| OLD | NEW |
| 1 /* ***** BEGIN LICENSE BLOCK ***** | 1 /* ***** BEGIN LICENSE BLOCK ***** |
| 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 3 * | 3 * |
| 4 * The contents of this file are subject to the Mozilla Public License Version | 4 * The contents of this file are subject to the Mozilla Public License Version |
| 5 * 1.1 (the "License"); you may not use this file except in compliance with | 5 * 1.1 (the "License"); you may not use this file except in compliance with |
| 6 * the License. You may obtain a copy of the License at | 6 * the License. You may obtain a copy of the License at |
| 7 * http://www.mozilla.org/MPL/ | 7 * http://www.mozilla.org/MPL/ |
| 8 * | 8 * |
| 9 * Software distributed under the License is distributed on an "AS IS" basis, | 9 * Software distributed under the License is distributed on an "AS IS" basis, |
| 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License | 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 * in which case the provisions of the GPL or the LGPL are applicable instead | 28 * in which case the provisions of the GPL or the LGPL are applicable instead |
| 29 * of those above. If you wish to allow use of your version of this file only | 29 * of those above. If you wish to allow use of your version of this file only |
| 30 * under the terms of either the GPL or the LGPL, and not to allow others to | 30 * under the terms of either the GPL or the LGPL, and not to allow others to |
| 31 * use your version of this file under the terms of the MPL, indicate your | 31 * use your version of this file under the terms of the MPL, indicate your |
| 32 * decision by deleting the provisions above and replace them with the notice | 32 * decision by deleting the provisions above and replace them with the notice |
| 33 * and other provisions required by the GPL or the LGPL. If you do not delete | 33 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 34 * the provisions above, a recipient may use your version of this file under | 34 * the provisions above, a recipient may use your version of this file under |
| 35 * the terms of any one of the MPL, the GPL or the LGPL. | 35 * the terms of any one of the MPL, the GPL or the LGPL. |
| 36 * | 36 * |
| 37 * ***** END LICENSE BLOCK ***** */ | 37 * ***** END LICENSE BLOCK ***** */ |
| 38 /* $Id: sslinfo.c,v 1.24 2010/09/02 01:12:57 wtc%google.com Exp $ */ | 38 /* $Id: sslinfo.c,v 1.28 2012/03/14 00:56:43 wtc%google.com Exp $ */ |
| 39 #include "ssl.h" | 39 #include "ssl.h" |
| 40 #include "sslimpl.h" | 40 #include "sslimpl.h" |
| 41 #include "sslproto.h" | 41 #include "sslproto.h" |
| 42 | 42 |
| 43 static const char * | 43 static const char * |
| 44 ssl_GetCompressionMethodName(SSLCompressionMethod compression) | 44 ssl_GetCompressionMethodName(SSLCompressionMethod compression) |
| 45 { | 45 { |
| 46 switch (compression) { | 46 switch (compression) { |
| 47 case ssl_compression_null: | 47 case ssl_compression_null: |
| 48 return "NULL"; | 48 return "NULL"; |
| (...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 174 {0,CS(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M
_SHA, 0, 0, 0, }, | 174 {0,CS(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M
_SHA, 0, 0, 0, }, |
| 175 {0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA,
1, 0, 0, }, | 175 {0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA,
1, 0, 0, }, |
| 176 | 176 |
| 177 {0,CS(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, | 177 {0,CS(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, |
| 178 {0,CS(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, | 178 {0,CS(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, |
| 179 {0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA,
0, 0, 0, }, | 179 {0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA,
0, 0, 0, }, |
| 180 {0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA,
1, 0, 0, }, | 180 {0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA,
1, 0, 0, }, |
| 181 {0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA,
1, 0, 0, }, | 181 {0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA,
1, 0, 0, }, |
| 182 {0,CS(TLS_RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED,B_128, M_SHA,
1, 0, 0, }, | 182 {0,CS(TLS_RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED,B_128, M_SHA,
1, 0, 0, }, |
| 183 {0,CS(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, | 183 {0,CS(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M
_SHA, 0, 0, 0, }, |
| 184 {0,CS(SSL_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA,
0, 0, 0, }, |
| 184 {0,CS(SSL_RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5,
0, 0, 0, }, | 185 {0,CS(SSL_RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5,
0, 0, 0, }, |
| 185 {0,CS(SSL_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA,
0, 0, 0, }, | |
| 186 {0,CS(TLS_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA,
1, 0, 0, }, | 186 {0,CS(TLS_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA,
1, 0, 0, }, |
| 187 | 187 |
| 188 {0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, | 188 {0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, |
