OLD | NEW |
---|---|
1 /* ***** BEGIN LICENSE BLOCK ***** | 1 /* ***** BEGIN LICENSE BLOCK ***** |
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
3 * | 3 * |
4 * The contents of this file are subject to the Mozilla Public License Version | 4 * The contents of this file are subject to the Mozilla Public License Version |
5 * 1.1 (the "License"); you may not use this file except in compliance with | 5 * 1.1 (the "License"); you may not use this file except in compliance with |
6 * the License. You may obtain a copy of the License at | 6 * the License. You may obtain a copy of the License at |
7 * http://www.mozilla.org/MPL/ | 7 * http://www.mozilla.org/MPL/ |
8 * | 8 * |
9 * Software distributed under the License is distributed on an "AS IS" basis, | 9 * Software distributed under the License is distributed on an "AS IS" basis, |
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License | 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
(...skipping 358 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
369 unsigned int valLen, i; | 369 unsigned int valLen, i; |
370 SECStatus rv = SECFailure; | 370 SECStatus rv = SECFailure; |
371 | 371 |
372 ss = ssl_FindSocket(fd); | 372 ss = ssl_FindSocket(fd); |
373 if (!ss) { | 373 if (!ss) { |
374 SSL_DBG(("%d: SSL[%d]: bad socket in ExportKeyingMaterial", | 374 SSL_DBG(("%d: SSL[%d]: bad socket in ExportKeyingMaterial", |
375 SSL_GETPID(), fd)); | 375 SSL_GETPID(), fd)); |
376 return SECFailure; | 376 return SECFailure; |
377 } | 377 } |
378 | 378 |
379 ssl_GetRecvBufLock(ss); | |
wtc
2012/05/30 22:54:29
The changes to this file should be moved to a sepa
Ryan Sleevi
2012/05/30 23:20:10
No, this is important to avoiding the need to modi
wtc
2012/05/31 01:23:42
I studied the functions in sslsecur.c as examples.
Ryan Sleevi
2012/05/31 01:31:14
1stHandshakeLock is itself guarded by RecvBufLock.
wtc
2012/06/01 01:02:38
1stHandshakeLock is broader than RecvBufLock.
I f
Ryan Sleevi
2012/06/04 21:51:50
ssl3_SendClientHello expects HaveSSL3HandshakeLock
wtc
2012/06/04 23:44:58
I am not suggesting that we remove the ssl_GetSSL3
Ryan Sleevi
2012/06/05 00:01:59
Apologies, but I still don't understand why you're
| |
380 ssl_GetSSL3HandshakeLock(ss); | |
381 | |
379 if (ss->version < SSL_LIBRARY_VERSION_3_1_TLS) { | 382 if (ss->version < SSL_LIBRARY_VERSION_3_1_TLS) { |
380 PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION); | 383 PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION); |
384 ssl_ReleaseSSL3HandshakeLock(ss); | |
385 ssl_ReleaseRecvBufLock(ss); | |
381 return SECFailure; | 386 return SECFailure; |
382 } | 387 } |
383 | 388 |
384 /* construct PRF arguments */ | 389 /* construct PRF arguments */ |
385 valLen = SSL3_RANDOM_LENGTH * 2; | 390 valLen = SSL3_RANDOM_LENGTH * 2; |
386 if (hasContext) { | 391 if (hasContext) { |
387 valLen += 2 /* uint16 length */ + contextLen; | 392 valLen += 2 /* uint16 length */ + contextLen; |
388 } | 393 } |
389 val = PORT_Alloc(valLen); | 394 val = PORT_Alloc(valLen); |
390 if (!val) { | 395 if (!val) { |
396 ssl_ReleaseSSL3HandshakeLock(ss); | |
397 ssl_ReleaseRecvBufLock(ss); | |
391 return SECFailure; | 398 return SECFailure; |
392 } | 399 } |
393 i = 0; | 400 i = 0; |
401 | |
394 PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); | 402 PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); |
395 i += SSL3_RANDOM_LENGTH; | 403 i += SSL3_RANDOM_LENGTH; |
396 PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH); | 404 PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH); |
397 i += SSL3_RANDOM_LENGTH; | 405 i += SSL3_RANDOM_LENGTH; |
406 ssl_ReleaseSSL3HandshakeLock(ss); | |
wtc
2012/05/30 22:54:29
BUG: this function releases SSL3HandshakeLock twic
Ryan Sleevi
2012/05/30 23:20:10
Well spotted.
| |
407 | |
398 if (hasContext) { | 408 if (hasContext) { |
399 val[i++] = contextLen >> 8; | 409 val[i++] = contextLen >> 8; |
400 val[i++] = contextLen; | 410 val[i++] = contextLen; |
401 PORT_Memcpy(val + i, context, contextLen); | 411 PORT_Memcpy(val + i, context, contextLen); |
402 i += contextLen; | 412 i += contextLen; |
403 } | 413 } |
404 PORT_Assert(i == valLen); | 414 PORT_Assert(i == valLen); |
405 | 415 |
406 /* Allow TLS keying material to be exported sooner, when the master | 416 /* Allow TLS keying material to be exported sooner, when the master |
407 * secret is available and we have sent ChangeCipherSpec. | 417 * secret is available and we have sent ChangeCipherSpec. |
408 */ | 418 */ |
409 ssl_GetSpecReadLock(ss); | 419 ssl_GetSpecReadLock(ss); |
410 if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) { | 420 if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) { |
411 PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); | 421 PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); |
412 rv = SECFailure; | 422 rv = SECFailure; |
413 } else { | 423 } else { |
414 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, | 424 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, |
415 valLen, out, outLen); | 425 valLen, out, outLen); |
416 } | 426 } |
417 ssl_ReleaseSpecReadLock(ss); | 427 ssl_ReleaseSpecReadLock(ss); |
428 ssl_ReleaseSSL3HandshakeLock(ss); | |
429 ssl_ReleaseRecvBufLock(ss); | |
418 | 430 |
419 PORT_ZFree(val, valLen); | 431 PORT_ZFree(val, valLen); |
420 return rv; | 432 return rv; |
421 } | 433 } |
OLD | NEW |