Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(10)

Side by Side Diff: net/third_party/nss/ssl/sslimpl.h

Issue 9733012: Update NSS to NSS 3.13.4 pre-release snapshot 20120319. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Forgot to update the sslerr.h and SSLerrs.h files Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* 1 /*
2 * This file is PRIVATE to SSL and should be the first thing included by 2 * This file is PRIVATE to SSL and should be the first thing included by
3 * any SSL implementation file. 3 * any SSL implementation file.
4 * 4 *
5 * ***** BEGIN LICENSE BLOCK ***** 5 * ***** BEGIN LICENSE BLOCK *****
6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
7 * 7 *
8 * The contents of this file are subject to the Mozilla Public License Version 8 * The contents of this file are subject to the Mozilla Public License Version
9 * 1.1 (the "License"); you may not use this file except in compliance with 9 * 1.1 (the "License"); you may not use this file except in compliance with
10 * the License. You may obtain a copy of the License at 10 * the License. You may obtain a copy of the License at
(...skipping 21 matching lines...) Expand all
32 * in which case the provisions of the GPL or the LGPL are applicable instead 32 * in which case the provisions of the GPL or the LGPL are applicable instead
33 * of those above. If you wish to allow use of your version of this file only 33 * of those above. If you wish to allow use of your version of this file only
34 * under the terms of either the GPL or the LGPL, and not to allow others to 34 * under the terms of either the GPL or the LGPL, and not to allow others to
35 * use your version of this file under the terms of the MPL, indicate your 35 * use your version of this file under the terms of the MPL, indicate your
36 * decision by deleting the provisions above and replace them with the notice 36 * decision by deleting the provisions above and replace them with the notice
37 * and other provisions required by the GPL or the LGPL. If you do not delete 37 * and other provisions required by the GPL or the LGPL. If you do not delete
38 * the provisions above, a recipient may use your version of this file under 38 * the provisions above, a recipient may use your version of this file under
39 * the terms of any one of the MPL, the GPL or the LGPL. 39 * the terms of any one of the MPL, the GPL or the LGPL.
40 * 40 *
41 * ***** END LICENSE BLOCK ***** */ 41 * ***** END LICENSE BLOCK ***** */
42 /* $Id: sslimpl.h,v 1.94 2012/02/15 21:52:08 kaie%kuix.de Exp $ */ 42 /* $Id: sslimpl.h,v 1.100 2012/03/18 00:31:20 wtc%google.com Exp $ */
43 43
44 #ifndef __sslimpl_h_ 44 #ifndef __sslimpl_h_
45 #define __sslimpl_h_ 45 #define __sslimpl_h_
46 46
47 #ifdef DEBUG 47 #ifdef DEBUG
48 #undef NDEBUG 48 #undef NDEBUG
49 #else 49 #else
50 #undef NDEBUG 50 #undef NDEBUG
51 #define NDEBUG 51 #define NDEBUG
52 #endif 52 #endif
(...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after
326 * list of supported protocols. */ 326 * list of supported protocols. */
327 SECItem nextProtoNego; 327 SECItem nextProtoNego;