| 189 {0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, | 189 {0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, |
| 190 {0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA,
1, 0, 1, }, | 190 {0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA,
1, 0, 1, }, |
| 191 {0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, | 191 {0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA,
1, 0, 0, }, |
| 192 | 192 |
| 193 {0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA,
0, 0, 0, }, | 193 {0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA,
0, 0, 0, }, |
| 194 {0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA,
0, 0, 0, }, | 194 {0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA,
0, 0, 0, }, |
| 195 {0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA,
0, 0, 1, }, | 195 {0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA,
0, 0, 1, }, |
| (...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 310 { | 310 { |
| 311 unsigned int i; | 311 unsigned int i; |
| 312 for (i = 0; i < NUM_SUITEINFOS; i++) { | 312 for (i = 0; i < NUM_SUITEINFOS; i++) { |
| 313 if (suiteInfo[i].cipherSuite == cipherSuite) { | 313 if (suiteInfo[i].cipherSuite == cipherSuite) { |
| 314 return (PRBool)(suiteInfo[i].isExportable); | 314 return (PRBool)(suiteInfo[i].isExportable); |
| 315 } | 315 } |
| 316 } | 316 } |
| 317 return PR_FALSE; | 317 return PR_FALSE; |
| 318 } | 318 } |
| 319 | 319 |
| 320 SECItem* |
| 321 SSL_GetNegotiatedHostInfo(PRFileDesc *fd) |
| 322 { |
| 323 SECItem *sniName = NULL; |
| 324 sslSocket *ss; |
| 325 char *name = NULL; |
| 326 |
| 327 ss = ssl_FindSocket(fd); |
| 328 if (!ss) { |
| 329 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNegotiatedHostInfo", |
| 330 SSL_GETPID(), fd)); |
| 331 return NULL; |
| 332 } |
| 333 |
| 334 if (ss->sec.isServer) { |
| 335 if (ss->version > SSL_LIBRARY_VERSION_3_0 && |
| 336 ss->ssl3.initialized) { /* TLS */ |
| 337 SECItem *crsName; |
| 338 ssl_GetSpecReadLock(ss); /*********************************/ |
| 339 crsName = &ss->ssl3.crSpec->srvVirtName; |
| 340 if (crsName->data) { |
| 341 sniName = SECITEM_DupItem(crsName); |
| 342 } |
| 343 ssl_ReleaseSpecReadLock(ss); /*----------------------------*/ |
| 344 } |
| 345 return sniName; |
| 346 } |
| 347 name = SSL_RevealURL(fd); |
| 348 if (name) { |
| 349 sniName = PORT_ZNew(SECItem); |
| 350 if (!sniName) { |
| 351 PORT_Free(name); |
| 352 return NULL; |
| 353 } |
| 354 sniName->data = (void*)name; |
| 355 sniName->len = PORT_Strlen(name); |
| 356 } |
| 357 return sniName; |
| 358 } |
| 359 |
| 320 SECStatus | 360 SECStatus |
| 321 SSL_ExportKeyingMaterial(PRFileDesc *fd, | 361 SSL_ExportKeyingMaterial(PRFileDesc *fd, |
| 322 const char *label, unsigned int labelLen, | 362 const char *label, unsigned int labelLen, |
| 323 PRBool hasContext, | 363 PRBool hasContext, |
| 324 const unsigned char *context, unsigned int contextLen, | 364 const unsigned char *context, unsigned int contextLen, |
| 325 unsigned char *out, unsigned int outLen) | 365 unsigned char *out, unsigned int outLen) |
| 326 { | 366 { |
| 327 sslSocket *ss; | 367 sslSocket *ss; |
| 328 unsigned char *val = NULL; | 368 unsigned char *val = NULL; |
| 329 unsigned int valLen, i; | 369 unsigned int valLen, i; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 372 rv = SECFailure; | 412 rv = SECFailure; |
| 373 } else { | 413 } else { |
| 374 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, | 414 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, |
| 375 valLen, out, outLen); | 415 valLen, out, outLen); |
| 376 } | 416 } |
| 377 ssl_ReleaseSpecReadLock(ss); | 417 ssl_ReleaseSpecReadLock(ss); |
| 378 | 418 |
| 379 PORT_ZFree(val, valLen); | 419 PORT_ZFree(val, valLen); |
| 380 return rv; | 420 return rv; |
| 381 } | 421 } |
| 382 | |
| 383 SECItem* | |
| 384 SSL_GetNegotiatedHostInfo(PRFileDesc *fd) | |
| 385 { | |
| 386 SECItem *sniName = NULL; | |
| 387 sslSocket *ss; | |
| 388 char *name = NULL; | |
| 389 | |
| 390 ss = ssl_FindSocket(fd); | |
| 391 if (!ss) { | |
| 392 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNegotiatedHostInfo", | |
| 393 SSL_GETPID(), fd)); | |
| 394 return NULL; | |
| 395 } | |
| 396 | |
| 397 if (ss->sec.isServer) { | |
| 398 if (ss->version > SSL_LIBRARY_VERSION_3_0 && | |
| 399 ss->ssl3.initialized) { /* TLS */ | |
| 400 SECItem *crsName; | |
| 401 ssl_GetSpecReadLock(ss); /*********************************/ | |
| 402 crsName = &ss->ssl3.crSpec->srvVirtName; | |
| 403 if (crsName->data) { | |
| 404 sniName = SECITEM_DupItem(crsName); | |
| 405 } | |
| 406 ssl_ReleaseSpecReadLock(ss); /*----------------------------*/ | |
| 407 } | |
| 408 return sniName; | |
| 409 } | |
| 410 name = SSL_RevealURL(fd); | |
| 411 if (name) { | |
| 412 sniName = PORT_ZNew(SECItem); | |
| 413 if (!sniName) { | |
| 414 PORT_Free(name); | |
| 415 return NULL; | |
| 416 } | |
| 417 sniName->data = (void*)name; | |
| 418 sniName->len = PORT_Strlen(name); | |
| 419 } | |
| 420 return sniName; | |
| 421 } | |
| OLD | NEW |