OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */ | 8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */ |
9 | 9 |
10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
(...skipping 6023 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6034 ca_list.names[i] = node->name; | 6034 ca_list.names[i] = node->name; |
6035 } | 6035 } |
6036 | 6036 |
6037 if (length != 0) | 6037 if (length != 0) |
6038 goto alert_loser; /* malformed */ | 6038 goto alert_loser; /* malformed */ |
6039 | 6039 |
6040 desc = no_certificate; | 6040 desc = no_certificate; |
6041 ss->ssl3.hs.ws = wait_hello_done; | 6041 ss->ssl3.hs.ws = wait_hello_done; |
6042 | 6042 |
6043 #ifdef NSS_PLATFORM_CLIENT_AUTH | 6043 #ifdef NSS_PLATFORM_CLIENT_AUTH |
6044 if (ss->getPlatformClientAuthData == NULL) { | 6044 if (ss->getPlatformClientAuthData != NULL) { |
6045 » rv = SECFailure; /* force it to send a no_certificate alert */ | |
6046 } else { | |
6047 /* XXX Should pass cert_types in this call!! */ | 6045 /* XXX Should pass cert_types in this call!! */ |
6048 rv = (SECStatus)(*ss->getPlatformClientAuthData)( | 6046 rv = (SECStatus)(*ss->getPlatformClientAuthData)( |
6049 ss->getPlatformClientAuthDataArg, | 6047 ss->getPlatformClientAuthDataArg, |
6050 ss->fd, &ca_list, | 6048 ss->fd, &ca_list, |
6051 &platform_cert_list, | 6049 &platform_cert_list, |
6052 (void**)&ss->ssl3.platformClientKey, | 6050 (void**)&ss->ssl3.platformClientKey, |
6053 &ss->ssl3.clientCertificate, | 6051 &ss->ssl3.clientCertificate, |
6054 &ss->ssl3.clientPrivateKey); | 6052 &ss->ssl3.clientPrivateKey); |
6055 } | 6053 } else |
6056 #else | 6054 #endif |
6057 if (ss->getClientAuthData == NULL) { | 6055 if (ss->getClientAuthData == NULL) { |
6058 rv = SECFailure; /* force it to send a no_certificate alert */ | 6056 rv = SECFailure; /* force it to send a no_certificate alert */ |
6059 } else { | 6057 } else { |
6060 /* XXX Should pass cert_types in this call!! */ | 6058 /* XXX Should pass cert_types in this call!! */ |
6061 rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg, | 6059 rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg, |
6062 ss->fd, &ca_list, | 6060 ss->fd, &ca_list, |
6063 &ss->ssl3.clientCertificate, | 6061 &ss->ssl3.clientCertificate, |
6064 &ss->ssl3.clientPrivateKey); | 6062 &ss->ssl3.clientPrivateKey); |
6065 } | 6063 } |
6066 #endif /* NSS_PLATFORM_CLIENT_AUTH */ | 6064 |
6067 switch (rv) { | 6065 switch (rv) { |
6068 case SECWouldBlock: /* getClientAuthData has put up a dialog box. */ | 6066 case SECWouldBlock: /* getClientAuthData has put up a dialog box. */ |
6069 ssl3_SetAlwaysBlock(ss); | 6067 ssl3_SetAlwaysBlock(ss); |
6070 break; /* not an error */ | 6068 break; /* not an error */ |
6071 | 6069 |
6072 case SECSuccess: | 6070 case SECSuccess: |
6073 #ifdef NSS_PLATFORM_CLIENT_AUTH | 6071 #ifdef NSS_PLATFORM_CLIENT_AUTH |
6074 if (!platform_cert_list || CERT_LIST_EMPTY(platform_cert_list) || | 6072 if (!platform_cert_list || CERT_LIST_EMPTY(platform_cert_list) || |
6075 !ss->ssl3.platformClientKey) { | 6073 !ss->ssl3.platformClientKey) { |
6076 if (platform_cert_list) { | 6074 if (platform_cert_list) { |
(...skipping 4859 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
10936 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 10934 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
10937 } | 10935 } |
10938 } | 10936 } |
10939 | 10937 |
10940 ss->ssl3.initialized = PR_FALSE; | 10938 ss->ssl3.initialized = PR_FALSE; |
10941 | 10939 |
10942 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 10940 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
10943 } | 10941 } |
10944 | 10942 |
10945 /* End of ssl3con.c */ | 10943 /* End of ssl3con.c */ |
OLD | NEW |