net: rework the NPN patch.

net/third_party/nss/ssl/sslsock.c

 /*
  * vtables (and methods that call through them) for the 4 types of 
  * SSLSockets supported.  Only one type is still supported.
  * Various other functions.
  *
  * ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
@@ skipping 1292 matching lines @@
 #ifdef _WIN32
     PR_Sleep(PR_INTERVAL_NO_WAIT);     /* workaround NT winsock connect bug. */
 #endif
     ns = ssl_FindSocket(fd);
     PORT_Assert(ns);
     if (ns)
         ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
     return fd;
 }
 
-/* SSL_SetNextProtoNego sets the list of supported protocols for the given
- * socket. The list is a series of 8-bit, length prefixed strings. */
 SECStatus
-SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data,
-                     unsigned short length)
-{
+SSL_SetNextProtoCallback(PRFileDesc *fd,
+                         SSLNextProtoCallback callback,
+                         void *arg) {
     sslSocket *ss = ssl_FindSocket(fd);
 
     if (!ss) {
         SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoNego", SSL_GETPID(),
                 fd));
         return SECFailure;
     }
 
+    ssl_GetSSL3HandshakeLock(ss);
+    ss->nextProtoCallback = callback;
+    ss->nextProtoArg = arg;
+    ssl_ReleaseSSL3HandshakeLock(ss);
+}
+
+/* NextProtoStandardCallback is set as an NPN callback for the case when the
+ * user of the sockets wants the standard selection algorithm. */
+static SECStatus
+NextProtoStandardCallback(void *arg,
+                          PRFileDesc *fd,
+                          const unsigned char *protos,
+                          unsigned int protos_len,
+                          unsigned char *protoOut,
+                          unsigned int *protoOutLen)
+{
+    unsigned int i, j;
+    const unsigned char *result;
+
+    sslSocket *ss = ssl_FindSocket(fd);
+    PORT_Assert(ss);
+
+    if (protos_len == 0) {
+        /* The server supports the extension, but doesn't have any protocols
+         * configured. In this case we request our favoured protocol. */
+        goto pick_first;
+    }
+
+    /* For each protocol in server preference, see if we support it. */
+    for (i = 0; i < protos_len; ) {
+        for (j = 0; j < ss->opt.nextProtoNego.len; ) {
+            if (protos[i] == ss->opt.nextProtoNego.data[j] &&
+                memcmp(&protos[i+1], &ss->opt.nextProtoNego.data[j+1], protos[i]) == 0) {

[wtc, 2011/10/18 00:58:08]

Nit: is this line longer than 80 characters?

[agl, 2011/10/18 16:44:43]

Done.

+                /* We found a match. */
+                ss->ssl3.nextProtoState = SSL_NEXT_PROTO_NEGOTIATED;
+                result = &protos[i];
+                goto found;
+            }
+            j += (unsigned int)ss->opt.nextProtoNego.data[j] + 1;
+        }
+        i += (unsigned int)protos[i] + 1;

[wtc, 2011/10/18 00:58:08]

Nit: since ss->opt.nextProtoNego.data[j] and protos[i] are
unsigned chars, I believe the (unsigned int) casts are
unnecessary.

Or is it necessary to avoid overflowing unsigned char after
adding 1 to it?

[agl, 2011/10/18 16:44:43]

Right. I want the addition to occur in ℤ/2**32ℤ to avoid an overflow in the
intermediate value.

I actually still believe that the cast is unnecessary in C, but I would rather
waste some space and be clear.

+    }
+
+  pick_first:
+    ss->ssl3.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP;
+    result = ss->opt.nextProtoNego.data;
+
+  found:

[wtc, 2011/10/18 00:58:08]

Nit: in NSS source code, labels are not indented.

[agl, 2011/10/18 16:44:43]

Done.

+    memcpy(protoOut, result + 1, result[0]);
+    *protoOutLen = result[0];
+    return SECSuccess;
+}
+
+SECStatus
+SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data,
+                     unsigned int length)
+{
+    SECStatus rv;
+
+    sslSocket *ss = ssl_FindSocket(fd);
+
+    if (!ss) {
+        SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoNego",
+                 SSL_GETPID(), fd));
+        return SECFailure;
+    }
+
     if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess)
         return SECFailure;
 
     ssl_GetSSL3HandshakeLock(ss);
     if (ss->opt.nextProtoNego.data)
         PORT_Free(ss->opt.nextProtoNego.data);
     ss->opt.nextProtoNego.data = PORT_Alloc(length);
     if (!ss->opt.nextProtoNego.data) {
         ssl_ReleaseSSL3HandshakeLock(ss);
         return SECFailure;
     }
     memcpy(ss->opt.nextProtoNego.data, data, length);
     ss->opt.nextProtoNego.len = length;
     ss->opt.nextProtoNego.type = siBuffer;
     ssl_ReleaseSSL3HandshakeLock(ss);
 
-    return SECSuccess;
+    return SSL_SetNextProtoCallback(fd, NextProtoStandardCallback, NULL);
 }
 
-/* SSL_GetNextProto reads the resulting Next Protocol Negotiation result for
- * the given socket. It's only valid to call this once the handshake has
- * completed.
- *
- * state is set to one of the SSL_NEXT_PROTO_* constants. The negotiated
- * protocol, if any, is written into buf, which must be at least buf_len
- * bytes long. If the negotiated protocol is longer than this, it is truncated.
- * The number of bytes copied is written into length.
- */
 SECStatus
 SSL_GetNextProto(PRFileDesc *fd, int *state, unsigned char *buf,
                  unsigned int *length, unsigned int buf_len)
 {
     sslSocket *ss = ssl_FindSocket(fd);
 
     if (!ss) {
         SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNextProto", SSL_GETPID(),
                 fd));
         return SECFailure;
@@ skipping 1195 matching lines @@
 loser:
             ssl_DestroySocketContents(ss);
             ssl_DestroyLocks(ss);
             PORT_Free(ss);
             ss = NULL;
         }
     }
     return ss;
 }