /* extension in ALL handshakes.   */
                                           /* default: off                   */
 
 #ifdef SSL_DEPRECATED_FUNCTION 
 /* Old deprecated function names */
 SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -3950,17 +3950,17 @@ ssl3_SendClientHello(sslSocket *ss)
 
     rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2);
     if (rv != SECSuccess) {
 	return rv;	/* err set by ssl3_AppendHandshake* */
     }
 
     if (ss->ssl3.hs.sendingSCSV) {
 	/* Add the actual SCSV */
-	rv = ssl3_AppendHandshakeNumber(ss, TLS_RENEGO_PROTECTION_REQUEST,
+	rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
 					sizeof(ssl3CipherSuite));
 	if (rv != SECSuccess) {
 	    return rv;	/* err set by ssl3_AppendHandshake* */
 	}
 	actual_count++;
     }
     for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
 	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
@@ -6045,17 +6045,17 @@ ssl3_HandleClientHello(sslSocket *ss, SS
     }
     if (!ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
     	/* If we didn't receive an RI extension, look for the SCSV,
 	 * and if found, treat it just like an empty RI extension
 	 * by processing a local copy of an empty RI extension.
 	 */
 	for (i = 0; i + 1 < suites.len; i += 2) {
 	    PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
-	    if (suite_i == TLS_RENEGO_PROTECTION_REQUEST) {
+	    if (suite_i == TLS_EMPTY_RENEGOTIATION_INFO_SCSV) {
 		SSL3Opaque * b2 = (SSL3Opaque *)emptyRIext;
 		PRUint32     L2 = sizeof emptyRIext;
 		(void)ssl3_HandleHelloExtensions(ss, &b2, &L2);
 	    	break;
 	    }
 	}
     }
     if (ss->firstHsDone &&
@@ -6759,17 +6759,17 @@ ssl3_HandleV2ClientHello(sslSocket *ss, 
 
 suite_found:
 
     /* Look for the SCSV, and if found, treat it just like an empty RI 
      * extension by processing a local copy of an empty RI extension.
      */
     for (i = 0; i+2 < suite_length; i += 3) {
 	PRUint32 suite_i = (suites[i] << 16) | (suites[i+1] << 8) | suites[i+2];
-	if (suite_i == TLS_RENEGO_PROTECTION_REQUEST) {
+	if (suite_i == TLS_EMPTY_RENEGOTIATION_INFO_SCSV) {
 	    SSL3Opaque * b2 = (SSL3Opaque *)emptyRIext;
 	    PRUint32     L2 = sizeof emptyRIext;
 	    (void)ssl3_HandleHelloExtensions(ss, &b2, &L2);
 	    break;
 	}
     }
 
     if (ss->opt.requireSafeNegotiation &&
--- a/security/nss/lib/ssl/sslproto.h
+++ b/security/nss/lib/ssl/sslproto.h
@@ -176,21 +176,21 @@
 #define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   	0x0085
 #define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   	0x0086
 #define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  	0x0087
 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  	0x0088
 #define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA  	0x0089
 
 #define TLS_RSA_WITH_SEED_CBC_SHA		0x0096
 
-/* TLS "Signalling Cipher Suite Value" (SCSV). May be requested by client.
+/* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client.
  * Must NEVER be chosen by server.  SSL 3.0 server acknowledges by sending
  * back an empty Renegotiation Info (RI) server hello extension.
  */
-#define TLS_RENEGO_PROTECTION_REQUEST		0x00FF
+#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV	0x00FF
 
 /* Cipher Suite Values starting with 0xC000 are defined in informational
  * RFCs.
  */
 #define TLS_ECDH_ECDSA_WITH_NULL_SHA            0xC001
 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA         0xC002
 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA    0xC003
 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA     0xC004