aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/relnotes/1_11_1.rst12
-rw-r--r--src/tls/tls_server.cpp4
-rw-r--r--src/tls/tls_session.cpp4
-rw-r--r--src/tls/tls_session.h11
4 files changed, 11 insertions, 20 deletions
diff --git a/doc/relnotes/1_11_1.rst b/doc/relnotes/1_11_1.rst
index 79a304e50..8d46e04f3 100644
--- a/doc/relnotes/1_11_1.rst
+++ b/doc/relnotes/1_11_1.rst
@@ -20,10 +20,14 @@ from memory dumps (eg with a cold boot attack).
The keys used in :cpp:func:`session encryption <TLS::Session::encrypt>`
were previously uniquely determined by the master key. Now the
encrypted session blob includes two 80 bit salts which are used in the
-derivation of the cipher and MAC keys. Sessions saved by 1.11.0 will
-not load in this version and vice versa. In both cases this will not
-cause any errors, the session will simply not resume and instead a
-full handshake will occur.
+derivation of the cipher and MAC keys.
+
+The ``secure_renegotiation`` flag is now considered an aspect of the
+connection rather than the session, which matches the behavior of
+other implementations. As the format has changed, sessions saved to
+persistent storage by 1.11.0 will not load in this version and vice
+versa. In either case this will not cause any errors, the session will
+simply not resume and instead a full handshake will occur.
New policy hooks :cpp:func:`TLS::Policy::acceptable_protocol_version`
and :cpp:func:`TLS::Policy::allow_server_initiated_renegotiation` were
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index a8e433514..d6677c0f9 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -385,7 +385,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state,
session_info.ciphersuite_code(),
session_info.compression_method(),
session_info.fragment_size(),
- secure_renegotiation_supported(),
+ state.client_hello()->secure_renegotiation(),
secure_renegotiation_data_for_server_hello(),
offer_new_session_ticket,
state.client_hello()->next_protocol_notification(),
@@ -481,7 +481,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state,
state.client_hello()),
choose_compression(m_policy, state.client_hello()->compression_methods()),
state.client_hello()->fragment_size(),
- secure_renegotiation_supported(),
+ state.client_hello()->secure_renegotiation(),
secure_renegotiation_data_for_server_hello(),
state.client_hello()->supports_session_ticket() && have_session_ticket_key,
state.client_hello()->next_protocol_notification(),
diff --git a/src/tls/tls_session.cpp b/src/tls/tls_session.cpp
index ed51ea580..ae57de0c2 100644
--- a/src/tls/tls_session.cpp
+++ b/src/tls/tls_session.cpp
@@ -24,7 +24,6 @@ Session::Session(const std::vector<byte>& session_identifier,
u16bit ciphersuite,
byte compression_method,
Connection_Side side,
- bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& certs,
const std::vector<byte>& ticket,
@@ -38,7 +37,6 @@ Session::Session(const std::vector<byte>& session_identifier,
m_ciphersuite(ciphersuite),
m_compression_method(compression_method),
m_connection_side(side),
- m_secure_renegotiation_supported(secure_renegotiation_supported),
m_fragment_size(fragment_size),
m_peer_certs(certs),
m_sni_hostname(sni_hostname),
@@ -78,7 +76,6 @@ Session::Session(const byte ber[], size_t ber_len)
.decode_integer_type(m_compression_method)
.decode_integer_type(side_code)
.decode_integer_type(m_fragment_size)
- .decode(m_secure_renegotiation_supported)
.decode(m_master_secret, OCTET_STRING)
.decode(peer_cert_bits, OCTET_STRING)
.decode(sni_hostname_str)
@@ -119,7 +116,6 @@ secure_vector<byte> Session::DER_encode() const
.encode(static_cast<size_t>(m_compression_method))
.encode(static_cast<size_t>(m_connection_side))
.encode(static_cast<size_t>(m_fragment_size))
- .encode(m_secure_renegotiation_supported)
.encode(m_master_secret, OCTET_STRING)
.encode(peer_cert_bits, OCTET_STRING)
.encode(ASN1_String(m_sni_hostname, UTF8_STRING))
diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h
index ac18ebb48..206a75081 100644
--- a/src/tls/tls_session.h
+++ b/src/tls/tls_session.h
@@ -36,7 +36,6 @@ class BOTAN_DLL Session
m_ciphersuite(0),
m_compression_method(0),
m_connection_side(static_cast<Connection_Side>(0)),
- m_secure_renegotiation_supported(false),
m_fragment_size(0)
{}
@@ -49,7 +48,6 @@ class BOTAN_DLL Session
u16bit ciphersuite,
byte compression_method,
Connection_Side side,
- bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& peer_certs,
const std::vector<byte>& session_ticket,
@@ -162,12 +160,6 @@ class BOTAN_DLL Session
size_t fragment_size() const { return m_fragment_size; }
/**
- * Is secure renegotiation supported?
- */
- bool secure_renegotiation() const
- { return m_secure_renegotiation_supported; }
-
- /**
* Return the certificate chain of the peer (possibly empty)
*/
std::vector<X509_Certificate> peer_certs() const { return m_peer_certs; }
@@ -189,7 +181,7 @@ class BOTAN_DLL Session
const std::vector<byte>& session_ticket() const { return m_session_ticket; }
private:
- enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e300 };
+ enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e301 };
std::chrono::system_clock::time_point m_start_time;
@@ -202,7 +194,6 @@ class BOTAN_DLL Session
byte m_compression_method;
Connection_Side m_connection_side;
- bool m_secure_renegotiation_supported;
size_t m_fragment_size;
std::vector<X509_Certificate> m_peer_certs;