diff options
| author | David Benjamin <davidben@chromium.org> | 2014-11-20 22:54:14 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-11-22 00:51:10 +0300 |
| commit | d1681e614f8c3b4105efc42fb1fd35bd3ec09547 (patch) | |
| tree | 4dac317d54035223fb85ba31bc6be3c34d12dcfc /ssl/s3_srvr.c | |
| parent | fe8eb9a6031aedf6426e2dda2ffcdb274fa5c9c1 (diff) | |
Remove SSL_set_session_secret_cb (EAP-FAST)
This is only used for EAP-FAST which we apparently don't need to support.
Remove it outright. We broke it in 9eaeef81fa2d4fd6246dc02b6203fa936a5eaf67 by
failing to account for session misses.
If this changes and we need it later, we can resurrect it. Preferably
implemented differently: the current implementation is bolted badly onto the
handshake. Ideally use the supplied callbacks to fabricate an appropriate
SSL_SESSION and resume that with as much of the normal session ticket flow as
possible.
The one difference is that EAP-FAST seems to require the probing mechanism for
session tickets rather than the sane session ID echoing version. We can
reimplement that by asking the record layer to probe ahead for one byte.
Change-Id: I38304953cc36b2020611556a91e8ac091691edac
Reviewed-on: https://boringssl-review.googlesource.com/2360
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/s3_srvr.c')
| -rw-r--r-- | ssl/s3_srvr.c | 52 |
1 files changed, 5 insertions, 47 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index c7bc58bc..e166735c 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1064,54 +1064,7 @@ int ssl3_get_client_hello(SSL *s) goto f_err; } - /* Check if we want to use external pre-shared secret for this - * handshake for not reused session only. We need to generate - * server_random before calling tls_session_secret_cb in order to allow - * SessionTicket processing to use it in key derivation. */ - { - unsigned char *pos; - pos=s->s3->server_random; - if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) - { - goto f_err; - } - } - - if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) - { - const SSL_CIPHER *pref_cipher=NULL; - - s->session->master_key_length=sizeof(s->session->master_key); - if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, - ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) - { - s->hit=1; - s->session->verify_result=X509_V_OK; - - /* check if some cipher was preferred by call back */ - pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, ciphers, ssl_get_cipher_preferences(s)); - if (pref_cipher == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_NO_SHARED_CIPHER); - goto f_err; - } - - s->session->cipher=pref_cipher; - - if (s->cipher_list) - ssl_cipher_preference_list_free(s->cipher_list); - - if (s->cipher_list_by_id) - sk_SSL_CIPHER_free(s->cipher_list_by_id); - - s->cipher_list = ssl_cipher_preference_list_from_ciphers(ciphers); - s->cipher_list_by_id = sk_SSL_CIPHER_dup(ciphers); - } - } - /* Given ciphers and SSL_get_ciphers, we must pick a cipher */ - if (!s->hit) { if (ciphers == NULL) @@ -1213,6 +1166,11 @@ int ssl3_send_server_hello(SSL *s) *(p++)=s->version&0xff; /* Random stuff */ + if (!ssl_fill_hello_random(s, 1, s->s3->server_random, SSL3_RANDOM_SIZE)) + { + OPENSSL_PUT_ERROR(SSL, ssl3_send_server_hello, ERR_R_INTERNAL_ERROR); + return -1; + } memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; |