Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 574100 Details for
Bug 806588
Disable SSL PKCS #11 bypass at build time
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Disable ssl pkcs11 layer bypass at build time
Bug-806588-disable-sslbypass.patch (text/plain), 13.16 KB, created by
Elio Maldonado Batiz
on 2012-03-30 22:33:13 UTC
(
hide
)
Description:
Disable ssl pkcs11 layer bypass at build time
Filename:
MIME Type:
Creator:
Elio Maldonado Batiz
Created:
2012-03-30 22:33:13 UTC
Size:
13.16 KB
patch
obsolete
>diff -up ./mozilla/security/nss/lib/ssl/config.mk.806588 ./mozilla/security/nss/lib/ssl/config.mk >--- ./mozilla/security/nss/lib/ssl/config.mk.806588 2010-02-04 11:09:08.000000000 -0800 >+++ ./mozilla/security/nss/lib/ssl/config.mk 2012-03-30 13:55:43.722050126 -0700 >@@ -39,6 +39,10 @@ ifdef NISCC_TEST > DEFINES += -DNISCC_TEST > endif > >+ifdef NSS_NOSSLBYPASS >+DEFINES += -DNOSSLBYPASS >+endif >+ > ifdef NSS_SURVIVE_DOUBLE_BYPASS_FAILURE > DEFINES += -DNSS_SURVIVE_DOUBLE_BYPASS_FAILURE > endif >diff -up ./mozilla/security/nss/lib/ssl/ssl3con.c.806588 ./mozilla/security/nss/lib/ssl/ssl3con.c >--- ./mozilla/security/nss/lib/ssl/ssl3con.c.806588 2012-02-17 01:50:04.000000000 -0800 >+++ ./mozilla/security/nss/lib/ssl/ssl3con.c 2012-03-30 13:55:43.737050129 -0700 >@@ -1007,8 +1007,17 @@ ssl3_ComputeCommonKeyHash(PRUint8 * hash > SECStatus rv = SECSuccess; > > if (bypassPKCS11) { >+#ifdef NOSSLBYPASS >+ /* We shouldn't be here. SSL_OptionSet should have returned an error preventing it. */ >+ PR_ASSERT(!bypassPKCS11); >+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); >+ return SECFailure; >+ /* Reset bypassPKCS11 to false and recursevily clla ourselves. */ >+ return ssl3_ComputeCommonKeyHash(hashBuf, bufLen, hashes, PR_TRUE); >+#else > MD5_HashBuf (hashes->md5, hashBuf, bufLen); > SHA1_HashBuf(hashes->sha, hashBuf, bufLen); >+#endif > } else { > rv = PK11_HashBuf(SEC_OID_MD5, hashes->md5, hashBuf, bufLen); > if (rv != SECSuccess) { >@@ -1788,6 +1797,12 @@ ssl3_InitPendingCipherSpec(sslSocket *ss > } > } > if (ss->opt.bypassPKCS11 && pwSpec->msItem.len && pwSpec->msItem.data) { >+#ifdef NOSSLBYPASS >+ /* Enabling bypassPKCS11 should have been prevented in SSL_OptionSet */ >+ PORT_Assert(ss->opt.bypassPKCS11 == PR_FALSE); >+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); >+ rv = SECFailure; >+#else > /* Double Bypass succeeded in extracting the master_secret */ > const ssl3KEADef * kea_def = ss->ssl3.hs.kea_def; > PRBool isTLS = (PRBool)(kea_def->tls_keygen || >@@ -1801,6 +1816,7 @@ ssl3_InitPendingCipherSpec(sslSocket *ss > if (rv == SECSuccess) { > rv = ssl3_InitPendingContextsBypass(ss); > } >+#endif > } else if (pwSpec->master_secret) { > rv = ssl3_DeriveConnectionKeysPKCS11(ss); > if (rv == SECSuccess) { >@@ -3176,11 +3192,13 @@ ssl3_RestartHandshakeHashes(sslSocket *s > { > SECStatus rv = SECSuccess; > >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > ss->ssl3.hs.messages.len = 0; > MD5_Begin((MD5Context *)ss->ssl3.hs.md5_cx); > SHA1_Begin((SHA1Context *)ss->ssl3.hs.sha_cx); > } else { >+#endif > rv = PK11_DigestBegin(ss->ssl3.hs.md5); > if (rv != SECSuccess) { > ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE); >@@ -3191,7 +3209,9 @@ ssl3_RestartHandshakeHashes(sslSocket *s > ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE); > return