Closed Bug 127960 Opened 23 years ago Closed 18 years ago

SSL force handshake function should take a timeout

Categories

(NSS :: Libraries, enhancement, P2)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.4

People

(Reporter: julien.pierre, Assigned: nelson)

References

Details

Attachments

(2 files)

Add SSL_ReHandshakeWithTimeout and SSL_ForceHandshakeWithTimeout
9.03 KB, patch
nelson
: review+
Details | Diff | Splinter Review
patch to nss.def for the 3.11 branch
535 bytes, patch
alvolkov.bgs
: review+
wtc
: superreview+
Details | Diff | Splinter Review
In the SSL code, when forcing an SSL handshake to occur through SSL_ForceHandshake / SSL_ReHandshake / SSL_ReDoHanshake, the SSL library uses the timeout argument from the previous PR_Recv or PR_Send operation done on the socket. In some cases, such as for the client auth in the web server, we want to control the handshake timeout separately from the regular socket I/O timeout. We would like to have a new API to force the handshake to occur, taking an extra timeout argument.
Severity: normal → enhancement
*** Bug 124337 has been marked as a duplicate of this bug. ***
Actually, this argument would not truly accomplish what's needed here. It would only work for forced handshakes. In the case of the first full handshake, there would be no way to control it. The initial PR_Recv timeout would probably be used. I don't know if this is desireable or not. I think an option set via SSL_OptionSet that would work for all cases would be better. If that option is not set, the current behavior would apply. Otherwise the set timeout would be used.
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Target 3.6, priority P2.
Assignee: wtc → jpierre
Priority: -- → P2
Target Milestone: --- → 3.6
Target Milestone: 3.6 → Future
Keywords: sun-orion4
Target Milestone: Future → 3.10
Unsetting target.
Target Milestone: 3.10 → ---
QA Contact: bishakhabanerjee → jason.m.reid
This bug has been open for years. We have several internal customers interested in the fix . There are two problems with the approaches I suggested earlier 1) The type for the value of SSL socket options is declared as a PRBool. This makes it somewhat ugly to implement an SSL option with a timeout value, which would need to be a PRIntervalTime, itself declared as PRUint32 . A PRBool is a PRIntn, which is a platform-specific int, and has a minimum requirement of only 2 bytes in prtypes.h . I believe there are no longer any useful platforms that have less than 32-bit integers, but it would still be preferable to have an API that took the right type for the value of the SSL option, or maybe simply a void*, which would always be good enough for any kind of option we set in the future. 2) the rTimeout and wTimeout within the SSL socket structure are constantly being reset by NSPR I/O calls . If we had a global timeout property exclusively for handshakes, we would need to change the SSL I/O code to figure out if the I/O is happening within a handshake. This is quite complicated to do. Because of these issues, I'm taking the simpler approach of just adding two new ReHandshake / ForceHandshake APIs with the additional PRIntervalTime argument. The 2 new APIs will simply set the timeout in the SSL structure prior to calling the old functions. I'm not providing an enhancement version of SSL_ReDoHandshake, since that API has been marked as obsolete. Patch forthcoming.
Keywords: sun-orion4
Target Milestone: --- → 3.11
If the interface of SSL_OptionSet is not approriate for non-Boolean options, you can add new functions to set the option, e.g., SSL_SetHandshakeTimeout. In any case, I'll let you and Nelson decide the proper fix.
Comment on attachment 194729 [details] [diff] [review] Add SSL_ReHandshakeWithTimeout and SSL_ForceHandshakeWithTimeout This patch adds two new public SSL functions. I'd like more time to think about the correctness of the implementation, but I believe the function names and signatures are fine as is, so I'm OK with adding them to libSSL for 3.11.
Attachment #194729 - Flags: review?(nelson) → review+
Thanks for the review, Nelson. I have checked in the patch so that these new APIs don't miss the beta . It would be harder to add them afterwards. If there is a problem with the implementation, I can produce another patch. Checking in sslimpl.h; /cvsroot/mozilla/security/nss/lib/ssl/sslimpl.h,v <-- sslimpl.h new revision: 1.41; previous revision: 1.40 done Checking in sslsecur.c; /cvsroot/mozilla/security/nss/lib/ssl/sslsecur.c,v <-- sslsecur.c new revision: 1.33; previous revision: 1.32 done Checking in sslsock.c; /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v <-- sslsock.c new revision: 1.41; previous revision: 1.40 done Checking in ssl.h; /cvsroot/mozilla/security/nss/lib/ssl/ssl.h,v <-- ssl.h new revision: 1.24; previous revision: 1.23 done
The initial checkin broke the build. I have checked in an update. Sorry about that. Checking in sslimpl.h; /cvsroot/mozilla/security/nss/lib/ssl/sslimpl.h,v <-- sslimpl.h new revision: 1.42; previous revision: 1.41 done Checking in sslsecur.c; /cvsroot/mozilla/security/nss/lib/ssl/sslsecur.c,v <-- sslsecur.c new revision: 1.34; previous revision: 1.33 done Checking in sslsock.c; /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v <-- sslsock.c new revision: 1.42; previous revision: 1.41 done
Julien, Is this bug now resolved/fixed?
Nelson, You said in comment #10 that you wanted to provide comments about the implementation. If you have none, you can mark the bug FIXED.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Reopening. This new feature implementation was/is incomplete. The new functions were not exported from the shared libraries. The new symbols need to be added to ssl.def. When that is done, this bug can be marked resolved/fixed again.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Target Milestone: 3.11 → 3.11.4
I set the release version number to 3.11.4, but maybe it should be 3.11.5 ?
Assignee: bugzilla → nelson
Status: REOPENED → ASSIGNED
Attachment #244649 - Flags: superreview?(wtchang)
Attachment #244649 - Flags: review?(alexei.volkov.bugs)
Comment on attachment 244649 [details] [diff] [review] patch to nss.def for the 3.11 branch NSS 3.11.4 is the right version number for NSS_3_11_BRANCH. I guess the export of these two functions can't wait until NSS 3.12.
Attachment #244649 - Flags: superreview?(wtchang) → superreview+
Comment on attachment 194729 [details] [diff] [review] Add SSL_ReHandshakeWithTimeout and SSL_ForceHandshakeWithTimeout The use of locks in ssl_SetTimeout is strange. By studying the use of SSL_LOCK_READER and SSL_LOCK_WRITER, I concluded that they seem to be intended for serializing ss->ops->recv and ss->ops->send calls, respectively. ssl_Recv may modify ss->wTimeout with only the SSL_LOCK_READER held. ssl_Send may modify ss->rTimeout with only the SSL_LOCK_WRITER held. So whether SSL_LOCK_READER and SSL_LOCK_WRITER also protect ss->rTimeout and ss->wTimeout is not clear and cannot be inferred by existing usage. Also, since ssl_SetTimeout doesn't call ss->ops->recv or ss->ops->send, Julien's decision to always call SSL_LOCK_READER and call SSL_LOCK_WRITER if ss->fdx is true seems ad hoc rather than following some rule or existing usage.
Attachment #244649 - Flags: review?(alexei.volkov.bugs) → review+
Checked in on trunk and NSS_3_11_BRANCH for NSS 3.11.4 Checking in ssl.def; new revision: 1.18; previous revision: 1.17 Checking in ssl.def; new revision: 1.17.28.1; previous revision: 1.17
Status: ASSIGNED → RESOLVED
Closed: 19 years ago18 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: