diff options
author | mckev@amazon.com <mckev@amazon.com@4ff67af0-8c30-449e-8e8b-ad334ec8d88c> | 2013-06-22 00:20:06 +0000 |
---|---|---|
committer | mckev@amazon.com <mckev@amazon.com@4ff67af0-8c30-449e-8e8b-ad334ec8d88c> | 2013-06-22 00:20:06 +0000 |
commit | 8f54aac19a36d72ea630c813cae51c81a3cc0d78 (patch) | |
tree | 6c042d009d49caf44cacac20cfb8becb2ce90994 /openssl/ssl | |
parent | 39898464beeee474c11348ba7171637a4825e1a1 (diff) | |
download | openssl-8f54aac19a36d72ea630c813cae51c81a3cc0d78.tar.gz |
Under some circumstances, certain TLS connections are dropped by certain
remote servers when the TLS ClientHello record exceeds 256 bytes.
This patch changes the number of ECC formats advertised in the ClientHello
to exactly match the same formats advertised by the desktop version of
Chromium during TLS negotiation, netting a savings of approximately 50
bytes in the ClientHello record. This effectively eliminates the occurrence
of the issue.
Patch is named with a 'z' to ensure it is applied after the other patches
in the folder when import_from_android.sh is run, since that script processes
patches in alphabetical order.
R=digit@chromium.org,wtc@chromium.org
BUG:chromium:245500
TEST:
1. With V25, Visit http://campusstatebank.com
2. Enter a fictitious username and click "Submit"
3. The "processing login" page appears.
4. Nothing happens. In some cases, the logo will fail to show.
5. With the proposed patch applied, visit http://campusstatebank.com
6. Enter a fictitious username and click "Submit"
7. The "processing login" page appears.
8. The browser is redirected to a page where the password can be entered.
Contributed by mckev@amazon.com
Review URL: https://chromiumcodereview.appspot.com/17425002
git-svn-id: http://src.chromium.org/svn/trunk/deps/third_party/openssl@207965 4ff67af0-8c30-449e-8e8b-ad334ec8d88c
Diffstat (limited to 'openssl/ssl')
-rw-r--r-- | openssl/ssl/t1_lib.c | 36 |
1 files changed, 9 insertions, 27 deletions
diff --git a/openssl/ssl/t1_lib.c b/openssl/ssl/t1_lib.c index 28d45b3..f447f22 100644 --- a/openssl/ssl/t1_lib.c +++ b/openssl/ssl/t1_lib.c @@ -202,33 +202,14 @@ static int nid_list[] = NID_secp521r1 /* secp521r1 (25) */ }; +/* We support only the elliptic curves that are also supported by NSS + * to improve compatibility with sites that don't accept large ClientHellos. + */ static int pref_list[] = { - NID_sect571r1, /* sect571r1 (14) */ - NID_sect571k1, /* sect571k1 (13) */ NID_secp521r1, /* secp521r1 (25) */ - NID_sect409k1, /* sect409k1 (11) */ - NID_sect409r1, /* sect409r1 (12) */ NID_secp384r1, /* secp384r1 (24) */ - NID_sect283k1, /* sect283k1 (9) */ - NID_sect283r1, /* sect283r1 (10) */ - NID_secp256k1, /* secp256k1 (22) */ NID_X9_62_prime256v1, /* secp256r1 (23) */ - NID_sect239k1, /* sect239k1 (8) */ - NID_sect233k1, /* sect233k1 (6) */ - NID_sect233r1, /* sect233r1 (7) */ - NID_secp224k1, /* secp224k1 (20) */ - NID_secp224r1, /* secp224r1 (21) */ - NID_sect193r1, /* sect193r1 (4) */ - NID_sect193r2, /* sect193r2 (5) */ - NID_secp192k1, /* secp192k1 (18) */ - NID_X9_62_prime192v1, /* secp192r1 (19) */ - NID_sect163k1, /* sect163k1 (1) */ - NID_sect163r1, /* sect163r1 (2) */ - NID_sect163r2, /* sect163r2 (3) */ - NID_secp160k1, /* secp160k1 (15) */ - NID_secp160r1, /* secp160r1 (16) */ - NID_secp160r2, /* secp160r2 (17) */ }; int tls1_ec_curve_id2nid(int curve_id) @@ -1703,17 +1684,18 @@ int ssl_prepare_clienthello_tlsext(SSL *s) if (using_ecc) { if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); - if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) + /* To save an additional 2 bytes in the ClientHello, we only advertise support + * for the only EC Point Format that NSS supports (instead of all 3). + */ + if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) { SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); return -1; } - s->tlsext_ecpointformatlist_length = 3; + s->tlsext_ecpointformatlist_length = 1; s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed; - s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; - /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ + /* we only advertise support for elliptic curves in NSA Suite B */ if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist); s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2; if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) |