Bug 1247250 - Enable TLS 1.3 draft 11 anti-downgrade on non-secure fallback. r=keeler

This commit is contained in:
Masatoshi Kimura 2016-02-12 07:36:37 +09:00
parent 4344d28e17
commit e1c41da56e
2 changed files with 10 additions and 1 deletions

View File

@ -673,6 +673,7 @@ SSL_PeerCertificateChain
SSL_PeerStapledOCSPResponses
SSL_ResetHandshake
SSL_SetCanFalseStartCallback
SSL_SetDowngradeCheckVersion
SSL_SetNextProtoNego
SSL_SetPKCS11PinArg
SSL_SetSockPeerID

View File

@ -1078,7 +1078,10 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo)
nsIWebProgressListener::STATE_USES_SSL_3);
}
if (err == SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT) {
// NSS will return SSL_ERROR_RX_MALFORMED_SERVER_HELLO if TLS 1.3
// anti-downgrade detected the downgrade.
if (err == SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT ||
err == SSL_ERROR_RX_MALFORMED_SERVER_HELLO) {
// This is a clear signal that we've fallen back too many versions. Treat
// this as a hard failure, but forget any intolerance so that later attempts
// don't use this version (i.e., range.max) and trigger the error again.
@ -2555,6 +2558,11 @@ nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
if (SECSuccess != SSL_OptionSet(fd, SSL_ENABLE_FALLBACK_SCSV, true)) {
return NS_ERROR_FAILURE;
}
// tell NSS to enable the max enabled version to make TLS 1.3
// anti-downgrade effective
if (SECSuccess != SSL_SetDowngradeCheckVersion(fd, maxEnabledVersion)) {
return NS_ERROR_FAILURE;
}
}
bool enabled = infoObject->SharedState().IsOCSPStaplingEnabled();