Bug 537356: Disable the ECC cipher suites for SSL 3.0 renegotiations
authorwtc%google.com
Wed, 03 Feb 2010 02:46:15 +0000
changeset 9533 c604c1f52e9d91eff42b1a7fef23817abe2a8822
parent 9532 7edb0264088822abeea073601af5191b5de4582f
child 9534 c6fd99c1ed938ee2399d284b5f7cd5b2734fe1b5
push idunknown
push userunknown
push dateunknown
bugs537356
Bug 537356: Disable the ECC cipher suites for SSL 3.0 renegotiations because we don't send the elliptic_curves and ec_point_format extensions in SSL 3.0 client hello. r=nelson.
security/nss/lib/ssl/ssl3con.c
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -3722,16 +3722,17 @@ ssl3_SendClientHello(sslSocket *ss)
 {
     sslSessionID *   sid;
     ssl3CipherSpec * cwSpec;
     SECStatus        rv;
     int              i;
     int              length;
     int              num_suites;
     int              actual_count = 0;
+    PRBool           isTLS = PR_FALSE;
     PRInt32          total_exten_len = 0;
     unsigned         numCompressionMethods;
 
     SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
 		ss->fd));
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
     PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
@@ -3833,16 +3834,17 @@ ssl3_SendClientHello(sslSocket *ss)
 	    return rv;	/* error code was set */
 
 	sid = ssl3_NewSessionID(ss, PR_FALSE);
 	if (!sid) {
 	    return SECFailure;	/* memory error is set */
         }
     }
 
+    isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
     ssl_GetSpecWriteLock(ss);
     cwSpec = ss->ssl3.cwSpec;
     if (cwSpec->mac_def->mac == mac_null) {
 	/* SSL records are not being MACed. */
 	cwSpec->version = ss->version;
     }
     ssl_ReleaseSpecWriteLock(ss);
 
@@ -3870,33 +3872,34 @@ ssl3_SendClientHello(sslSocket *ss)
      */
     if (!ss->firstHsDone && ss->opt.enableSSL3) {
 	/* Must set this before calling Hello Extension Senders, 
 	 * to suppress sending of empty RI extension.
 	 */
 	ss->ssl3.hs.sendingSCSV = PR_TRUE;
     }
 
-    if ((ss->opt.enableTLS && ss->version > SSL_LIBRARY_VERSION_3_0) || 
-    	(ss->firstHsDone && ss->peerRequestedProtection)) {
+    if (isTLS || (ss->firstHsDone && ss->peerRequestedProtection)) {
 	PRUint32 maxBytes = 65535; /* 2^16 - 1 */
 	PRInt32  extLen;
 
 	extLen = ssl3_CallHelloExtensionSenders(ss, PR_FALSE, maxBytes, NULL);
 	if (extLen < 0) {
 	    return SECFailure;
 	}
 	maxBytes        -= extLen;
 	total_exten_len += extLen;
 
 	if (total_exten_len > 0)
 	    total_exten_len += 2;
     }
+
 #if defined(NSS_ENABLE_ECC) && !defined(NSS_ECC_MORE_THAN_SUITE_B)
-    else { /* SSL3 only */
+    if (!total_exten_len || !isTLS) {
+	/* not sending the elliptic_curves and ec_point_formats extensions */
     	ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */
     }
 #endif
 
     /* how many suites are permitted by policy and user preference? */
     num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);
     if (!num_suites)
     	return SECFailure;	/* count_cipher_suites has set error code. */