lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

openssl: support handshake cut-through 

Enables SSL3+ clients to send application data immediately following the
Finished message even when negotiating full-handshakes.  With this patch,
clients can negotiate SSL connections in 1-RTT even when performing
full-handshakes.

This patch is taken from the Android Open Source Project.
v0.9.2-release
Bert Belder 12 years ago
parent
ff22a0cb15
commit
1d9b4ace8a
8 changed files with 117 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 13
      deps/openssl/openssl/apps/s_client.c
  2. 59
      deps/openssl/openssl/ssl/s3_clnt.c
  3. 15
      deps/openssl/openssl/ssl/s3_lib.c
  4. 8
      deps/openssl/openssl/ssl/ssl.h
  5. 1
      deps/openssl/openssl/ssl/ssl3.h
  6. 13
      deps/openssl/openssl/ssl/ssl_lib.c
  7. 13
      deps/openssl/openssl/ssl/ssltest.c
  8. 3
      deps/openssl/openssl/test/testssl

13
deps/openssl/openssl/apps/s_client.c
View File

@ -360,6 +360,7 @@ static void sc_usage(void)
# if !defined(OPENSSL_NO_NEXTPROTONEG) # if !defined(OPENSSL_NO_NEXTPROTONEG)
BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
# endif # endif
BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
#endif #endif
BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
@ -573,6 +574,7 @@ int MAIN(int argc, char **argv)
EVP_PKEY *key = NULL; EVP_PKEY *key = NULL;
char *CApath=NULL,*CAfile=NULL,*cipher=NULL; char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
int cutthrough=0;
int crlf=0; int crlf=0;
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
SSL_CTX *ctx=NULL; SSL_CTX *ctx=NULL;
@ -879,6 +881,8 @@ int MAIN(int argc, char **argv)
} }
# endif # endif
#endif #endif
else if (strcmp(*argv,"-cutthrough") == 0)
cutthrough=1;
else if (strcmp(*argv,"-serverpref") == 0) else if (strcmp(*argv,"-serverpref") == 0)
off|=SSL_OP_CIPHER_SERVER_PREFERENCE; off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
else if (strcmp(*argv,"-legacy_renegotiation") == 0) else if (strcmp(*argv,"-legacy_renegotiation") == 0)
@ -1145,6 +1149,15 @@ bad:
*/ */
if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
/* Enable handshake cutthrough for client connections using
* strong ciphers. */
if (cutthrough)
{
int ssl_mode = SSL_CTX_get_mode(ctx);
ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH;
SSL_CTX_set_mode(ctx, ssl_mode);
}
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto.data) if (next_proto.data)
SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);

59
deps/openssl/openssl/ssl/s3_clnt.c
View File

@ -202,6 +202,18 @@ int ssl3_connect(SSL *s)
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
#if 0 /* Send app data in separate packet, otherwise, some particular site
* (only one site so far) closes the socket.
* Note: there is a very small chance that two TCP packets
* could be arriving at server combined into a single TCP packet,
* then trigger that site to break. We haven't encounter that though.
*/
if (SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH)
{
/* Send app data along with CCS/Finished */
s->s3->flags |= SSL3_FLAGS_DELAY_CLIENT_FINISHED;
}
#endif
#ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
/* If we're awaiting a HeartbeatResponse, pretend we /* If we're awaiting a HeartbeatResponse, pretend we
@ -527,14 +539,31 @@ int ssl3_connect(SSL *s)
} }
else else
{ {
#ifndef OPENSSL_NO_TLSEXT if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && SSL_get_cipher_bits(s, NULL) >= 128
/* Allow NewSessionTicket if ticket expected */ && s->s3->previous_server_finished_len == 0 /* no cutthrough on renegotiation (would complicate the state machine) */
if (s->tlsext_ticket_expected) )
s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A; {
if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
{
s->state=SSL3_ST_CUTTHROUGH_COMPLETE;
s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
s->s3->delay_buf_pop_ret=0;
}
else
{
s->s3->tmp.next_state=SSL3_ST_CUTTHROUGH_COMPLETE;
}
}
else else
{
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
else
#endif #endif
s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A; }
} }
s->init_num=0; s->init_num=0;
break; break;
@ -582,6 +611,24 @@ int ssl3_connect(SSL *s)
s->state=s->s3->tmp.next_state; s->state=s->s3->tmp.next_state;
break; break;
case SSL3_ST_CUTTHROUGH_COMPLETE:
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
s->state=SSL3_ST_CR_SESSION_TICKET_A;
else
#endif
s->state=SSL3_ST_CR_FINISHED_A;
/* SSL_write() will take care of flushing buffered data if
* DELAY_CLIENT_FINISHED is set.
*/
if (!(s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED))
ssl_free_wbio_buffer(s);
ret = 1;
goto end;
/* break; */
case SSL_ST_OK: case SSL_ST_OK:
/* clean a few things up */ /* clean a few things up */
ssl3_cleanup_key_block(s); ssl3_cleanup_key_block(s);

15
deps/openssl/openssl/ssl/s3_lib.c
View File

@ -4199,9 +4199,22 @@ int ssl3_write(SSL *s, const void *buf, int len)
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
{ {
int ret; int n,ret;
clear_sys_error(); clear_sys_error();
if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
{
/* Deal with an application that calls SSL_read() when handshake data
* is yet to be written.
*/
if (BIO_wpending(s->wbio) > 0)
{
s->rwstate=SSL_WRITING;
n=BIO_flush(s->wbio);
if (n <= 0) return(n);
s->rwstate=SSL_NOTHING;
}
}
if (s->s3->renegotiate) ssl3_renegotiate_check(s); if (s->s3->renegotiate) ssl3_renegotiate_check(s);
s->s3->in_read_app_data=1; s->s3->in_read_app_data=1;
ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);

