aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-03-23 12:44:58 +0000
committerlloyd <[email protected]>2012-03-23 12:44:58 +0000
commitafcd29c599e1e27b674df4f630a665c095b0ff44 (patch)
treeb10bd7332009a446e796094db1cb2247bce0739b
parent16d6b8ccfcf6cfac5d654df6790f6d87226e8e17 (diff)
Include the curves and sig algos list in a session resumption client
hello. Also include a full list of ciphersuites, ensuring that our original session ciphersuite is in the list regardless of policy (maybe it would be better to just not resume in that case, though?). Otherwise, if the server doesn't remember our session (or the session ticket key), it might not be capable of negotiating using the single ciphersuite we sent due to lack of information (allowed curves was a particular issue here). Including the full ciphersuite list also allows for rengotiating the ciphersuite if, for instance, the session can't be resumed because the server used to have an RSA cert but has since replaced it with an ECDSA cert.
-rw-r--r--src/tls/c_hello.cpp21
-rw-r--r--src/tls/tls_client.cpp1
-rw-r--r--src/tls/tls_messages.h1
3 files changed, 18 insertions, 5 deletions
diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp
index 0798bfaf3..3428225d0 100644
--- a/src/tls/c_hello.cpp
+++ b/src/tls/c_hello.cpp
@@ -72,13 +72,12 @@ Client_Hello::Client_Hello(Record_Writer& writer,
m_fragment_size(0),
m_secure_renegotiation(true),
m_renegotiation_info(reneg_info),
+ m_supported_curves(policy.allowed_ecc_curves()),
m_supports_session_ticket(true)
{
std::vector<std::string> hashes = policy.allowed_hashes();
std::vector<std::string> sigs = policy.allowed_signature_methods();
- m_supported_curves = policy.allowed_ecc_curves();
-
for(size_t i = 0; i != hashes.size(); ++i)
for(size_t j = 0; j != sigs.size(); ++j)
m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
@@ -91,24 +90,36 @@ Client_Hello::Client_Hello(Record_Writer& writer,
*/
Client_Hello::Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
+ const Policy& policy,
RandomNumberGenerator& rng,
const Session& session,
bool next_protocol) :
m_version(session.version()),
m_session_id(session.session_id()),
m_random(make_hello_random(rng)),
+ m_suites(policy.ciphersuite_list(session.srp_identifier() != "")),
+ m_comp_methods(policy.compression()),
m_hostname(session.sni_hostname()),
m_srp_identifier(session.srp_identifier()),
m_next_protocol(next_protocol),
m_fragment_size(session.fragment_size()),
m_secure_renegotiation(session.secure_renegotiation()),
+ m_supported_curves(policy.allowed_ecc_curves()),
m_supports_session_ticket(true),
m_session_ticket(session.session_ticket())
{
- m_suites.push_back(session.ciphersuite_code());
- m_comp_methods.push_back(session.compression_method());
+ if(!value_exists(m_suites, session.ciphersuite_code()))
+ m_suites.push_back(session.ciphersuite_code());
+
+ if(!value_exists(m_comp_methods, session.compression_method()))
+ m_comp_methods.push_back(session.compression_method());
+
+ std::vector<std::string> hashes = policy.allowed_hashes();
+ std::vector<std::string> sigs = policy.allowed_signature_methods();
- // set m_supported_algos + m_supported_curves here?
+ for(size_t i = 0; i != hashes.size(); ++i)
+ for(size_t j = 0; j != sigs.size(); ++j)
+ m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
hash.update(writer.send(*this));
}
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 06a58385c..ba9ec8082 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -54,6 +54,7 @@ Client::Client(std::tr1::function<void (const byte[], size_t)> output_fn,
state->client_hello = new Client_Hello(
writer,
state->hash,
+ policy,
rng,
session_info,
send_npn_request);
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 78cb6f714..7312d8bb1 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -124,6 +124,7 @@ class Client_Hello : public Handshake_Message
Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
+ const Policy& policy,
RandomNumberGenerator& rng,
const Session& resumed_session,
bool next_protocol = false);