mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 19:35:51 +00:00
Bug 1445731 - land NSS NSS_3_37_BETA2 UPGRADE_NSS_RELEASE, r=me
--HG-- extra : rebase_source : b68bb60ebd5ac7037d71c8db6acec29802220a5c
This commit is contained in:
parent
cb14cfd1ca
commit
61f85fbe96
@ -1 +1 @@
|
||||
3e452651e282
|
||||
NSS_3_37_BETA2
|
||||
|
@ -181,6 +181,10 @@ ifndef NSS_FORCE_FIPS
|
||||
DEFINES += -DNSS_NO_INIT_SUPPORT
|
||||
endif
|
||||
|
||||
ifdef NSS_SEED_ONLY_DEV_URANDOM
|
||||
DEFINES += -DSEED_ONLY_DEV_URANDOM
|
||||
endif
|
||||
|
||||
# Avoid building object leak test code for optimized library
|
||||
ifndef BUILD_OPT
|
||||
ifdef PKIX_OBJECT_LEAK_TEST
|
||||
|
@ -10,3 +10,4 @@
|
||||
*/
|
||||
|
||||
#error "Do not include this header file."
|
||||
|
||||
|
@ -620,6 +620,52 @@ TEST_P(TlsConnectGenericPre13, ConnectUnsupportedPointFormat) {
|
||||
client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM);
|
||||
}
|
||||
|
||||
// Replace SignatureAndHashAlgorithm of a SKE.
|
||||
class ECCServerKEXSigAlgReplacer : public TlsHandshakeFilter {
|
||||
public:
|
||||
ECCServerKEXSigAlgReplacer(const std::shared_ptr<TlsAgent> &server,
|
||||
SSLSignatureScheme sig_scheme)
|
||||
: TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}),
|
||||
sig_scheme_(sig_scheme) {}
|
||||
|
||||
protected:
|
||||
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header,
|
||||
const DataBuffer &input,
|
||||
DataBuffer *output) {
|
||||
*output = input;
|
||||
|
||||
uint32_t point_len;
|
||||
EXPECT_TRUE(output->Read(3, 1, &point_len));
|
||||
output->Write(4 + point_len, sig_scheme_, 2);
|
||||
|
||||
return CHANGE;
|
||||
}
|
||||
|
||||
private:
|
||||
SSLSignatureScheme sig_scheme_;
|
||||
};
|
||||
|
||||
TEST_P(TlsConnectTls12, ConnectUnsupportedSigAlg) {
|
||||
EnsureTlsSetup();
|
||||
client_->DisableAllCiphers();
|
||||
client_->EnableCiphersByKeyExchange(ssl_kea_ecdh);
|
||||
|
||||
MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_, ssl_sig_none);
|
||||
ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
|
||||
client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
|
||||
}
|
||||
|
||||
TEST_P(TlsConnectTls12, ConnectIncorrectSigAlg) {
|
||||
EnsureTlsSetup();
|
||||
client_->DisableAllCiphers();
|
||||
client_->EnableCiphersByKeyExchange(ssl_kea_ecdh);
|
||||
|
||||
MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_,
|
||||
ssl_sig_ecdsa_secp256r1_sha256);
|
||||
ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
|
||||
client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
|
||||
}
|
||||
|
||||
INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest,
|
||||
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
|
||||
TlsConnectTestBase::kTlsV11Plus));
|
||||
|
@ -32,7 +32,7 @@
|
||||
* - whenever possible, if older branches require a modification to the
|
||||
* list, these changes should be made on the main line of development (trunk),
|
||||
* and the older branches should update to the most recent list.
|
||||
*
|
||||
*
|
||||
* - ODD minor version numbers are reserved to indicate a snapshot that has
|
||||
* deviated from the main line of development, e.g. if it was necessary
|
||||
* to modify the list on a stable branch.
|
||||
|
@ -4,10 +4,14 @@
|
||||
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include "secerr.h"
|
||||
#include "secrng.h"
|
||||
#include "prprf.h"
|
||||
|
||||
/* syscall getentropy() is limited to retrieving 256 bytes */
|
||||
#define GETENTROPY_MAX_BYTES 256
|
||||
|
||||
void
|
||||
RNG_SystemInfoForRNG(void)
|
||||
{
|
||||
@ -28,6 +32,35 @@ RNG_SystemRNG(void *dest, size_t maxLen)
|
||||
size_t fileBytes = 0;
|
||||
unsigned char *buffer = dest;
|
||||
|
||||
#if defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25)))
|
||||
int result;
|
||||
|
||||
while (fileBytes < maxLen) {
|
||||
size_t getBytes = maxLen - fileBytes;
|
||||
if (getBytes > GETENTROPY_MAX_BYTES) {
|
||||
getBytes = GETENTROPY_MAX_BYTES;
|
||||
}
|
||||
result = getentropy(buffer, getBytes);
|
||||
if (result == 0) { /* success */
|
||||
fileBytes += getBytes;
|
||||
buffer += getBytes;
|
||||
} else {
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (fileBytes == maxLen) { /* success */
|
||||
return maxLen;
|
||||
}
|
||||
/* If we failed with an error other than ENOSYS, it means the destination
|
||||
* buffer is not writeable. We don't need to try writing to it again. */
|
||||
if (errno != ENOSYS) {
|
||||
PORT_SetError(SEC_ERROR_NEED_RANDOM);
|
||||
return 0;
|
||||
}
|
||||
/* ENOSYS means the kernel doesn't support getentropy()/getrandom().
|
||||
* Reset the number of bytes to get and fall back to /dev/urandom. */
|
||||
fileBytes = 0;
|
||||
#endif
|
||||
fd = open("/dev/urandom", O_RDONLY);
|
||||
if (fd < 0) {
|
||||
PORT_SetError(SEC_ERROR_NEED_RANDOM);
|
||||
|
@ -548,11 +548,13 @@ ssl3_HandleECDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length)
|
||||
if (ss->ssl3.prSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) {
|
||||
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
|
||||
if (rv != SECSuccess) {
|
||||
errCode = PORT_GetError();
|
||||
goto alert_loser; /* malformed or unsupported. */
|
||||
}
|
||||
rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
|
||||
ss->sec.peerCert);
|
||||
if (rv != SECSuccess) {
|
||||
errCode = PORT_GetError();
|
||||
goto alert_loser;
|
||||
}
|
||||
hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
|
||||
|
Loading…
Reference in New Issue
Block a user