diff options
-rw-r--r-- | doc/relnotes/1_11_1.rst | 12 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 4 | ||||
-rw-r--r-- | src/tls/tls_session.cpp | 4 | ||||
-rw-r--r-- | src/tls/tls_session.h | 11 |
4 files changed, 11 insertions, 20 deletions
diff --git a/doc/relnotes/1_11_1.rst b/doc/relnotes/1_11_1.rst index 79a304e50..8d46e04f3 100644 --- a/doc/relnotes/1_11_1.rst +++ b/doc/relnotes/1_11_1.rst @@ -20,10 +20,14 @@ from memory dumps (eg with a cold boot attack). The keys used in :cpp:func:`session encryption <TLS::Session::encrypt>` were previously uniquely determined by the master key. Now the encrypted session blob includes two 80 bit salts which are used in the -derivation of the cipher and MAC keys. Sessions saved by 1.11.0 will -not load in this version and vice versa. In both cases this will not -cause any errors, the session will simply not resume and instead a -full handshake will occur. +derivation of the cipher and MAC keys. + +The ``secure_renegotiation`` flag is now considered an aspect of the +connection rather than the session, which matches the behavior of +other implementations. As the format has changed, sessions saved to +persistent storage by 1.11.0 will not load in this version and vice +versa. In either case this will not cause any errors, the session will +simply not resume and instead a full handshake will occur. New policy hooks :cpp:func:`TLS::Policy::acceptable_protocol_version` and :cpp:func:`TLS::Policy::allow_server_initiated_renegotiation` were diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index a8e433514..d6677c0f9 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -385,7 +385,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state, session_info.ciphersuite_code(), session_info.compression_method(), session_info.fragment_size(), - secure_renegotiation_supported(), + state.client_hello()->secure_renegotiation(), secure_renegotiation_data_for_server_hello(), offer_new_session_ticket, state.client_hello()->next_protocol_notification(), @@ -481,7 +481,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state, state.client_hello()), choose_compression(m_policy, state.client_hello()->compression_methods()), state.client_hello()->fragment_size(), - secure_renegotiation_supported(), + state.client_hello()->secure_renegotiation(), secure_renegotiation_data_for_server_hello(), state.client_hello()->supports_session_ticket() && have_session_ticket_key, state.client_hello()->next_protocol_notification(), diff --git a/src/tls/tls_session.cpp b/src/tls/tls_session.cpp index ed51ea580..ae57de0c2 100644 --- a/src/tls/tls_session.cpp +++ b/src/tls/tls_session.cpp @@ -24,7 +24,6 @@ Session::Session(const std::vector<byte>& session_identifier, u16bit ciphersuite, byte compression_method, Connection_Side side, - bool secure_renegotiation_supported, size_t fragment_size, const std::vector<X509_Certificate>& certs, const std::vector<byte>& ticket, @@ -38,7 +37,6 @@ Session::Session(const std::vector<byte>& session_identifier, m_ciphersuite(ciphersuite), m_compression_method(compression_method), m_connection_side(side), - m_secure_renegotiation_supported(secure_renegotiation_supported), m_fragment_size(fragment_size), m_peer_certs(certs), m_sni_hostname(sni_hostname), @@ -78,7 +76,6 @@ Session::Session(const byte ber[], size_t ber_len) .decode_integer_type(m_compression_method) .decode_integer_type(side_code) .decode_integer_type(m_fragment_size) - .decode(m_secure_renegotiation_supported) .decode(m_master_secret, OCTET_STRING) .decode(peer_cert_bits, OCTET_STRING) .decode(sni_hostname_str) @@ -119,7 +116,6 @@ secure_vector<byte> Session::DER_encode() const .encode(static_cast<size_t>(m_compression_method)) .encode(static_cast<size_t>(m_connection_side)) .encode(static_cast<size_t>(m_fragment_size)) - .encode(m_secure_renegotiation_supported) .encode(m_master_secret, OCTET_STRING) .encode(peer_cert_bits, OCTET_STRING) .encode(ASN1_String(m_sni_hostname, UTF8_STRING)) diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h index ac18ebb48..206a75081 100644 --- a/src/tls/tls_session.h +++ b/src/tls/tls_session.h @@ -36,7 +36,6 @@ class BOTAN_DLL Session m_ciphersuite(0), m_compression_method(0), m_connection_side(static_cast<Connection_Side>(0)), - m_secure_renegotiation_supported(false), m_fragment_size(0) {} @@ -49,7 +48,6 @@ class BOTAN_DLL Session u16bit ciphersuite, byte compression_method, Connection_Side side, - bool secure_renegotiation_supported, size_t fragment_size, const std::vector<X509_Certificate>& peer_certs, const std::vector<byte>& session_ticket, @@ -162,12 +160,6 @@ class BOTAN_DLL Session size_t fragment_size() const { return m_fragment_size; } /** - * Is secure renegotiation supported? - */ - bool secure_renegotiation() const - { return m_secure_renegotiation_supported; } - - /** * Return the certificate chain of the peer (possibly empty) */ std::vector<X509_Certificate> peer_certs() const { return m_peer_certs; } @@ -189,7 +181,7 @@ class BOTAN_DLL Session const std::vector<byte>& session_ticket() const { return m_session_ticket; } private: - enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e300 }; + enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e301 }; std::chrono::system_clock::time_point m_start_time; @@ -202,7 +194,6 @@ class BOTAN_DLL Session byte m_compression_method; Connection_Side m_connection_side; - bool m_secure_renegotiation_supported; size_t m_fragment_size; std::vector<X509_Certificate> m_peer_certs; |