Remove the _SSL_FALLBACK_ parts
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
This commit is contained in:
parent
2d8800e227
commit
6370dbeb1d
8 changed files with 1 additions and 226 deletions
|
@ -1552,24 +1552,6 @@
|
|||
*/
|
||||
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_FALLBACK_SCSV
|
||||
*
|
||||
* Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV)
|
||||
* for Preventing Protocol Downgrade Attacks.
|
||||
*
|
||||
* For servers, it is recommended to always enable this, unless you support
|
||||
* only one version of TLS, or know for sure that none of your clients
|
||||
* implements a fallback strategy.
|
||||
*
|
||||
* For clients, you only need this if you're using a fallback strategy, which
|
||||
* is not recommended in the first place, unless you absolutely need it to
|
||||
* interoperate with buggy (version-intolerant) servers.
|
||||
*
|
||||
* Comment this macro to disable support for FALLBACK_SCSV
|
||||
*/
|
||||
#define MBEDTLS_SSL_FALLBACK_SCSV
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
|
||||
*
|
||||
|
|
|
@ -156,9 +156,6 @@
|
|||
#define MBEDTLS_SSL_IS_CLIENT 0
|
||||
#define MBEDTLS_SSL_IS_SERVER 1
|
||||
|
||||
#define MBEDTLS_SSL_IS_NOT_FALLBACK 0
|
||||
#define MBEDTLS_SSL_IS_FALLBACK 1
|
||||
|
||||
#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0
|
||||
#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1
|
||||
|
||||
|
@ -279,7 +276,6 @@
|
|||
* Signaling ciphersuite values (SCSV)
|
||||
*/
|
||||
#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
|
||||
#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */
|
||||
|
||||
/*
|
||||
* Supported Signature and Hash algorithms (For TLS 1.2)
|
||||
|
@ -1198,9 +1194,6 @@ struct mbedtls_ssl_config
|
|||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
unsigned int session_tickets : 1; /*!< use session tickets? */
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
|
||||
unsigned int fallback : 1; /*!< is this a fallback? */
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_SRV_C)
|
||||
unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in
|
||||
Certificate Request messages? */
|
||||
|
@ -1832,54 +1825,6 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
|
||||
|
||||
/**
|
||||
* \brief Check whether a buffer contains a valid and authentic record
|
||||
* that has not been seen before. (DTLS only).
|
||||
*
|
||||
* This function does not change the user-visible state
|
||||
* of the SSL context. Its sole purpose is to provide
|
||||
* an indication of the legitimacy of an incoming record.
|
||||
*
|
||||
* This can be useful e.g. in distributed server environments
|
||||
* using the DTLS Connection ID feature, in which connections
|
||||
* might need to be passed between service instances on a change
|
||||
* of peer address, but where such disruptive operations should
|
||||
* only happen after the validity of incoming records has been
|
||||
* confirmed.
|
||||
*
|
||||
* \param ssl The SSL context to use.
|
||||
* \param buf The address of the buffer holding the record to be checked.
|
||||
* This must be a read/write buffer of length \p buflen Bytes.
|
||||
* \param buflen The length of \p buf in Bytes.
|
||||
*
|
||||
* \note This routine only checks whether the provided buffer begins
|
||||
* with a valid and authentic record that has not been seen
|
||||
* before, but does not check potential data following the
|
||||
* initial record. In particular, it is possible to pass DTLS
|
||||
* datagrams containing multiple records, in which case only
|
||||
* the first record is checked.
|
||||
*
|
||||
* \note This function modifies the input buffer \p buf. If you need
|
||||
* to preserve the original record, you have to maintain a copy.
|
||||
*
|
||||
* \return \c 0 if the record is valid and authentic and has not been
|
||||
* seen before.
|
||||
* \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed
|
||||
* successfully but the record was found to be not authentic.
|
||||
* \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed
|
||||
* successfully but the record was found to be invalid for
|
||||
* a reason different from authenticity checking.
|
||||
* \return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD if the check completed
|
||||
* successfully but the record was found to be unexpected
|
||||
* in the state of the SSL context, including replayed records.
|
||||
* \return Another negative error code on different kinds of failure.
|
||||
* In this case, the SSL context becomes unusable and needs
|
||||
* to be freed or reset before reuse.
|
||||
*/
|
||||
int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
|
||||
unsigned char *buf,
|
||||
size_t buflen );
|
||||
|
||||
/**
|
||||
* \brief Set the timer callbacks (Mandatory for DTLS.)
|
||||
*
|
||||
|
@ -3268,29 +3213,6 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino
|
|||
*/
|
||||
void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
|
||||
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
|
||||
/**
|
||||
* \brief Set the fallback flag (client-side only).
|
||||
* (Default: MBEDTLS_SSL_IS_NOT_FALLBACK).
|
||||
*
|
||||
* \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback
|
||||
* connection, that is a connection with max_version set to a
|
||||
* lower value than the value you're willing to use. Such
|
||||
* fallback connections are not recommended but are sometimes
|
||||
* necessary to interoperate with buggy (version-intolerant)
|
||||
* servers.
