Remove SCSV

4 files changed, 0 insertions, 25 deletions

diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
index 33fc8b72c..011431c7d 100644
--- a/src/lib/tls/msg_client_hello.cpp
+++ b/src/lib/tls/msg_client_hello.cpp
@@ -27,7 +27,6 @@ namespace TLS {
 
 enum {
    TLS_EMPTY_RENEGOTIATION_INFO_SCSV        = 0x00FF,
-   TLS_FALLBACK_SCSV                        = 0x5600
 };
 
 std::vector<uint8_t> make_hello_random(RandomNumberGenerator& rng,
@@ -135,9 +134,6 @@ Client_Hello::Client_Hello(Handshake_IO& io,
 
    cb.tls_modify_extensions(m_extensions, CLIENT);
 
-   if(policy.send_fallback_scsv(client_settings.protocol_version()))
-      m_suites.push_back(TLS_FALLBACK_SCSV);
-
    hash.update(io.send(*this));
    }
 
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index cf9cc249b..d3fbf78c5 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -257,11 +257,6 @@ uint32_t Policy::session_ticket_lifetime() const
    return 86400; // ~1 day
    }
 
-bool Policy::send_fallback_scsv(Protocol_Version version) const
-   {
-   return version != latest_supported_version(version.is_datagram_protocol());
-   }
-
 bool Policy::acceptable_protocol_version(Protocol_Version version) const
    {
    if(version == Protocol_Version::TLS_V12 && allow_tls12())
diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h
index bfe067650..fe01906e7 100644
--- a/src/lib/tls/tls_policy.h
+++ b/src/lib/tls/tls_policy.h
@@ -233,13 +233,6 @@ class BOTAN_PUBLIC_API(2,0) Policy
       virtual Protocol_Version latest_supported_version(bool datagram) const;
 
       /**
-      * When offering this version, should we send a fallback SCSV?
-      * Default returns true iff version is not the latest version the
-      * policy allows, exists to allow override in case of interop problems.
-      */
-      virtual bool send_fallback_scsv(Protocol_Version version) const;
-
-      /**
       * Allows policy to reject any ciphersuites which are undesirable
       * for whatever reason without having to reimplement ciphersuite_list
       */
diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp
index 60ee19172..4d59aca71 100644
--- a/src/lib/tls/tls_server.cpp
+++ b/src/lib/tls/tls_server.cpp
@@ -314,7 +314,6 @@ namespace {
 Protocol_Version select_version(const Botan::TLS::Policy& policy,
                                 Protocol_Version client_offer,
                                 Protocol_Version active_version,
-                                bool is_fallback,
                                 const std::vector<Protocol_Version>& supported_versions)
    {
    const bool is_datagram = client_offer.is_datagram_protocol();
@@ -322,13 +321,6 @@ Protocol_Version select_version(const Botan::TLS::Policy& policy,
 
    const Protocol_Version latest_supported = policy.latest_supported_version(is_datagram);
 
-   if(is_fallback)
-      {
-      if(latest_supported > client_offer)
-         throw TLS_Exception(Alert::INAPPROPRIATE_FALLBACK,
-                              "Client signalled fallback SCSV, possible attack");
-      }
-
    if(supported_versions.size() > 0)
       {
       if(is_datagram)
@@ -454,7 +446,6 @@ void Server::process_client_hello_msg(const Handshake_State* active_state,
    const Protocol_Version negotiated_version =
       select_version(policy(), client_offer,
                      active_state ? active_state->version() : Protocol_Version(),
-                     pending_state.client_hello()->sent_fallback_scsv(),
                      pending_state.client_hello()->supported_versions());
 
    pending_state.set_version(negotiated_version);