OLD | NEW |
---|---|
1 /* | 1 /* |
2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. | 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 1231 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1242 */ | 1242 */ |
1243 SECStatus | 1243 SECStatus |
1244 ssl_GatherRecord1stHandshake(sslSocket *ss) | 1244 ssl_GatherRecord1stHandshake(sslSocket *ss) |
1245 { | 1245 { |
1246 int rv; | 1246 int rv; |
1247 | 1247 |
1248 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); | 1248 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); |
1249 | 1249 |
1250 ssl_GetRecvBufLock(ss); | 1250 ssl_GetRecvBufLock(ss); |
1251 | 1251 |
1252 if (ss->version >= SSL_LIBRARY_VERSION_3_0) { | 1252 /* The special case DTLS logic is needed here because the SSL/TLS |
1253 * version wants to auto-detect SSL2 vs. SSL3 on the initial handshake | |
1254 * (ss->version == 0) but with DTLS it gets confused, so we force the | |
1255 * SSL3 version. | |
1256 */ | |
1257 if ((ss->version >= SSL_LIBRARY_VERSION_3_0) || IS_DTLS(ss)) { | |
wtc
2012/03/22 01:11:42
rsleevi: see my comment at ssl3con.c:6495 about th
| |
1253 /* Wait for handshake to complete, or application data to arrive. */ | 1258 /* Wait for handshake to complete, or application data to arrive. */ |
1254 rv = ssl3_GatherCompleteHandshake(ss, 0); | 1259 rv = ssl3_GatherCompleteHandshake(ss, 0); |
1255 } else { | 1260 } else { |
1256 /* See if we have a complete record */ | 1261 /* See if we have a complete record */ |
1257 rv = ssl2_GatherRecord(ss, 0); | 1262 rv = ssl2_GatherRecord(ss, 0); |
1258 } | 1263 } |
1259 SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d", | 1264 SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d", |
1260 SSL_GETPID(), ss->fd, rv)); | 1265 SSL_GETPID(), ss->fd, rv)); |
1261 | 1266 |
1262 ssl_ReleaseRecvBufLock(ss); | 1267 ssl_ReleaseRecvBufLock(ss); |
(...skipping 1850 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3113 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello) && | 3118 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello) && |
3114 !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { | 3119 !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { |
3115 ss->gs.state = GS_INIT; | 3120 ss->gs.state = GS_INIT; |
3116 ss->handshake = ssl_GatherRecord1stHandshake; | 3121 ss->handshake = ssl_GatherRecord1stHandshake; |
3117 | 3122 |
3118 /* ssl3_SendClientHello will override this if it succeeds. */ | 3123 /* ssl3_SendClientHello will override this if it succeeds. */ |
3119 ss->version = SSL_LIBRARY_VERSION_3_0; | 3124 ss->version = SSL_LIBRARY_VERSION_3_0; |
3120 | 3125 |
3121 ssl_GetSSL3HandshakeLock(ss); | 3126 ssl_GetSSL3HandshakeLock(ss); |
3122 ssl_GetXmitBufLock(ss); | 3127 ssl_GetXmitBufLock(ss); |
3123 » rv = ssl3_SendClientHello(ss); | 3128 » rv = ssl3_SendClientHello(ss, PR_FALSE); |
3124 ssl_ReleaseXmitBufLock(ss); | 3129 ssl_ReleaseXmitBufLock(ss); |
3125 ssl_ReleaseSSL3HandshakeLock(ss); | 3130 ssl_ReleaseSSL3HandshakeLock(ss); |
3126 | 3131 |
3127 return rv; | 3132 return rv; |
3128 } | 3133 } |
3129 #if defined(NSS_ENABLE_ECC) && !defined(NSS_ECC_MORE_THAN_SUITE_B) | 3134 #if defined(NSS_ENABLE_ECC) && !defined(NSS_ECC_MORE_THAN_SUITE_B) |
3130 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ | 3135 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ |
3131 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ | 3136 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ |
3132 if (ss->cipherSpecs != NULL) { | 3137 if (ss->cipherSpecs != NULL) { |
3133 PORT_Free(ss->cipherSpecs); | 3138 PORT_Free(ss->cipherSpecs); |
(...skipping 578 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3712 | 3717 |
3713 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; | 3718 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; |
3714 return NSS_VersionCheck(importedVersion); | 3719 return NSS_VersionCheck(importedVersion); |
3715 } | 3720 } |
3716 | 3721 |
3717 const char * | 3722 const char * |
3718 NSSSSL_GetVersion(void) | 3723 NSSSSL_GetVersion(void) |
3719 { | 3724 { |
3720 return NSS_VERSION; | 3725 return NSS_VERSION; |
3721 } | 3726 } |
OLD | NEW |