commit f5c58c88029648b608d75cdb06d82b06f0d30953 Author: Georg Koppen gk@torproject.org Date: Tue May 17 18:30:08 2016 +0000
Bug 18885: Disable possible logging of TLS key material
This is a backport of the bugfix for #1183318 (https://hg.mozilla.org/projects/nss/rev/68d0b829490f).
This is working for us as we are building Tor Browser optimized for all the platforms we support. --- security/nss/lib/ssl/Makefile | 7 +++++++ security/nss/lib/ssl/ssl3con.c | 6 ++++++ security/nss/lib/ssl/sslsock.c | 6 ++++++ 3 files changed, 19 insertions(+)
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile index d56cbf2..abf54c9 100644 --- a/security/nss/lib/ssl/Makefile +++ b/security/nss/lib/ssl/Makefile @@ -39,6 +39,13 @@ CSRCS += unix_err.c endif endif
+# Enable key logging by default in debug builds, but not opt builds. +# Logging still needs to be enabled at runtime through env vars. +NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1) +ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE)) +DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1 +endif + ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 8f1c547..ac57812 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -6029,6 +6029,7 @@ done: return unwrappedWrappingKey; }
+#ifdef NSS_ALLOW_SSLKEYLOGFILE /* hexEncode hex encodes |length| bytes from |in| and writes it as |length*2| * bytes to |out|. */ static void @@ -6042,6 +6043,7 @@ hexEncode(char *out, const unsigned char *in, unsigned int length) *(out++) = hextable[in[i] & 15]; } } +#endif
/* Called from ssl3_SendClientKeyExchange(). */ /* Presently, this always uses PKCS11. There is no bypass for this. */ @@ -6081,6 +6083,7 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey) goto loser; }
+#ifdef NSS_ALLOW_SSLKEYLOGFILE if (ssl_keylog_iob) { SECStatus extractRV = PK11_ExtractKeyValue(pms); if (extractRV == SECSuccess) { @@ -6112,6 +6115,7 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey) } } } +#endif
rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange, isTLS ? enc_pms.len + 2 : enc_pms.len); @@ -10989,6 +10993,7 @@ ssl3_SendNextProto(sslSocket *ss) static void ssl3_RecordKeyLog(sslSocket *ss) { +#ifdef NSS_ALLOW_SSLKEYLOGFILE SECStatus rv; SECItem *keyData; char buf[14 /* "CLIENT_RANDOM " */ + @@ -11039,6 +11044,7 @@ ssl3_RecordKeyLog(sslSocket *ss) return; fflush(ssl_keylog_iob); return; +#endif }
/* called from ssl3_SendClientSecondRound diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index f735009..de9a1315 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -118,7 +118,11 @@ int ssl_lock_readers = 1; /* default true. */ char ssl_debug; char ssl_trace; FILE * ssl_trace_iob; + +#ifdef NSS_ALLOW_SSLKEYLOGFILE FILE * ssl_keylog_iob; +#endif + char lockStatus[] = "Locks are ENABLED. "; #define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */
@@ -3118,6 +3122,7 @@ ssl_SetDefaultsFromEnvironment(void) SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); } #endif /* DEBUG */ +#ifdef NSS_ALLOW_SSLKEYLOGFILE ev = getenv("SSLKEYLOGFILE"); if (ev && ev[0]) { ssl_keylog_iob = fopen(ev, "a"); @@ -3131,6 +3136,7 @@ ssl_SetDefaultsFromEnvironment(void) SSL_TRACE(("SSL: logging SSL/TLS secrets to %s", ev)); } } +#endif #ifndef NO_PKCS11_BYPASS ev = getenv("SSLBYPASS"); if (ev && ev[0]) {