Merge support for enabling / disabling renegotiation support at compile-time

2015-01-13 16:18:23 +01:00 · 2015-01-13 16:18:23 +01:00 · f6080b8557
commit f6080b8557
parent d7e2483bfc eaecbd3ba8
14 changed files with 498 additions and 95 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -114,6 +114,7 @@ static void ssl_write_hostname_ext( ssl_context *ssl,
 }
 #endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */

+#if defined(POLARSSL_SSL_RENEGOTIATION)
 static void ssl_write_renegotiation_ext( ssl_context *ssl,
                                         unsigned char *buf,
                                         size_t *olen )
@ -141,6 +142,7 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl,

    *olen = 5 + ssl->verify_data_len;
 }
+#endif /* POLARSSL_SSL_RENEGOTIATION */

 /*
 * Only if we handle at least one key exchange that needs signatures.
@ -521,7 +523,9 @@ static int ssl_write_client_hello( ssl_context *ssl )
        return( POLARSSL_ERR_SSL_NO_RNG );
    }

+#if defined(POLARSSL_SSL_RENEGOTIATION)
    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
+#endif
    {
        ssl->major_ver = ssl->min_major_ver;
        ssl->minor_ver = ssl->min_minor_ver;
@ -585,7 +589,10 @@ static int ssl_write_client_hello( ssl_context *ssl )
     */
    n = ssl->session_negotiate->length;

-    if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || n < 16 || n > 32 ||
+    if( n < 16 || n > 32 ||
+#if defined(POLARSSL_SSL_RENEGOTIATION)
+        ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
+#endif
        ssl->handshake->resume == 0 )
    {
        n = 0;
@ -596,8 +603,10 @@ static int ssl_write_client_hello( ssl_context *ssl )
     * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
     * generate and include a Session ID in the TLS ClientHello."
     */
-    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE &&
-        ssl->session_negotiate->ticket != NULL &&
+#if defined(POLARSSL_SSL_RENEGOTIATION)
+    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
+#endif
+    if( ssl->session_negotiate->ticket != NULL &&
        ssl->session_negotiate->ticket_len != 0 )
    {
        ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 );
@ -627,7 +636,9 @@ static int ssl_write_client_hello( ssl_context *ssl )
    /*
     * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
     */
+#if defined(POLARSSL_SSL_RENEGOTIATION)
    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
+#endif
    {
        *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
        *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO      );
@ -693,8 +704,10 @@ static int ssl_write_client_hello( ssl_context *ssl )
    ext_len += olen;
 #endif

+#if defined(POLARSSL_SSL_RENEGOTIATION)
    ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen );
    ext_len += olen;
+#endif

 #if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
    defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
@ -740,6 +753,9 @@ static int ssl_write_client_hello( ssl_context *ssl )
    ext_len += olen;
 #endif

+    /* olen unused if all extensions are disabled */
+    ((void) olen);
+
    SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
                   ext_len ) );

@ -773,21 +789,8 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
 {
    int ret;

-    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
-    {
-        if( len != 1 || buf[0] != 0x0 )
-        {
-            SSL_DEBUG_MSG( 1, ( "non-zero length renegotiated connection field" ) );
-
-            if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 )
-                return( ret );
-
-            return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-
-        ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION;
-    }
-    else
+#if defined(POLARSSL_SSL_RENEGOTIATION)
+    if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE )
    {
        /* Check verify-data in constant-time. The length OTOH is no secret */
        if( len    != 1 + ssl->verify_data_len * 2 ||
@ -797,7 +800,7 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
            safer_memcmp( buf + 1 + ssl->verify_data_len,
                          ssl->peer_verify_data, ssl->verify_data_len ) != 0 )
        {
-            SSL_DEBUG_MSG( 1, ( "non-matching renegotiated connection field" ) );
+            SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );

            if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 )
                return( ret );
@ -805,6 +808,21 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
            return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
        }
    }
+    else
+#endif /* POLARSSL_SSL_RENEGOTIATION */
+    {
+        if( len != 1 || buf[0] != 0x00 )
+        {
+            SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) );
+
+            if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 )
+                return( ret );
+
+            return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+
+        ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION;
+    }

    return( 0 );
 }
@ -996,7 +1014,9 @@ static int ssl_parse_server_hello( ssl_context *ssl )
    size_t n;
    size_t ext_len;
    unsigned char *buf, *ext;
+#if defined(POLARSSL_SSL_RENEGOTIATION)
    int renegotiation_info_seen = 0;
+#endif
    int handshake_failure = 0;
 #if defined(POLARSSL_DEBUG_C)
    uint32_t t;
@ -1021,6 +1041,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )

    if( ssl->in_msgtype != SSL_MSG_HANDSHAKE )
    {
+#if defined(POLARSSL_SSL_RENEGOTIATION)
        if( ssl->renegotiation == SSL_RENEGOTIATION )
        {
            ssl->renego_records_seen++;
@ -1036,6 +1057,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
            SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) );
            return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
        }
+#endif /* POLARSSL_SSL_RENEGOTIATION */

        SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
        return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
@ -1144,8 +1166,10 @@ static int ssl_parse_server_hello( ssl_context *ssl )
    /*
     * Check if the session can be resumed
     */
-    if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
-        ssl->handshake->resume == 0 || n == 0 ||
+    if( ssl->handshake->resume == 0 || n == 0 ||
+#if defined(POLARSSL_SSL_RENEGOTIATION)
+        ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
+#endif
        ssl->session_negotiate->ciphersuite != i ||
        ssl->session_negotiate->compression != comp ||
        ssl->session_negotiate->length != n ||
@ -1226,7 +1250,9 @@ static int ssl_parse_server_hello( ssl_context *ssl )
        {
        case TLS_EXT_RENEGOTIATION_INFO:
            SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
+#if defined(POLARSSL_SSL_RENEGOTIATION)
            renegotiation_info_seen = 1;
+#endif

            if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4,
                                                      ext_size ) ) != 0 )
@ -1346,6 +1372,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
        SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
        handshake_failure = 1;
    }
+#if defined(POLARSSL_SSL_RENEGOTIATION)
    else if( ssl->renegotiation == SSL_RENEGOTIATION &&
             ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION &&
             renegotiation_info_seen == 0 )
@ -1367,6 +1394,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
        SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) );
        handshake_failure = 1;
    }
+#endif /* POLARSSL_SSL_RENEGOTIATION */

    if( handshake_failure == 1 )
    {