328 328
329 unsigned int useSecurity : 1; /* 1 */ 329 unsigned int useSecurity : 1; /* 1 */
330 unsigned int useSocks : 1; /* 2 */ 330 unsigned int useSocks : 1; /* 2 */
331 unsigned int requestCertificate : 1; /* 3 */ 331 unsigned int requestCertificate : 1; /* 3 */
332 unsigned int requireCertificate : 2; /* 4-5 */ 332 unsigned int requireCertificate : 2; /* 4-5 */
333 unsigned int handshakeAsClient : 1; /* 6 */ 333 unsigned int handshakeAsClient : 1; /* 6 */
334 unsigned int handshakeAsServer : 1; /* 7 */ 334 unsigned int handshakeAsServer : 1; /* 7 */
335 unsigned int enableSSL2 : 1; /* 8 */ 335 unsigned int enableSSL2 : 1; /* 8 */
336 unsigned int enableSSL3» » : 1; /* 9 */ 336 unsigned int unusedBit9» » : 1; /* 9 */
337 unsigned int enableTLS» » : 1; /* 10 */ 337 unsigned int unusedBit10» » : 1; /* 10 */
338 unsigned int noCache : 1; /* 11 */ 338 unsigned int noCache : 1; /* 11 */
339 unsigned int fdx : 1; /* 12 */ 339 unsigned int fdx : 1; /* 12 */
340 unsigned int v2CompatibleHello : 1; /* 13 */ 340 unsigned int v2CompatibleHello : 1; /* 13 */
341 unsigned int detectRollBack : 1; /* 14 */ 341 unsigned int detectRollBack : 1; /* 14 */
342 unsigned int noStepDown : 1; /* 15 */ 342 unsigned int noStepDown : 1; /* 15 */
343 unsigned int bypassPKCS11 : 1; /* 16 */ 343 unsigned int bypassPKCS11 : 1; /* 16 */
344 unsigned int noLocks : 1; /* 17 */ 344 unsigned int noLocks : 1; /* 17 */
345 unsigned int enableSessionTickets : 1; /* 18 */ 345 unsigned int enableSessionTickets : 1; /* 18 */
346 unsigned int enableDeflate : 1; /* 19 */ 346 unsigned int enableDeflate : 1; /* 19 */
347 unsigned int enableRenegotiation : 2; /* 20-21 */ 347 unsigned int enableRenegotiation : 2; /* 20-21 */
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after
503 cipher_aes_256, 503 cipher_aes_256,
504 cipher_camellia_128, 504 cipher_camellia_128,
505 cipher_camellia_256, 505 cipher_camellia_256,
506 cipher_seed, 506 cipher_seed,
507 cipher_missing /* reserved for no such supported cipher */ 507 cipher_missing /* reserved for no such supported cipher */
508 /* This enum must match ssl3_cipherName[] in ssl3con.c. */ 508 /* This enum must match ssl3_cipherName[] in ssl3con.c. */
509 } SSL3BulkCipher; 509 } SSL3BulkCipher;
510 510
511 typedef enum { type_stream, type_block } CipherType; 511 typedef enum { type_stream, type_block } CipherType;
512 512
513 #define MAX_IV_LENGTH 64 513 /* This value matches the size of IVs in ssl3SidKeys. */
514 #define MAX_IV_LENGTH 24
514 515
515 /* 516 /*
516 * Do not depend upon 64 bit arithmetic in the underlying machine. 517 * Do not depend upon 64 bit arithmetic in the underlying machine.
517 */ 518 */
518 typedef struct { 519 typedef struct {
519 PRUint32 high; 520 PRUint32 high;
520 PRUint32 low; 521 PRUint32 low;
521 } SSL3SequenceNumber; 522 } SSL3SequenceNumber;
522 523
523 #define MAX_MAC_CONTEXT_BYTES 400 524 #define MAX_MAC_CONTEXT_BYTES 400
(...skipping 521 matching lines...) Expand 10 before | Expand all | Expand 10 after
1045 1046
1046 /* Blocking information for the session cypher */ 1047 /* Blocking information for the session cypher */
