diff options
author | lloyd <[email protected]> | 2012-03-23 17:17:05 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-03-23 17:17:05 +0000 |
commit | 9c67e7a9b20c87e6709346d75edaf951aa4c2eb5 (patch) | |
tree | e1ea1f5ad63dbfd4b311aaed6787c34d6c911c5e /src/tls | |
parent | 9208e05246aa3f3085a45f85e3c9f2844828f73e (diff) |
Revert the session_ticket callback in credentials manager. If a PSK
manager is being used, it could be easily used for session tickets as
well, and if it's not the generate-on-first-call technique is easy to
write.
Avoid offering the session ticket extension if we know we don't have a
key. For one thing it will cause us to avoid using stateful sessions,
but additionally OpenSSL 1.0.1 is very intolerant of empty
NewSessionTicket messages so definitely worth avoiding when we can.
Diffstat (limited to 'src/tls')
-rw-r--r-- | src/tls/s_hello.cpp | 4 | ||||
-rw-r--r-- | src/tls/tls_messages.h | 1 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 67 |
3 files changed, 33 insertions, 39 deletions
diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp index 4cbc69f30..7da9fdc57 100644 --- a/src/tls/s_hello.cpp +++ b/src/tls/s_hello.cpp @@ -25,6 +25,7 @@ Server_Hello::Server_Hello(Record_Writer& writer, const Client_Hello& c_hello, const std::vector<std::string>& available_cert_types, const Policy& policy, + bool have_session_ticket_key, bool client_has_secure_renegotiation, const MemoryRegion<byte>& reneg_info, bool client_has_npn, @@ -38,7 +39,8 @@ Server_Hello::Server_Hello(Record_Writer& writer, m_renegotiation_info(reneg_info), m_next_protocol(client_has_npn), m_next_protocols(next_protocols), - m_supports_session_ticket(c_hello.supports_session_ticket()) + m_supports_session_ticket(have_session_ticket_key && + c_hello.supports_session_ticket()) { suite = policy.choose_suite( c_hello.ciphersuites(), diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index 7312d8bb1..2f8af5fd2 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -197,6 +197,7 @@ class Server_Hello : public Handshake_Message const Client_Hello& other, const std::vector<std::string>& available_cert_types, const Policy& policies, + bool have_session_ticket_key, bool client_has_secure_renegotiation, const MemoryRegion<byte>& reneg_info, bool client_has_npn, diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index e4c7ea339..1f69d153e 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -40,13 +40,9 @@ bool check_for_resume(Session& session_info, // If a session ticket was sent, ignore client session ID try { - const SymmetricKey& session_ticket_key = credentials.session_ticket_key(); - - if(session_ticket_key.length() == 0) - return false; - - session_info = Session::decrypt(session_ticket, - session_ticket_key); + session_info = Session::decrypt( + session_ticket, + credentials.psk("tls-server", "session-ticket", "")); } catch(...) { @@ -221,7 +217,14 @@ void Server::process_handshake_msg(Handshake_Type type, creds, state->client_hello); - const SymmetricKey& session_ticket_key = creds.session_ticket_key(); + bool have_session_ticket_key = false; + + try + { + have_session_ticket_key = + creds.psk("tls-server", "session-ticket", "").length() > 0; + } + catch(...) {} if(resuming) { @@ -237,7 +240,7 @@ void Server::process_handshake_msg(Handshake_Type type, session_info.fragment_size(), secure_renegotiation.supported(), secure_renegotiation.for_server_hello(), - state->client_hello->supports_session_ticket() && session_ticket_key.length() > 0, + state->client_hello->supports_session_ticket() && have_session_ticket_key, state->client_hello->next_protocol_notification(), m_possible_protocols, rng); @@ -265,14 +268,16 @@ void Server::process_handshake_msg(Handshake_Type type, { try { + const SymmetricKey ticket_key = creds.psk("tls-server", "session-ticket", ""); + state->new_session_ticket = new New_Session_Ticket(writer, state->hash, - session_info.encrypt(session_ticket_key, rng)); + session_info.encrypt(ticket_key, rng)); } - catch(...) - { + catch(...) {} + + if(!state->new_session_ticket) state->new_session_ticket = new New_Session_Ticket(writer, state->hash); - } } writer.send(CHANGE_CIPHER_SPEC, 1); @@ -312,6 +317,7 @@ void Server::process_handshake_msg(Handshake_Type type, *(state->client_hello), available_cert_types, policy, + have_session_ticket_key, secure_renegotiation.supported(), secure_renegotiation.for_server_hello(), state->client_hello->next_protocol_notification(), @@ -422,10 +428,9 @@ void Server::process_handshake_msg(Handshake_Type type, state->hash.update(type, contents); /* - * Using DECRYPT_ERROR looks weird here, but per RFC 4346 this - * error is for indicating that "A handshake cryptographic - * operation failed, including being unable to correctly verify a - * signature, ..." + * Using DECRYPT_ERROR looks weird here, but per RFC 4346 is for + * "A handshake cryptographic operation failed, including being + * unable to correctly verify a signature, ..." */ if(!sig_valid) throw TLS_Exception(Alert::DECRYPT_ERROR, "Client cert verify failed"); @@ -496,17 +501,11 @@ void Server::process_handshake_msg(Handshake_Type type, { try { - const SymmetricKey& session_ticket_key = - creds.session_ticket_key(); - - if(session_ticket_key.length() > 0) - { - state->new_session_ticket = - new New_Session_Ticket( - writer, - state->hash, - session_info.encrypt(session_ticket_key, rng)); - } + const SymmetricKey ticket_key = creds.psk("tls-server", "session-ticket", ""); + + state->new_session_ticket = + new New_Session_Ticket(writer, state->hash, + session_info.encrypt(ticket_key, rng)); } catch(...) {} } @@ -514,16 +513,8 @@ void Server::process_handshake_msg(Handshake_Type type, session_manager.save(session_info); } - /* - If we sent the extension we have to send something; - an empty ticket is allowed - */ - if(!state->new_session_ticket && - state->server_hello->supports_session_ticket()) - { - state->new_session_ticket = - new New_Session_Ticket(writer, state->hash); - } + if(state->server_hello->supports_session_ticket() && !state->new_session_ticket) + state->new_session_ticket = new New_Session_Ticket(writer, state->hash); writer.send(CHANGE_CIPHER_SPEC, 1); |