OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | 4 |
5 /* | 5 /* |
6 * DTLS Protocol | 6 * DTLS Protocol |
7 */ | 7 */ |
8 | 8 |
9 #include "ssl.h" | 9 #include "ssl.h" |
10 #include "sslimpl.h" | 10 #include "sslimpl.h" |
(...skipping 11 matching lines...) Expand all Loading... |
22 static const PRUint16 COMMON_MTU_VALUES[] = { | 22 static const PRUint16 COMMON_MTU_VALUES[] = { |
23 1500 - 28, /* Ethernet MTU */ | 23 1500 - 28, /* Ethernet MTU */ |
24 1280 - 28, /* IPv6 minimum MTU */ | 24 1280 - 28, /* IPv6 minimum MTU */ |
25 576 - 28, /* Common assumption */ | 25 576 - 28, /* Common assumption */ |
26 256 - 28 /* We're in serious trouble now */ | 26 256 - 28 /* We're in serious trouble now */ |
27 }; | 27 }; |
28 | 28 |
29 #define DTLS_COOKIE_BYTES 32 | 29 #define DTLS_COOKIE_BYTES 32 |
30 | 30 |
31 /* List copied from ssl3con.c:cipherSuites */ | 31 /* List copied from ssl3con.c:cipherSuites */ |
32 static const ssl3CipherSuite nonDTLSSuites[] = { | 32 static const ssl3CipherSuite nonDTLSSuites[] = { |
33 #ifndef NSS_DISABLE_ECC | 33 #ifndef NSS_DISABLE_ECC |
34 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, | 34 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, |
35 TLS_ECDHE_RSA_WITH_RC4_128_SHA, | 35 TLS_ECDHE_RSA_WITH_RC4_128_SHA, |
36 #endif /* NSS_DISABLE_ECC */ | 36 #endif /* NSS_DISABLE_ECC */ |
37 TLS_DHE_DSS_WITH_RC4_128_SHA, | 37 TLS_DHE_DSS_WITH_RC4_128_SHA, |
38 #ifndef NSS_DISABLE_ECC | 38 #ifndef NSS_DISABLE_ECC |
39 TLS_ECDH_RSA_WITH_RC4_128_SHA, | 39 TLS_ECDH_RSA_WITH_RC4_128_SHA, |
40 TLS_ECDH_ECDSA_WITH_RC4_128_SHA, | 40 TLS_ECDH_ECDSA_WITH_RC4_128_SHA, |
41 #endif /* NSS_DISABLE_ECC */ | 41 #endif /* NSS_DISABLE_ECC */ |
42 TLS_RSA_WITH_RC4_128_MD5, | 42 TLS_RSA_WITH_RC4_128_MD5, |
43 TLS_RSA_WITH_RC4_128_SHA, | 43 TLS_RSA_WITH_RC4_128_SHA, |
44 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, | |
45 TLS_RSA_EXPORT_WITH_RC4_40_MD5, | |
46 0 /* End of list marker */ | 44 0 /* End of list marker */ |
47 }; | 45 }; |
48 | 46 |
49 /* Map back and forth between TLS and DTLS versions in wire format. | 47 /* Map back and forth between TLS and DTLS versions in wire format. |
50 * Mapping table is: | 48 * Mapping table is: |
51 * | 49 * |
52 * TLS DTLS | 50 * TLS DTLS |
53 * 1.1 (0302) 1.0 (feff) | 51 * 1.1 (0302) 1.0 (feff) |
54 * 1.2 (0303) 1.2 (fefd) | 52 * 1.2 (0303) 1.2 (fefd) |
55 * 1.3 (0304) 1.3 (fefc) | 53 * 1.3 (0304) 1.3 (fefc) |
(...skipping 1130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1186 if (dtls_RecordGetRecvd(&crSpec->recvdRecords, dtls_seq_num) != 0) { | 1184 if (dtls_RecordGetRecvd(&crSpec->recvdRecords, dtls_seq_num) != 0) { |
1187 SSL_DBG(("%d: SSL3[%d]: dtls_IsRelevant, rejecting " | 1185 SSL_DBG(("%d: SSL3[%d]: dtls_IsRelevant, rejecting " |
1188 "potentially replayed packet", | 1186 "potentially replayed packet", |
1189 SSL_GETPID(), ss->fd)); | 1187 SSL_GETPID(), ss->fd)); |
1190 return PR_FALSE; | 1188 return PR_FALSE; |
1191 } | 1189 } |
1192 | 1190 |
1193 *seqNum = dtls_seq_num; | 1191 *seqNum = dtls_seq_num; |
1194 return PR_TRUE; | 1192 return PR_TRUE; |
1195 } | 1193 } |
OLD | NEW |