aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-03-23 17:17:05 +0000
committerlloyd <[email protected]>2012-03-23 17:17:05 +0000
commit9c67e7a9b20c87e6709346d75edaf951aa4c2eb5 (patch)
treee1ea1f5ad63dbfd4b311aaed6787c34d6c911c5e /src/tls
parent9208e05246aa3f3085a45f85e3c9f2844828f73e (diff)
Revert the session_ticket callback in credentials manager. If a PSK
manager is being used, it could be easily used for session tickets as well, and if it's not the generate-on-first-call technique is easy to write. Avoid offering the session ticket extension if we know we don't have a key. For one thing it will cause us to avoid using stateful sessions, but additionally OpenSSL 1.0.1 is very intolerant of empty NewSessionTicket messages so definitely worth avoiding when we can.
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/s_hello.cpp4
-rw-r--r--src/tls/tls_messages.h1
-rw-r--r--src/tls/tls_server.cpp67
3 files changed, 33 insertions, 39 deletions
diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp
index 4cbc69f30..7da9fdc57 100644
--- a/src/tls/s_hello.cpp
+++ b/src/tls/s_hello.cpp
@@ -25,6 +25,7 @@ Server_Hello::Server_Hello(Record_Writer& writer,
const Client_Hello& c_hello,
const std::vector<std::string>& available_cert_types,
const Policy& policy,
+ bool have_session_ticket_key,
bool client_has_secure_renegotiation,
const MemoryRegion<byte>& reneg_info,
bool client_has_npn,
@@ -38,7 +39,8 @@ Server_Hello::Server_Hello(Record_Writer& writer,
m_renegotiation_info(reneg_info),
m_next_protocol(client_has_npn),
m_next_protocols(next_protocols),
- m_supports_session_ticket(c_hello.supports_session_ticket())
+ m_supports_session_ticket(have_session_ticket_key &&
+ c_hello.supports_session_ticket())
{
suite = policy.choose_suite(
c_hello.ciphersuites(),
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 7312d8bb1..2f8af5fd2 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -197,6 +197,7 @@ class Server_Hello : public Handshake_Message
const Client_Hello& other,
const std::vector<std::string>& available_cert_types,
const Policy& policies,
+ bool have_session_ticket_key,
bool client_has_secure_renegotiation,
const MemoryRegion<byte>& reneg_info,
bool client_has_npn,
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index e4c7ea339..1f69d153e 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -40,13 +40,9 @@ bool check_for_resume(Session& session_info,
// If a session ticket was sent, ignore client session ID
try
{
- const SymmetricKey& session_ticket_key = credentials.session_ticket_key();
-
- if(session_ticket_key.length() == 0)
- return false;
-
- session_info = Session::decrypt(session_ticket,
- session_ticket_key);
+ session_info = Session::decrypt(
+ session_ticket,
+ credentials.psk("tls-server", "session-ticket", ""));
}
catch(...)
{
@@ -221,7 +217,14 @@ void Server::process_handshake_msg(Handshake_Type type,
creds,
state->client_hello);
- const SymmetricKey& session_ticket_key = creds.session_ticket_key();
+ bool have_session_ticket_key = false;
+
+ try
+ {
+ have_session_ticket_key =
+ creds.psk("tls-server", "session-ticket", "").length() > 0;
+ }
+ catch(...) {}
if(resuming)
{
@@ -237,7 +240,7 @@ void Server::process_handshake_msg(Handshake_Type type,
session_info.fragment_size(),
secure_renegotiation.supported(),
secure_renegotiation.for_server_hello(),
- state->client_hello->supports_session_ticket() && session_ticket_key.length() > 0,
+ state->client_hello->supports_session_ticket() && have_session_ticket_key,
state->client_hello->next_protocol_notification(),
m_possible_protocols,
rng);
@@ -265,14 +268,16 @@ void Server::process_handshake_msg(Handshake_Type type,
{
try
{
+ const SymmetricKey ticket_key = creds.psk("tls-server", "session-ticket", "");
+
state->new_session_ticket =
new New_Session_Ticket(writer, state->hash,
- session_info.encrypt(session_ticket_key, rng));
+ session_info.encrypt(ticket_key, rng));
}
- catch(...)
- {
+ catch(...) {}
+
+ if(!state->new_session_ticket)
state->new_session_ticket = new New_Session_Ticket(writer, state->hash);
- }
}
writer.send(CHANGE_CIPHER_SPEC, 1);
@@ -312,6 +317,7 @@ void Server::process_handshake_msg(Handshake_Type type,
*(state->client_hello),
available_cert_types,
policy,
+ have_session_ticket_key,
secure_renegotiation.supported(),
secure_renegotiation.for_server_hello(),
state->client_hello->next_protocol_notification(),
@@ -422,10 +428,9 @@ void Server::process_handshake_msg(Handshake_Type type,
state->hash.update(type, contents);
/*
- * Using DECRYPT_ERROR looks weird here, but per RFC 4346 this
- * error is for indicating that "A handshake cryptographic
- * operation failed, including being unable to correctly verify a
- * signature, ..."
+ * Using DECRYPT_ERROR looks weird here, but per RFC 4346 is for
+ * "A handshake cryptographic operation failed, including being
+ * unable to correctly verify a signature, ..."
*/
if(!sig_valid)
throw TLS_Exception(Alert::DECRYPT_ERROR, "Client cert verify failed");
@@ -496,17 +501,11 @@ void Server::process_handshake_msg(Handshake_Type type,
{
try
{
- const SymmetricKey& session_ticket_key =
- creds.session_ticket_key();
-
- if(session_ticket_key.length() > 0)
- {
- state->new_session_ticket =
- new New_Session_Ticket(
- writer,
- state->hash,
- session_info.encrypt(session_ticket_key, rng));
- }
+ const SymmetricKey ticket_key = creds.psk("tls-server", "session-ticket", "");
+
+ state->new_session_ticket =
+ new New_Session_Ticket(writer, state->hash,
+ session_info.encrypt(ticket_key, rng));
}
catch(...) {}
}
@@ -514,16 +513,8 @@ void Server::process_handshake_msg(Handshake_Type type,
session_manager.save(session_info);
}
- /*
- If we sent the extension we have to send something;
- an empty ticket is allowed
- */
- if(!state->new_session_ticket &&
- state->server_hello->supports_session_ticket())
- {
- state->new_session_ticket =
- new New_Session_Ticket(writer, state->hash);
- }
+ if(state->server_hello->supports_session_ticket() && !state->new_session_ticket)
+ state->new_session_ticket = new New_Session_Ticket(writer, state->hash);
writer.send(CHANGE_CIPHER_SPEC, 1);