OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 8238 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8249 anyRestrictedEnabled(ss) && | 8249 anyRestrictedEnabled(ss) && |
8250 SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert, | 8250 SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert, |
8251 PR_FALSE, /* checkSig */ | 8251 PR_FALSE, /* checkSig */ |
8252 certUsageSSLServerWithStepUp, | 8252 certUsageSSLServerWithStepUp, |
8253 /*XXX*/ ss->authCertificateArg) ) { | 8253 /*XXX*/ ss->authCertificateArg) ) { |
8254 ss->ssl3.policy = SSL_RESTRICTED; | 8254 ss->ssl3.policy = SSL_RESTRICTED; |
8255 ss->ssl3.hs.rehandshake = PR_TRUE; | 8255 ss->ssl3.hs.rehandshake = PR_TRUE; |
8256 } | 8256 } |
8257 | 8257 |
8258 ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert); | 8258 ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert); |
8259 ssl3_CopyPeerCertsToSID(certs, ss->sec.ci.sid); | 8259 ssl3_CopyPeerCertsToSID(ss->ssl3.peerCertChain, ss->sec.ci.sid); |
8260 | 8260 |
8261 if (!ss->sec.isServer) { | 8261 if (!ss->sec.isServer) { |
8262 /* set the server authentication and key exchange types and sizes | 8262 /* set the server authentication and key exchange types and sizes |
8263 ** from the value in the cert. If the key exchange key is different, | 8263 ** from the value in the cert. If the key exchange key is different, |
8264 ** it will get fixed when we handle the server key exchange message. | 8264 ** it will get fixed when we handle the server key exchange message. |
8265 */ | 8265 */ |
8266 SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert); | 8266 SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert); |
8267 ss->sec.authAlgorithm = ss->ssl3.hs.kea_def->signKeyType; | 8267 ss->sec.authAlgorithm = ss->ssl3.hs.kea_def->signKeyType; |
8268 ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType; | 8268 ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType; |
8269 if (pubKey) { | 8269 if (pubKey) { |
(...skipping 1682 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
9952 | 9952 |
9953 ss->ssl3.initialized = PR_FALSE; | 9953 ss->ssl3.initialized = PR_FALSE; |
9954 | 9954 |
9955 if (ss->ssl3.nextProto.data) { | 9955 if (ss->ssl3.nextProto.data) { |
9956 PORT_Free(ss->ssl3.nextProto.data); | 9956 PORT_Free(ss->ssl3.nextProto.data); |
9957 ss->ssl3.nextProto.data = NULL; | 9957 ss->ssl3.nextProto.data = NULL; |
9958 } | 9958 } |
9959 } | 9959 } |
9960 | 9960 |
9961 /* End of ssl3con.c */ | 9961 /* End of ssl3con.c */ |
OLD | NEW |