1047 int blockShift; /* Spec Lock */ /* ssl2 only */ 1048 int blockShift; /* Spec Lock */ /* ssl2 only */
1048 int blockSize; /* Spec Lock */ /* ssl2 only */ 1049 int blockSize; /* Spec Lock */ /* ssl2 only */
1049 1050
1050 /* These are used during a connection handshake */ 1051 /* These are used during a connection handshake */
1051 sslConnectInfo ci; /* ssl 2 & 3 */ 1052 sslConnectInfo ci; /* ssl 2 & 3 */
1052 1053
1053 }; 1054 };
1054 1055
1055
1056 /* 1056 /*
1057 ** SSL Socket struct 1057 ** SSL Socket struct
1058 ** 1058 **
1059 ** Protection: XXX 1059 ** Protection: XXX
1060 */ 1060 */
1061 struct sslSocketStr { 1061 struct sslSocketStr {
1062 PRFileDesc * fd; 1062 PRFileDesc * fd;
1063 1063
1064 /* Pointer to operations vector for this socket */ 1064 /* Pointer to operations vector for this socket */
1065 const sslSocketOps * ops; 1065 const sslSocketOps * ops;
1066 1066
1067 /* SSL socket options */ 1067 /* SSL socket options */
1068 sslOptions opt; 1068 sslOptions opt;
1069 /* Enabled version range */
1070 SSLVersionRange vrange;
1069 1071
1070 /* State flags */ 1072 /* State flags */
1071 unsigned long clientAuthRequested; 1073 unsigned long clientAuthRequested;
1072 unsigned long delayDisabled; /* Nagle delay disabled */ 1074 unsigned long delayDisabled; /* Nagle delay disabled */
1073 unsigned long firstHsDone; /* first handshake is complete. */ 1075 unsigned long firstHsDone; /* first handshake is complete. */
1074 unsigned long handshakeBegun; 1076 unsigned long handshakeBegun;
1075 unsigned long lastWriteBlocked; 1077 unsigned long lastWriteBlocked;
1076 unsigned long recvdCloseNotify; /* received SSL EOF. */ 1078 unsigned long recvdCloseNotify; /* received SSL EOF. */
1077 unsigned long TCPconnected; 1079 unsigned long TCPconnected;
1078 unsigned long appDataBuffered; 1080 unsigned long appDataBuffered;
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
1375 (PZ_InMonitor((ss)->recvBufLock)) 1377 (PZ_InMonitor((ss)->recvBufLock))
1376 1378
1377 /* xmitBufLock -> specLock */ 1379 /* xmitBufLock -> specLock */
1378 #define ssl_GetXmitBufLock(ss) \ 1380 #define ssl_GetXmitBufLock(ss) \
1379 { if (!ss->opt.noLocks) PZ_EnterMonitor((ss)->xmitBufLock); } 1381 { if (!ss->opt.noLocks) PZ_EnterMonitor((ss)->xmitBufLock); }
1380 #define ssl_ReleaseXmitBufLock(ss) \ 1382 #define ssl_ReleaseXmitBufLock(ss) \
1381 { if (!ss->opt.noLocks) PZ_ExitMonitor( (ss)->xmitBufLock); } 1383 { if (!ss->opt.noLocks) PZ_ExitMonitor( (ss)->xmitBufLock); }
1382 #define ssl_HaveXmitBufLock(ss) \ 1384 #define ssl_HaveXmitBufLock(ss) \
1383 (PZ_InMonitor((ss)->xmitBufLock)) 1385 (PZ_InMonitor((ss)->xmitBufLock))
1384 1386
1387 /* Placeholder value used in version ranges when SSL 3.0 and all
1388 * versions of TLS are disabled.
1389 */
1390 #define SSL_LIBRARY_VERSION_NONE 0
1391
1392 /* SSL_LIBRARY_VERSION_MAX_SUPPORTED is the maximum version that this version
1393 * of libssl supports. Applications should use SSL_VersionRangeGetSupported at
1394 * runtime to determine which versions are supported by the version of libssl
1395 * in use.
