Closed Bug 542510 Opened 14 years ago Closed 11 years ago

Move certificate verification into HandleServerHelloDone

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: agl, Unassigned)

References

Details

Attachments

(1 file)

patch v1
7.89 KB, patch
agl
: review?
nelson
Details | Diff | Splinter Review
Attached patch patch v1Splinter Review 
Currently, the certificate verification callbacks are made in HandleCertificate. With OCSP stapling, a CertificateStatus message may come after the Certificate mesage. However, we would rather have the OCSP stapling information available at certificate validation time.

This patch moves the verification callbacks into HandleServerHelloDone for the client. This means that any OCSP stapled data will be ready by the time that the callbacks are made. (Note that this is only the first patch in a series - on OCSP stapling code is inclued).

I'm most worried about the badCertHandler. It can return SECWouldBlock and cause the handshake to pause. Previously, a client would pause before sending the CSS, Finished messages etc. Whilst with this patch it will do so afterwards. I'm not sure of the use case here and if this changes anything important.
Blocks: 360420
Attachment #423797 - Flags: review?(nelson)
I'll guess you haven't considered the impact on the callers of 
SSL_RestartHandshakeAfterServerCert().
Attachment #423797 - Attachment is patch: true
Attachment #423797 - Attachment mime type: application/octet-stream → text/plain
> I'll guess you haven't considered the impact on the callers of 
> SSL_RestartHandshakeAfterServerCert().

Isn't that what I was getting at in my 3rd paragraph, above?

If the sending of the additional messages is a problem for these clients then:

1) This patch can be dropped completely. Clients that want OCSP stapling data can check the certificate in the handshake complete callback (as Chromium does).

2) HandleServerHelloDone can be split in two: the bottom half sends the messages only if the badCertHandler doesn't return SECWouldBlock. Restarting the handshake then needs to call this bottom half in addition to its current work.
Adam, 
I think the goal you're trying to achieve is worthy, and we should pursue it.
I don't wish to "throw out" your patch.  It may require a little more work 
to figure out what to do for callers of that one function.  I don't think the problem is intractable.
OS: Linux → All
Hardware: x86 → All
I believe this bug can be marked as obsolete.

The SSL client protocol patches in bug 360420 will ensure that a potential cert status message gets processed prior to certificate authentication.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: