Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(847)

Side by Side Diff: net/third_party/nss/ssl/sslgathr.c

Issue 3177012: Update to NSS 3.12.7. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/ssl/sslerr.h ('k') | net/third_party/nss/ssl/sslmutex.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Gather (Read) entire SSL2 records from socket into buffer. 2 * Gather (Read) entire SSL2 records from socket into buffer.
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 18 matching lines...) Expand all
29 * in which case the provisions of the GPL or the LGPL are applicable instead 29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only 30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to 31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your 32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice 33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete 34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under 35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL. 36 * the terms of any one of the MPL, the GPL or the LGPL.
37 * 37 *
38 * ***** END LICENSE BLOCK ***** */ 38 * ***** END LICENSE BLOCK ***** */
39 /* $Id: sslgathr.c,v 1.10 2009/10/16 17:45:35 wtc%google.com Exp $ */ 39 /* $Id: sslgathr.c,v 1.12 2010/04/25 23:37:38 nelson%bolyard.com Exp $ */
40 #include "cert.h" 40 #include "cert.h"
41 #include "ssl.h" 41 #include "ssl.h"
42 #include "sslimpl.h" 42 #include "sslimpl.h"
43 #include "sslproto.h" 43 #include "sslproto.h"
44 44
45 /* Forward static declarations */ 45 /* Forward static declarations */
46 static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss); 46 static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss);
47 47
48 /* 48 /*
49 ** Gather a single record of data from the receiving stream. This code 49 ** Gather a single record of data from the receiving stream. This code
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after
265 rv = SECFailure; 265 rv = SECFailure;
266 goto spec_locked_done; 266 goto spec_locked_done;
267 } 267 }
268 PORT_Assert(gs->count == gs->offset); 268 PORT_Assert(gs->count == gs->offset);
269 269
270 if (gs->offset == 0) { 270 if (gs->offset == 0) {
271 rv = 0; /* means EOF. */ 271 rv = 0; /* means EOF. */
272 goto spec_locked_done; 272 goto spec_locked_done;
273 } 273 }
274 274
275 » /* Decrypt the portion of data that we just recieved. 275 » /* Decrypt the portion of data that we just received.
276 ** Decrypt it in place. 276 ** Decrypt it in place.
277 */ 277 */
278 rv = (*ss->sec.dec)(ss->sec.readcx, pBuf, &nout, gs->offset, 278 rv = (*ss->sec.dec)(ss->sec.readcx, pBuf, &nout, gs->offset,
279 pBuf, gs->offset); 279 pBuf, gs->offset);
280 if (rv != SECSuccess) { 280 if (rv != SECSuccess) {
281 goto spec_locked_done; 281 goto spec_locked_done;
282 } 282 }
283 283
284 284
285 /* Have read in all the MAC portion of record 285 /* Have read in all the MAC portion of record
(...skipping 10 matching lines...) Expand all
296 seq[2] = (unsigned char) (sequenceNumber >> 8); 296 seq[2] = (unsigned char) (sequenceNumber >> 8);
297 seq[3] = (unsigned char) (sequenceNumber); 297 seq[3] = (unsigned char) (sequenceNumber);
298 298
299 (*ss->sec.hash->begin)(ss->sec.hashcx); 299 (*ss->sec.hash->begin)(ss->sec.hashcx);
300 (*ss->sec.hash->update)(ss->sec.hashcx, ss->sec.rcvSecret.data, 300 (*ss->sec.hash->update)(ss->sec.hashcx, ss->sec.rcvSecret.data,
301 ss->sec.rcvSecret.len); 301 ss->sec.rcvSecret.len);
302 (*ss->sec.hash->update)(ss->sec.hashcx, pBuf + macLen, 302 (*ss->sec.hash->update)(ss->sec.hashcx, pBuf + macLen,
303 gs->offset - macLen); 303 gs->offset - macLen);
304 (*ss->sec.hash->update)(ss->sec.hashcx, seq, 4); 304 (*ss->sec.hash->update)(ss->sec.hashcx, seq, 4);
305 (*ss->sec.hash->end)(ss->sec.hashcx, mac, &macLen, macLen); 305 (*ss->sec.hash->end)(ss->sec.hashcx, mac, &macLen, macLen);
306
307 PORT_Assert(macLen == ss->sec.hash->length);
308
309 ssl_ReleaseSpecReadLock(ss); /******************************/
310
311 if (NSS_SecureMemcmp(mac, pBuf, macLen) != 0) {
312 /* MAC's didn't match... */
313 SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
314 SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
315 PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
316 PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
317 PORT_SetError(SSL_ERROR_BAD_MAC_READ);
318 rv = SECFailure;
319 goto cleanup;
320 }
321 } else {
322 ssl_ReleaseSpecReadLock(ss); /******************************/
306 } 323 }
307 324
308 PORT_Assert(macLen == ss->sec.hash->length);
309
310 ssl_ReleaseSpecReadLock(ss); /******************************/
311
312 if (NSS_SecureMemcmp(mac, pBuf, macLen) != 0) {
313 /* MAC's didn't match... */
314 SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
315 SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
316 PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
317 PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
318 PORT_SetError(SSL_ERROR_BAD_MAC_READ);
319 rv = SECFailure;
320 goto cleanup;
321 }
322
323
324 PORT_Assert(gs->recordPadding + macLen <= gs->offset);
325 if (gs->recordPadding + macLen <= gs->offset) { 325 if (gs->recordPadding + macLen <= gs->offset) {
326 gs->recordOffset = macLen; 326 gs->recordOffset = macLen;
327 gs->readOffset = macLen; 327 gs->readOffset = macLen;
328 gs->writeOffset = gs->offset - gs->recordPadding; 328 gs->writeOffset = gs->offset - gs->recordPadding;
329 rv = 1; 329 rv = 1;
330 } else { 330 } else {
331 PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING); 331 PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
332 cleanup: 332 cleanup:
333 /* nothing in the buffer any more. */ 333 /* nothing in the buffer any more. */
334 gs->recordOffset = 0; 334 gs->recordOffset = 0;
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after
474 **/ 474 **/
475 rv = ssl3_NegotiateVersion(ss, version); 475 rv = ssl3_NegotiateVersion(ss, version);
476 if (rv != SECSuccess) { 476 if (rv != SECSuccess) {
477 return rv; 477 return rv;
478 } 478 }
479 479
480 ss->sec.send = ssl3_SendApplicationData; 480 ss->sec.send = ssl3_SendApplicationData;
481 481
482 return SECSuccess; 482 return SECSuccess;
483 } 483 }
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/sslerr.h ('k') | net/third_party/nss/ssl/sslmutex.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698