8
deps/openssl/openssl/ssl/ssl.h
View File

@ -641,6 +641,10 @@ struct ssl_session_st
/* Use small read and write buffers: (a) lazy allocate read buffers for /* Use small read and write buffers: (a) lazy allocate read buffers for
* large incoming records, and (b) limit the size of outgoing records. */ * large incoming records, and (b) limit the size of outgoing records. */
#define SSL_MODE_SMALL_BUFFERS 0x00000020L #define SSL_MODE_SMALL_BUFFERS 0x00000020L
/* When set, clients may send application data before receipt of CCS
* and Finished. This mode enables full-handshakes to 'complete' in
* one RTT. */
#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000040L
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */ * they cannot be used to clear bits. */
@ -1409,10 +1413,12 @@ extern "C" {
/* Is the SSL_connection established? */ /* Is the SSL_connection established? */
#define SSL_get_state(a) SSL_state(a) #define SSL_get_state(a) SSL_state(a)
#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) #define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT) #define SSL_in_init(a) ((SSL_state(a)&SSL_ST_INIT) && \
!SSL_cutthrough_complete(a))
#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE) #define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT) #define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT) #define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
int SSL_cutthrough_complete(const SSL *s);
/* The following 2 states are kept in ssl->rstate when reads fail, /* The following 2 states are kept in ssl->rstate when reads fail,
* you should not need these */ * you should not need these */

1
deps/openssl/openssl/ssl/ssl3.h
View File

@ -557,6 +557,7 @@ typedef struct ssl3_state_st
/*client */ /*client */
/* extra state */ /* extra state */
#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
#define SSL3_ST_CUTTHROUGH_COMPLETE (0x101|SSL_ST_CONNECT)
#ifndef OPENSSL_NO_SCTP #ifndef OPENSSL_NO_SCTP
#define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT) #define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
#define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT) #define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)

13
deps/openssl/openssl/ssl/ssl_lib.c
View File

@ -3211,6 +3211,19 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
} }
int SSL_cutthrough_complete(const SSL *s)
{
return (!s->server && /* cutthrough only applies to clients */
!s->hit && /* full-handshake */
s->version >= SSL3_VERSION &&
s->s3->in_read_app_data == 0 && /* cutthrough only applies to write() */
(SSL_get_mode((SSL*)s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && /* cutthrough enabled */
SSL_get_cipher_bits(s, NULL) >= 128 && /* strong cipher choosen */
s->s3->previous_server_finished_len == 0 && /* not a renegotiation handshake */
(s->state == SSL3_ST_CR_SESSION_TICKET_A || /* ready to write app-data*/
s->state == SSL3_ST_CR_FINISHED_A));
}
/* Allocates new EVP_MD_CTX and sets pointer to it into given pointer /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
* vairable, freeing EVP_MD_CTX previously stored in that variable, if * vairable, freeing EVP_MD_CTX previously stored in that variable, if
* any. If EVP_MD pointer is passed, initializes ctx with this md * any. If EVP_MD pointer is passed, initializes ctx with this md

13
deps/openssl/openssl/ssl/ssltest.c
View File

@ -371,6 +371,7 @@ static void sv_usage(void)
fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n"); fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n"); fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n");
fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n"); fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n");
fprintf(stderr," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
} }
static void print_details(SSL *c_ssl, const char *prefix) static void print_details(SSL *c_ssl, const char *prefix)
@ -502,6 +503,7 @@ int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
int ssl_mode = 0; int ssl_mode = 0;
int c_small_records=0; int c_small_records=0;
int s_small_records=0; int s_small_records=0;
int cutthrough = 0;
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
@ -778,6 +780,10 @@ int main(int argc, char *argv[])
{ {
s_small_records = 1; s_small_records = 1;
} }
else if (strcmp(*argv, "-cutthrough") == 0)
{
cutthrough = 1;
}
else else
{ {
fprintf(stderr,"unknown option %s\n",*argv); fprintf(stderr,"unknown option %s\n",*argv);
@ -928,6 +934,13 @@ bad:
ssl_mode |= SSL_MODE_SMALL_BUFFERS; ssl_mode |= SSL_MODE_SMALL_BUFFERS;
SSL_CTX_set_mode(s_ctx, ssl_mode); SSL_CTX_set_mode(s_ctx, ssl_mode);
} }
ssl_mode = 0;
if (cutthrough)
{
ssl_mode = SSL_CTX_get_mode(c_ctx);
ssl_mode = SSL_MODE_HANDSHAKE_CUTTHROUGH;
SSL_CTX_set_mode(c_ctx, ssl_mode);
}
#ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_DH
if (!no_dhe) if (!no_dhe)

3
deps/openssl/openssl/test/testssl
View File

@ -79,6 +79,9 @@ $ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication and small client and server buffers echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1 $ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough
$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1
echo test sslv2 via BIO pair echo test sslv2 via BIO pair
$ssltest -bio_pair -ssl2 $extra || exit 1 $ssltest -bio_pair -ssl2 $extra || exit 1

Write Preview
Loading…
Cancel
Save