Closed Bug 549042 Opened 14 years ago Closed 11 years ago

Patch to send empty renegotiation info extension instead of SCSV in initial handshakes

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.12.6
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.15.4

People

(Reporter: wtc, Assigned: wtc)

References

Details

Attachments

(1 file, 2 obsolete files)

Patch v3
956 bytes, patch
wtc
: checked-in+
Details | Diff | Splinter Review
Attached patch Patch (DO NOT CHECK IN) (obsolete) — Splinter Review 
The attached patch causes NSS SSL clients to send empty renegotiation info
extensions instead of SCSV in initial handshakes unless TLS is disabled.

This allows implementers of server-side secure renegotiation to use the
patched NSS as a test client that sends empty RI extensions (as opposed to
SCSV, or both SCSV and empty RI) in initial handshakes.
Attached patch Patch v2 (DO NOT CHECK IN) (obsolete) — Splinter Review 
The previous patch has a minor bug: it uses the wrong SSL version in the
session resumption case.
Attachment #429281 - Attachment is obsolete: true
Target Milestone: --- → 3.13
We (NSS team) decided to make this change, targeted for 3.13, to be consistent with Windows SChannel and Chrome.
Target Milestone: 3.13 → Future
Target Milestone: Future → ---
Wan-Teh, do you know the current state of this bug? The patch says "DO NOT CHECK IN" and comment 2 says we agreed to make this change to NSS to be consistent with other implementations. Do we still need to actually make that change?
Comment on attachment 429282 [details] [diff] [review]
Patch v2 (DO NOT CHECK IN)

Review of attachment 429282 [details] [diff] [review]:
-----------------------------------------------------------------

I see that this seems to have been used in Chromium for quite a while without problems.

The SCSV is very slightly smaller (two bytes) than the empty RI extension (4 bytes), so in that sense the SCSV is slightly better.

However, when only the SCSV is sent, servers that conform to RFC 5746 break the more general rule that says that a server must not send an extension unless the client sent that extension. This indicates to me that there could be interoperability issues. Did Chromium experience any interoperability issues before you started using this patch?

In general, it is good for Firefox to be consistent with IE and Chromium. That is another argument in favor of taking this patch in upstream NSS. Since we already agreed to do so, I think we should check in the patch now.
Attachment #429282 - Flags: review+
Wan-Teh, do you agree with checking in this patch for the NSS 3.15.3 release?

Are either of you interested in the potential space savings of doing the opposite, and reverting this patch in Chromium?

I think ultimately we're better off being consistent, though I think it is silly to waste two bytes.
Flags: needinfo?(wtc)
Target Milestone: --- → 3.15.3
Attached patch Patch v3Splinter Review 
Brian: thank you for the review. I am definitely for checking in
this patch. For some reason I didn't get a "review granted" email
notification (perhaps because I didn't request a review).

I updated the patch to the current NSS trunk and checked it in:
https://hg.mozilla.org/projects/nss/rev/34d14a78ed17
Attachment #429282 - Attachment is obsolete: true
Attachment #824388 - Flags: checked-in?
Flags: needinfo?(wtc)
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Priority: -- → P2
Resolution: --- → FIXED
Attachment #824388 - Flags: checked-in? → checked-in+
changing target milestone to 3.15.4
Target Milestone: 3.15.3 → 3.15.4
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: