Linux: enable building with a local version of libssl.

net/third_party/nss/ssl/ssl3gthr.c

+/*
+ * Gather (Read) entire SSL3 records from socket into buffer.  
+ *
+ * ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+/* $Id: ssl3gthr.c,v 1.9 2008/11/20 07:37:25 nelson%bolyard.com Exp $ */
+
+#include "cert.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "ssl3prot.h"
+
+/* 
+ * Attempt to read in an entire SSL3 record.
+ * Blocks here for blocking sockets, otherwise returns -1 with 
+ *      PR_WOULD_BLOCK_ERROR when socket would block.
+ *
+ * returns  1 if received a complete SSL3 record.
+ * returns  0 if recv returns EOF
+ * returns -1 if recv returns <0  
+ *      (The error value may have already been set to PR_WOULD_BLOCK_ERROR)
+ *
+ * Caller must hold the recv buf lock.
+ *
+ * The Gather state machine has 3 states:  GS_INIT, GS_HEADER, GS_DATA.
+ * GS_HEADER: waiting for the 5-byte SSL3 record header to come in.
+ * GS_DATA:   waiting for the body of the SSL3 record   to come in.
+ *
+ * This loop returns when either (a) an error or EOF occurs, 
+ *      (b) PR_WOULD_BLOCK_ERROR,
+ *      (c) data (entire SSL3 record) has been received.
+ */
+static int
+ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags)
+{
+    unsigned char *bp;
+    unsigned char *lbp;
+    int            nb;
+    int            err;
+    int            rv           = 1;
+
+    PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
+    if (gs->state == GS_INIT) {
+        gs->state       = GS_HEADER;
+        gs->remainder   = 5;
+        gs->offset      = 0;
+        gs->writeOffset = 0;
+        gs->readOffset  = 0;
+        gs->inbuf.len   = 0;
+    }
+    
+    lbp = gs->inbuf.buf;
+    for(;;) {
+        SSL_TRC(30, ("%d: SSL3[%d]: gather state %d (need %d more)",
+                SSL_GETPID(), ss->fd, gs->state, gs->remainder));
+        bp = ((gs->state != GS_HEADER) ? lbp : gs->hdr) + gs->offset;
+        nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
+
+        if (nb > 0) {
+            PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
+        } else if (nb == 0) {
+            /* EOF */
+            SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
+            rv = 0;
+            break;
+        } else /* if (nb < 0) */ {
+            SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
+                     PR_GetError()));
+            rv = SECFailure;
+            break;
+        }
+
+        PORT_Assert( nb <= gs->remainder );
+        if (nb > gs->remainder) {
+            /* ssl_DefRecv is misbehaving!  this error is fatal to SSL. */
+            gs->state = GS_INIT;         /* so we don't crash next time */
+            rv = SECFailure;
+            break;
+        }
+
+        gs->offset    += nb;
+        gs->remainder -= nb;
+        if (gs->state == GS_DATA)
+            gs->inbuf.len += nb;
+
+        /* if there's more to go, read some more. */
+        if (gs->remainder > 0) {
+            continue;
+        }
+
+        /* have received entire record header, or entire record. */
+        switch (gs->state) {
+        case GS_HEADER:
+            /*
+            ** Have received SSL3 record header in gs->hdr.
+            ** Now extract the length of the following encrypted data, 
+            ** and then read in the rest of the SSL3 record into gs->inbuf.
+            */
+            gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
+
+            /* This is the max fragment length for an encrypted fragment
+            ** plus the size of the record header.
+            */
+            if(gs->remainder > (MAX_FRAGMENT_LENGTH + 2048 + 5)) {
+                SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+                gs->state = GS_INIT;
+                PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
+                return SECFailure;
+            }
+
+            gs->state     = GS_DATA;
+            gs->offset    = 0;
+            gs->inbuf.len = 0;
+
+            if (gs->remainder > gs->inbuf.space) {
+                err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
+                if (err) {      /* realloc has set error code to no mem. */
+                    return err;
+                }
+                lbp = gs->inbuf.buf;
+            }
+            break;      /* End this case.  Continue around the loop. */
+
+
+        case GS_DATA:
+            /* 
+            ** SSL3 record has been completely received.
+            */
+            gs->state = GS_INIT;
+            return 1;
+        }
+    }
+
+    return rv;
+}
+
+/* Gather in a record and when complete, Handle that record.
+ * Repeat this until the handshake is complete, 
+ * or until application data is available.
+ *
+ * Returns  1 when the handshake is completed without error, or 
+ *                 application data is available.
+ * Returns  0 if ssl3_GatherData hits EOF.
+ * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
+ * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
+ *
+ * Called from ssl_GatherRecord1stHandshake       in sslcon.c, 
+ *    and from SSL_ForceHandshake in sslsecur.c
+ *    and from ssl3_GatherAppDataRecord below (<- DoRecv in sslsecur.c).
+ *
+ * Caller must hold the recv buf lock.
+ */
+int
+ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
+{
+    SSL3Ciphertext cText;
+    int            rv;
+
+    PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
+    do {
+        /* bring in the next sslv3 record. */
+        rv = ssl3_GatherData(ss, &ss->gs, flags);
+        if (rv <= 0) {
+            return rv;
+        }
+        
+        /* decipher it, and handle it if it's a handshake. 
+         * If it's application data, ss->gs.buf will not be empty upon return. 
+         */
+        cText.type    = (SSL3ContentType)ss->gs.hdr[0];
+        cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
+        cText.buf     = &ss->gs.inbuf;
+        rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
+        if (rv < 0) {
+            return ss->recvdCloseNotify ? 0 : rv;
+        }
+    } while (ss->ssl3.hs.ws != idle_handshake && ss->gs.buf.len == 0);
+
+    ss->gs.readOffset = 0;
+    ss->gs.writeOffset = ss->gs.buf.len;
+    return 1;
+}
+
+/* Repeatedly gather in a record and when complete, Handle that record.
+ * Repeat this until some application data is received.
+ *
+ * Returns  1 when application data is available.
+ * Returns  0 if ssl3_GatherData hits EOF.
+ * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
+ * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
+ *
+ * Called from DoRecv in sslsecur.c
+ * Caller must hold the recv buf lock.
+ */
+int
+ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
+{
+    int            rv;
+
+    PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
+    do {
+        rv = ssl3_GatherCompleteHandshake(ss, flags);
+    } while (rv > 0 && ss->gs.buf.len == 0);
+
+    return rv;
+}