|
||||
*
|
||||
* \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for
|
||||
* non-fallback connections! This would appear to work for a
|
||||
* while, then cause failures when the server is upgraded to
|
||||
* support a newer TLS version.
|
||||
*
|
||||
* \param conf SSL configuration
|
||||
* \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
|
||||
*/
|
||||
void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
|
||||
#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
/**
|
||||
* \brief Enable or disable Encrypt-then-MAC
|
||||
|
|
|
@ -1206,19 +1206,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
|
|||
n++;
|
||||
}
|
||||
|
||||
/* Some versions of OpenSSL don't handle it correctly if not at end */
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
|
||||
*p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
|
||||
*p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
|
||||
n++;
|
||||
}
|
||||
#endif
|
||||
|
||||
*q++ = (unsigned char)( n >> 7 );
|
||||
*q++ = (unsigned char)( n << 1 );
|
||||
|
||||
|
|
|
@ -86,70 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
||||
unsigned char *buf,
|
||||
size_t len,
|
||||
mbedtls_record *rec );
|
||||
|
||||
int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
|
||||
unsigned char *buf,
|
||||
size_t buflen )
|
||||
{
|
||||
int ret = 0;
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen );
|
||||
|
||||
/* We don't support record checking in TLS because
|
||||
* (a) there doesn't seem to be a usecase for it, and
|
||||
* (b) In TLS 1.0, CBC record decryption has state
|
||||
* and we'd need to backup the transform here.
|
||||
*/
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM )
|
||||
{
|
||||
ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
goto exit;
|
||||
}
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
else
|
||||
{
|
||||
mbedtls_record rec;
|
||||
|
||||
ret = ssl_parse_record_header( ssl, buf, buflen, &rec );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ssl->transform_in != NULL )
|
||||
{
|
||||
ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
exit:
|
||||
/* On success, we have decrypted the buffer in-place, so make
|
||||
* sure we don't leak any plaintext data. */
|
||||
mbedtls_platform_zeroize( buf, buflen );
|
||||
|
||||
/* For the purpose of this API, treat messages with unexpected CID
|
||||
* as well as such from future epochs as unexpected. */
|
||||
if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID ||
|
||||
ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
|
||||
{
|
||||
ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#define SSL_DONT_FORCE_FLUSH 0
|
||||
#define SSL_FORCE_FLUSH 1
|
||||
|
||||
|
|
|
@ -1781,29 +1781,6 @@ read_record_header:
|
|||
ext += 4 + ext_size;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
|
||||
{
|
||||
if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
|
||||
p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
|
||||
|
||||
if( ssl->minor_ver < ssl->conf->max_minor_ver )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
|
||||
|
||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
|
||||
|
||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
|
||||
|
|
|
@ -4147,13 +4147,6 @@ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int mino
|
|||
conf->min_minor_ver = minor;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
|
||||
void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
|
||||
{
|
||||
conf->fallback = fallback;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C)
|
||||
void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
|
||||
char cert_req_ca_list )
|
||||
|
|
|
@ -287,13 +287,6 @@ int main( void )
|
|||
#define USAGE_DTLS ""
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
#define USAGE_FALLBACK \
|
||||
" fallback=0/1 default: (library default: off)\n"
|
||||
#else
|
||||
#define USAGE_FALLBACK ""
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||
#define USAGE_EMS \
|
||||
" extended_ms=0/1 default: (library default: on)\n"
|
||||
|
@ -402,7 +395,6 @@ int main( void )
|
|||
USAGE_TRUNC_HMAC \
|
||||
USAGE_CONTEXT_CRT_CB \
|
||||
USAGE_ALPN \
|
||||
USAGE_FALLBACK \
|
||||
USAGE_EMS \
|
||||
USAGE_ETM \
|
||||
USAGE_REPRODUCIBLE \
|
||||
|
@ -1055,15 +1047,6 @@ int main( int argc, char *argv[] )
|
|||
{
|
||||
opt.alpn_string = q;
|
||||
}
|
||||
else if( strcmp( p, "fallback" ) == 0 )
|
||||
{
|
||||
switch( atoi( q ) )
|
||||
{
|
||||
case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break;
|
||||
case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break;
|
||||
default: goto usage;
|
||||
}
|
||||
}
|
||||
else if( strcmp( p, "extended_ms" ) == 0 )
|
||||
{
|
||||
switch( atoi( q ) )
|
||||
|
@ -1894,11 +1877,6 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
|
||||
opt.max_version );
|
||||
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
if( opt.fallback != DFL_FALLBACK )
|
||||
mbedtls_ssl_conf_fallback( &conf, opt.fallback );
|
||||
#endif
|
||||
|
||||
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n",
|
||||
|
|
|
@ -155,7 +155,7 @@ log() {
|
|||
# is_dtls <mode>
|
||||
is_dtls()
|
||||
{
|
||||
test "$1" = "dtls1" -o "$1" = "dtls1_2"
|
||||
test "$1" = "dtls1_2"
|
||||
}
|
||||
|
||||
# minor_ver <mode>
|
||||
|
|
Loading…
Reference in a new issue