1396 */
1397 #define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_1
1398
1399 /* Rename this macro SSL_ALL_VERSIONS_DISABLED when SSL 2.0 is removed. */
1400 #define SSL3_ALL_VERSIONS_DISABLED(vrange) \
1401 ((vrange)->min == SSL_LIBRARY_VERSION_NONE)
1402
1403 extern PRBool ssl3_VersionIsSupported(SSLProtocolVariant protocolVariant,
1404 SSL3ProtocolVersion version);
1385 1405
1386 extern SECStatus ssl3_KeyAndMacDeriveBypass(ssl3CipherSpec * pwSpec, 1406 extern SECStatus ssl3_KeyAndMacDeriveBypass(ssl3CipherSpec * pwSpec,
1387 const unsigned char * cr, const unsigned char * sr, 1407 const unsigned char * cr, const unsigned char * sr,
1388 PRBool isTLS, PRBool isExport); 1408 PRBool isTLS, PRBool isExport);
1389 extern SECStatus ssl3_MasterKeyDeriveBypass( ssl3CipherSpec * pwSpec, 1409 extern SECStatus ssl3_MasterKeyDeriveBypass( ssl3CipherSpec * pwSpec,
1390 const unsigned char * cr, const unsigned char * sr, 1410 const unsigned char * cr, const unsigned char * sr,
1391 const SECItem * pms, PRBool isTLS, PRBool isRSA); 1411 const SECItem * pms, PRBool isTLS, PRBool isRSA);
1392 1412
1393 /* These functions are called from secnav, even though they're "private". */ 1413 /* These functions are called from secnav, even though they're "private". */
1394 1414
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after
1508 extern void ssl3_InitSocketPolicy(sslSocket *ss); 1528 extern void ssl3_InitSocketPolicy(sslSocket *ss);
1509 1529
1510 extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, 1530 extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss,
1511 unsigned char *cs, int *size); 1531 unsigned char *cs, int *size);
1512 1532
1513 extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache); 1533 extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache);
1514 1534
1515 extern void ssl3_DestroySSL3Info(sslSocket *ss); 1535 extern void ssl3_DestroySSL3Info(sslSocket *ss);
1516 1536
1517 extern SECStatus ssl3_NegotiateVersion(sslSocket *ss, 1537 extern SECStatus ssl3_NegotiateVersion(sslSocket *ss,
1518 SSL3ProtocolVersion peerVersion); 1538 » » » » SSL3ProtocolVersion peerVersion,
1539 » » » » PRBool allowLargerPeerVersion);
1519 1540
1520 extern SECStatus ssl_GetPeerInfo(sslSocket *ss); 1541 extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
1521 1542
1522 #ifdef NSS_ENABLE_ECC 1543 #ifdef NSS_ENABLE_ECC
1523 /* ECDH functions */ 1544 /* ECDH functions */
1524 extern SECStatus ssl3_SendECDHClientKeyExchange(sslSocket * ss, 1545 extern SECStatus ssl3_SendECDHClientKeyExchange(sslSocket * ss,
1525 SECKEYPublicKey * svrPubKey); 1546 SECKEYPublicKey * svrPubKey);
1526 extern SECStatus ssl3_HandleECDHServerKeyExchange(sslSocket *ss, 1547 extern SECStatus ssl3_HandleECDHServerKeyExchange(sslSocket *ss,
1527 SSL3Opaque *b, PRUint32 length); 1548 SSL3Opaque *b, PRUint32 length);
1528 extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss, 1549 extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss,
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
1736 #elif defined(_WIN32_WCE) 1757 #elif defined(_WIN32_WCE)
1737 #define SSL_GETPID GetCurrentProcessId 1758 #define SSL_GETPID GetCurrentProcessId
1738 #elif defined(WIN32) 1759 #elif defined(WIN32)
1739 extern int __cdecl _getpid(void); 1760 extern int __cdecl _getpid(void);
1740 #define SSL_GETPID _getpid 1761 #define SSL_GETPID _getpid
1741 #else 1762 #else
1742 #define SSL_GETPID() 0 1763 #define SSL_GETPID() 0
1743 #endif 1764 #endif
1744 1765
1745 #endif /* __sslimpl_h_ */ 1766 #endif /* __sslimpl_h_ */
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698