aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-11-16 16:15:51 -0500
committerJack Lloyd <[email protected]>2016-11-16 16:15:51 -0500
commit10c2f3f984c6c74d6a94270ee6e9e1be00f68500 (patch)
tree8cdc3e73fa10088590249560b1a85626c5510c5f /src
parentca86adc7ceee60abc62645067a53c0f117f28783 (diff)
Fix incompatability with (some) common TLS stack
Several sites including oracle.com seem to send extension 11 (point format) even if we (the client) did not send it. Then the handshake fails. To workaround this problem, simply always send this extension as the client, instead of only sending it if we wished to support compressed points.
Diffstat (limited to 'src')
-rw-r--r--src/lib/tls/msg_client_hello.cpp16
-rw-r--r--src/lib/tls/msg_server_hello.cpp11
-rw-r--r--src/lib/tls/tls_extensions.cpp11
-rw-r--r--src/lib/tls/tls_extensions.h3
4 files changed, 26 insertions, 15 deletions
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
index 50c83c10c..2a42e1144 100644
--- a/src/lib/tls/msg_client_hello.cpp
+++ b/src/lib/tls/msg_client_hello.cpp
@@ -116,10 +116,10 @@ Client_Hello::Client_Hello(Handshake_IO& io,
m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves()));
- if(!policy.allowed_ecc_curves().empty() && policy.use_ecc_point_compression())
- {
- m_extensions.add(new Supported_Point_Formats());
- }
+ if(!policy.allowed_ecc_curves().empty())
+ {
+ m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
+ }
if(m_version.supports_negotiable_signature_algorithms())
m_extensions.add(new Signature_Algorithms(policy.allowed_signature_hashes(),
@@ -165,10 +165,10 @@ Client_Hello::Client_Hello(Handshake_IO& io,
m_extensions.add(new Session_Ticket(session.session_ticket()));
m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves()));
- if(!policy.allowed_ecc_curves().empty() && policy.use_ecc_point_compression())
- {
- m_extensions.add(new Supported_Point_Formats());
- }
+ if(!policy.allowed_ecc_curves().empty())
+ {
+ m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
+ }
if(session.supports_encrypt_then_mac())
m_extensions.add(new Encrypt_then_MAC);
diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp
index d13bc7551..3e8a8dda9 100644
--- a/src/lib/tls/msg_server_hello.cpp
+++ b/src/lib/tls/msg_server_hello.cpp
@@ -43,11 +43,11 @@ Server_Hello::Server_Hello(Handshake_IO& io,
m_extensions.add(new Encrypt_then_MAC);
}
- if(c.ecc_ciphersuite() && policy.use_ecc_point_compression())
+ if(c.ecc_ciphersuite())
{
- m_extensions.add(new Supported_Point_Formats());
+ m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
}
-
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));
@@ -107,6 +107,11 @@ Server_Hello::Server_Hello(Handshake_IO& io,
m_extensions.add(new Encrypt_then_MAC);
}
+ if(resumed_session.ciphersuite().ecc_ciphersuite())
+ {
+ m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
+ }
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));
diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp
index f8eef5ac6..712527fc4 100644
--- a/src/lib/tls/tls_extensions.cpp
+++ b/src/lib/tls/tls_extensions.cpp
@@ -384,10 +384,15 @@ Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader,
std::vector<byte> Supported_Point_Formats::serialize() const
{
- // if we send this extension, we prefer compressed points,
- // otherwise we don't send it (which is equal to supporting only uncompressed)
// if this extension is sent, it MUST include uncompressed (RFC 4492, section 5.1)
- return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED};
+ if(m_prefers_compressed)
+ {
+ return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED};
+ }
+ else
+ {
+ return std::vector<byte>{1, UNCOMPRESSED};
+ }
}
Supported_Point_Formats::Supported_Point_Formats(TLS_Data_Reader& reader,
diff --git a/src/lib/tls/tls_extensions.h b/src/lib/tls/tls_extensions.h
index d69e40a60..119170797 100644
--- a/src/lib/tls/tls_extensions.h
+++ b/src/lib/tls/tls_extensions.h
@@ -276,7 +276,8 @@ class Supported_Point_Formats final : public Extension
std::vector<byte> serialize() const override;
- explicit Supported_Point_Formats() : m_prefers_compressed(true) {}
+ explicit Supported_Point_Formats(bool prefer_compressed) :
+ m_prefers_compressed(prefer_compressed) {}
Supported_Point_Formats(TLS_Data_Reader& reader,
u16bit extension_size);