rv; > } >+#ifndef NOSSLBYPASS > } >+#endif > return rv; > } > >@@ -3207,11 +3227,13 @@ ssl3_NewHandshakeHashes(sslSocket *ss) > * that the master secret will wind up in ... > */ > SSL_TRC(30,("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd)); >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > PORT_Assert(!ss->ssl3.hs.messages.buf && !ss->ssl3.hs.messages.space); > ss->ssl3.hs.messages.buf = NULL; > ss->ssl3.hs.messages.space = 0; > } else { >+#endif > ss->ssl3.hs.md5 = md5 = PK11_CreateDigestContext(SEC_OID_MD5); > ss->ssl3.hs.sha = sha = PK11_CreateDigestContext(SEC_OID_SHA1); > if (md5 == NULL) { >@@ -3222,7 +3244,9 @@ ssl3_NewHandshakeHashes(sslSocket *ss) > ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE); > goto loser; > } >+#ifndef NOSSLBYPASS > } >+#endif > if (SECSuccess == ssl3_RestartHandshakeHashes(ss)) { > return SECSuccess; > } >@@ -3259,6 +3283,7 @@ ssl3_UpdateHandshakeHashes(sslSocket *ss > > PRINT_BUF(90, (NULL, "MD5 & SHA handshake hash input:", b, l)); > >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > MD5_Update((MD5Context *)ss->ssl3.hs.md5_cx, b, l); > SHA1_Update((SHA1Context *)ss->ssl3.hs.sha_cx, b, l); >@@ -3267,6 +3292,7 @@ ssl3_UpdateHandshakeHashes(sslSocket *ss > #endif > return rv; > } >+#endif > rv = PK11_DigestOp(ss->ssl3.hs.md5, b, l); > if (rv != SECSuccess) { > ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE); >@@ -3523,6 +3549,7 @@ ssl3_ComputeHandshakeHashes(sslSocket * > > PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); > >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > /* compute them without PKCS11 */ > PRUint64 md5_cx[MAX_MAC_CONTEXT_LLONGS]; >@@ -3606,6 +3633,7 @@ ssl3_ComputeHandshakeHashes(sslSocket * > #undef md5cx > #undef shacx > } else { >+#endif > /* compute hases with PKCS11 */ > PK11Context * md5; > PK11Context * sha = NULL; >@@ -3749,7 +3777,9 @@ ssl3_ComputeHandshakeHashes(sslSocket * > PORT_ZFree(shaStateBuf, shaStateLen); > } > } >+#ifndef NOSSLBYPASS > } >+#endif > return rv; > } > >@@ -6453,11 +6483,18 @@ compression_found: > break; /* not an error */ > } > } else if (ss->opt.bypassPKCS11) { >+#ifdef NOSSLBYPASS >+ /* Do nothing. The else below is to restart a bypass session >+ * in a non-bypass socket which doesn't make sense as we are >+ * disallowing bypass any way. >+ */ >+#else > wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret; > wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len; > memcpy(pwSpec->raw_master_secret, wrappedMS.data, wrappedMS.len); > pwSpec->msItem.data = pwSpec->raw_master_secret; > pwSpec->msItem.len = wrappedMS.len; >+#endif > } else { > /* We CAN restart a bypass session in a non-bypass socket. */ > /* need to import the raw master secret to session object */ >@@ -9588,10 +9625,12 @@ ssl3_DestroySSL3Info(sslSocket *ss) > } > > /* clean up handshake */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > SHA1_DestroyContext((SHA1Context *)ss->ssl3.hs.sha_cx, PR_FALSE); > MD5_DestroyContext((MD5Context *)ss->ssl3.hs.md5_cx, PR_FALSE); > } >+#endif > if (ss->ssl3.hs.md5) { > PK11_DestroyContext(ss->ssl3.hs.md5,PR_TRUE); > } >diff -up ./mozilla/security/nss/lib/ssl/ssl3ext.c.806588 ./mozilla/security/nss/lib/ssl/ssl3ext.c >--- ./mozilla/security/nss/lib/ssl/ssl3ext.c.806588 2012-02-15 13:52:08.000000000 -0800 >+++ ./mozilla/security/nss/lib/ssl/ssl3ext.c 2012-03-30 13:55:43.746050128 -0700 >@@ -722,13 +722,17 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > rv = PK11_GenerateRandom(iv, sizeof(iv)); > if (rv != SECSuccess) goto loser; > >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length, > &mac_key, &mac_key_length); > } else { >+#endif > rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11, > &mac_key_pkcs11); >+#ifndef NOSSLBYPASS > } >+#endif > if (rv != SECSuccess) goto loser; > > if (ss->ssl3.pwSpec->msItem.len && ss->ssl3.pwSpec->msItem.data) { >@@ -892,6 +896,7 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > } > > /* Generate encrypted portion of ticket. */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > aes_ctx = (AESContext *)aes_ctx_buf; > rv = AES_InitContext(aes_ctx, aes_key, aes_key_length, iv, >@@ -903,6 +908,7 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > plaintext_item.len); > if (rv != SECSuccess) goto loser; > } else { >+#endif > aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech, > CKA_ENCRYPT, aes_key_pkcs11, &ivItem); > if (!aes_ctx_pkcs11) >@@ -914,13 +920,16 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > PK11_Finalize(aes_ctx_pkcs11); > PK11_DestroyContext(aes_ctx_pkcs11, PR_TRUE); > if (rv != SECSuccess) goto loser; >+#ifndef NOSSLBYPASS > } >+#endif > > /* Convert ciphertext length to network order. */ > length_buf[0] = (ciphertext.len >> 8) & 0xff; > length_buf[1] = (ciphertext.len ) & 0xff; > > /* Compute MAC. */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > hmac_ctx = (HMACContext *)hmac_ctx_buf; > hashObj = HASH_GetRawHashObject(HASH_AlgSHA256); >@@ -936,6 +945,7 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length, > sizeof(computed_mac)); > } else { >+#endif > SECItem macParam; > macParam.data = NULL; > macParam.len = 0; >@@ -954,7 +964,9 @@ ssl3_SendNewSessionTicket(sslSocket *ss) > &computed_mac_length, sizeof(computed_mac)); > PK11_DestroyContext(hmac_ctx_pkcs11, PR_TRUE); > if (rv != SECSuccess) goto loser; >+#ifndef NOSSLBYPASS > } >+#endif > > /* Serialize the handshake message. */ > rv = ssl3_AppendHandshakeHeader(ss, new_session_ticket, message_length); >@@ -1075,13 +1087,17 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > return SECFailure; > > /* Get session ticket keys. */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length, > &mac_key, &mac_key_length); > } else { >+#endif > rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11, > &mac_key_pkcs11); >+#ifndef NOSSLBYPASS > } >+#endif > if (rv != SECSuccess) { > SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.", > SSL_GETPID(), ss->fd)); >@@ -1101,6 +1117,7 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > /* Verify the MAC on the ticket. MAC verification may also > * fail if the MAC key has been recently refreshed. > */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > hmac_ctx = (HMACContext *)hmac_ctx_buf; > hashObj = HASH_GetRawHashObject(HASH_AlgSHA256); >@@ -1114,6 +1131,7 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > sizeof(computed_mac)) != SECSuccess) > goto no_ticket; > } else { >+#endif > SECItem macParam; > macParam.data = NULL; > macParam.len = 0; >@@ -1139,7 +1157,9 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > PK11_DestroyContext(hmac_ctx_pkcs11, PR_TRUE); > if (rv != SECSuccess) > goto no_ticket; >+#ifndef NOSSLBYPASS > } >+#endif > if (NSS_SecureMemcmp(computed_mac, enc_session_ticket.mac, > computed_mac_length) != 0) { > SSL_DBG(("%d: SSL[%d]: Session ticket MAC mismatch.", >@@ -1157,6 +1177,7 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > decrypted_state = SECITEM_AllocItem(NULL, NULL, > enc_session_ticket.encrypted_state.len); > >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11) { > aes_ctx = (AESContext *)aes_ctx_buf; > rv = AES_InitContext(aes_ctx, aes_key, >@@ -1175,6 +1196,7 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > if (rv != SECSuccess) > goto no_ticket; > } else { >+#endif > SECItem ivItem; > ivItem.data = enc_session_ticket.iv; > ivItem.len = AES_BLOCK_SIZE; >@@ -1194,7 +1216,9 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > PK11_DestroyContext(aes_ctx_pkcs11, PR_TRUE); > if (rv != SECSuccess) > goto no_ticket; >+#ifndef NOSSLBYPASS > } >+#endif > > /* Check padding. */ > padding_length = >@@ -1348,9 +1372,11 @@ ssl3_ServerHandleSessionTicketXtn(sslSoc > sid->keaKeyBits = parsed_session_ticket->keaKeyBits; > > /* Copy master secret. */ >+#ifndef NOSSLBYPASS > if (ss->opt.bypassPKCS11 && > parsed_session_ticket->ms_is_wrapped) > goto no_ticket; >+#endif > if (parsed_session_ticket->ms_length > > sizeof(sid->u.ssl3.keys.wrapped_master_secret)) > goto no_ticket; >diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.806588 ./mozilla/security/nss/lib/ssl/sslsock.c >--- ./mozilla/security/nss/lib/ssl/sslsock.c.806588 2012-03-30 13:55:43.683050124 -0700 >+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2012-03-30 13:55:43.748050129 -0700 >@@ -687,11 +687,15 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh > rv = SECFailure; > } else { > if (PR_FALSE != on) { >+#ifdef NOSSLBYPASS >+ rv = SECFailure; >+#else > if (PR_SUCCESS == SSL_BypassSetup() ) { > ss->opt.bypassPKCS11 = on; > } else { > rv = SECFailure; > } >+#endif > } else { > ss->opt.bypassPKCS11 = PR_FALSE; > } >@@ -971,11 +975,15 @@ SSL_OptionSetDefault(PRInt32 which, PRBo > > case SSL_BYPASS_PKCS11: > if (PR_FALSE != on) { >+#ifndef NOSSLBYPASS >+ return SECFailure; >+#else > if (PR_SUCCESS == SSL_BypassSetup()) { > ssl_defaults.bypassPKCS11 = on; > } else { > return SECFailure; > } >+#endif > } else { > ssl_defaults.bypassPKCS11 = PR_FALSE; > } >diff -up ./mozilla/security/nss/tests/ssl/ssl.sh.806588 ./mozilla/security/nss/tests/ssl/ssl.sh >--- ./mozilla/security/nss/tests/ssl/ssl.sh.806588 2012-03-30 13:56:52.474053853 -0700 >+++ ./mozilla/security/nss/tests/ssl/ssl.sh 2012-03-30 14:04:57.972080170 -0700 >@@ -958,7 +958,11 @@ ssl_run_tests() > SERVER_OPTIONS= > ;; > "bypass") >- SERVER_OPTIONS="-B -s" >+ if [ -n "${NSS_NOSSLBYPASS}" ]; then >+ echo "${SCRIPTNAME}: bypass not supported." >+ else >+ SERVER_OPTIONS="-B -s" >+ end > ;; > "fips") > SERVER_OPTIONS= >@@ -975,7 +979,11 @@ ssl_run_tests() > CLIENT_OPTIONS= > ;; > "bypass") >- CLIENT_OPTIONS="-B -s" >+ if [ -n "${NSS_NOSSLBYPASS}" ]; then >+ echo "${SCRIPTNAME}: bypass not supported." >+ else >+ CLIENT_OPTIONS="-B -s" >+ fi > ;; > "fips") > SERVER_OPTIONS=
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=574100">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 806588
:
572564
|
574100
|
577475
|
584430
|
594623
|
594787
|
641885