| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * vtables (and methods that call through them) for the 4 types of | 2 * vtables (and methods that call through them) for the 4 types of |
| 3 * SSLSockets supported. Only one type is still supported. | 3 * SSLSockets supported. Only one type is still supported. |
| 4 * Various other functions. | 4 * Various other functions. |
| 5 * | 5 * |
| 6 * ***** BEGIN LICENSE BLOCK ***** | 6 * ***** BEGIN LICENSE BLOCK ***** |
| 7 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 7 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 8 * | 8 * |
| 9 * The contents of this file are subject to the Mozilla Public License Version | 9 * The contents of this file are subject to the Mozilla Public License Version |
| 10 * 1.1 (the "License"); you may not use this file except in compliance with | 10 * 1.1 (the "License"); you may not use this file except in compliance with |
| (...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 218 PRBool locksEverDisabled; /* implicitly PR_FALSE */ | 218 PRBool locksEverDisabled; /* implicitly PR_FALSE */ |
| 219 PRBool ssl_force_locks; /* implicitly PR_FALSE */ | 219 PRBool ssl_force_locks; /* implicitly PR_FALSE */ |
| 220 int ssl_lock_readers = 1; /* default true. */ | 220 int ssl_lock_readers = 1; /* default true. */ |
| 221 char ssl_debug; | 221 char ssl_debug; |
| 222 char ssl_trace; | 222 char ssl_trace; |
| 223 FILE * ssl_trace_iob; | 223 FILE * ssl_trace_iob; |
| 224 FILE * ssl_keylog_iob; | 224 FILE * ssl_keylog_iob; |
| 225 char lockStatus[] = "Locks are ENABLED. "; | 225 char lockStatus[] = "Locks are ENABLED. "; |
| 226 #define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */ | 226 #define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */ |
| 227 | 227 |
| 228 /* SRTP_NULL_HMAC_SHA1_80 and SRTP_NULL_HMAC_SHA1_32 are not implemented. */ |
| 229 static const PRUint16 srtpCiphers[] = { |
| 230 SRTP_AES128_CM_HMAC_SHA1_80, |
| 231 SRTP_AES128_CM_HMAC_SHA1_32, |
| 232 0 |
| 233 }; |
| 234 |
| 228 /* forward declarations. */ | 235 /* forward declarations. */ |
| 229 static sslSocket *ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant variant); | 236 static sslSocket *ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant variant); |
| 230 static SECStatus ssl_MakeLocks(sslSocket *ss); | 237 static SECStatus ssl_MakeLocks(sslSocket *ss); |
| 231 static void ssl_SetDefaultsFromEnvironment(void); | 238 static void ssl_SetDefaultsFromEnvironment(void); |
| 232 static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, | 239 static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, |
| 233 PRDescIdentity id); | 240 PRDescIdentity id); |
| 234 | 241 |
| 235 /************************************************************************/ | 242 /************************************************************************/ |
| 236 | 243 |
| 237 /* | 244 /* |
| (...skipping 1351 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1589 } | 1596 } |
| 1590 PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len); | 1597 PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len); |
| 1591 *bufLen = ss->ssl3.nextProto.len; | 1598 *bufLen = ss->ssl3.nextProto.len; |
| 1592 } else { | 1599 } else { |
| 1593 *bufLen = 0; | 1600 *bufLen = 0; |
| 1594 } | 1601 } |
| 1595 | 1602 |
| 1596 return SECSuccess; | 1603 return SECSuccess; |
| 1597 } | 1604 } |
| 1598 | 1605 |
| 1606 SECStatus SSL_SetSRTPCiphers(PRFileDesc *fd, |
| 1607 const PRUint16 *ciphers, |
| 1608 unsigned int numCiphers) |
| 1609 { |
| 1610 sslSocket * ss; |
| 1611 int i; |
| 1612 |
| 1613 ss = ssl_FindSocket(fd); |
| 1614 if (!ss || !IS_DTLS(ss)) { |
| 1615 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSRTPCiphers", |
| 1616 SSL_GETPID(), fd)); |
| 1617 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1618 return SECFailure; |
| 1619 } |
| 1620 |
| 1621 for (i = 0; i < numCiphers; i++) { |
| 1622 const PRUint16 *srtpCipher = srtpCiphers; |
| 1623 |
| 1624 while (*srtpCipher) { |
| 1625 if (ciphers[i] == *srtpCipher) |
| 1626 break; |
| 1627 srtpCipher++; |
| 1628 } |
| 1629 if (!*srtpCipher) { |
| 1630 SSL_DBG(("%d: SSL[%d]: invalid or unimplemented SRTP cipher " |
| 1631 "suite specified: 0x%04hx", SSL_GETPID(), fd, |
| 1632 ciphers[i])); |
| 1633 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1634 return SECFailure; |
| 1635 } |
| 1636 } |
| 1637 |
| 1638 if (numCiphers > MAX_DTLS_SRTP_CIPHER_SUITES) { |
| 1639 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1640 return SECFailure; |
| 1641 } |
| 1642 memcpy(ss->ssl3.dtlsSRTPCiphers, ciphers, sizeof(PRUint16) * numCiphers); |
| 1643 ss->ssl3.dtlsSRTPCipherCount = numCiphers; |
| 1644 |
| 1645 return SECSuccess; |
| 1646 } |
| 1647 |
| 1648 SECStatus |
| 1649 SSL_GetSRTPCipher(PRFileDesc *fd, PRUint16 *cipher) |
| 1650 { |
| 1651 sslSocket * ss; |
| 1652 |
| 1653 ss = ssl_FindSocket(fd); |
| 1654 if (!ss) { |
| 1655 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetSRTPCipher", |
| 1656 SSL_GETPID(), fd)); |
| 1657 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1658 return SECFailure; |
| 1659 } |
| 1660 |
| 1661 if (!ss->ssl3.dtlsSRTPCipherSuite) { |
| 1662 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1663 return SECFailure; |
| 1664 } |
| 1665 |
| 1666 *cipher = ss->ssl3.dtlsSRTPCipherSuite; |
| 1667 return SECSuccess; |
| 1668 } |
| 1669 |
| 1599 PRFileDesc * | 1670 PRFileDesc * |
| 1600 SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd) | 1671 SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd) |
| 1601 { | 1672 { |
| 1602 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); | 1673 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); |
| 1603 PR_NOT_REACHED("not implemented"); | 1674 PR_NOT_REACHED("not implemented"); |
| 1604 return NULL; | 1675 return NULL; |
| 1605 | 1676 |
| 1606 #if 0 | 1677 #if 0 |
| 1607 sslSocket * sm = NULL, *ss = NULL; | 1678 sslSocket * sm = NULL, *ss = NULL; |
| 1608 int i; | 1679 int i; |
| (...skipping 1372 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2981 ssl_DestroySocketContents(ss); | 3052 ssl_DestroySocketContents(ss); |
| 2982 ssl_DestroyLocks(ss); | 3053 ssl_DestroyLocks(ss); |
| 2983 PORT_Free(ss); | 3054 PORT_Free(ss); |
| 2984 ss = NULL; | 3055 ss = NULL; |
| 2985 } | 3056 } |
| 2986 ss->protocolVariant = protocolVariant; | 3057 ss->protocolVariant = protocolVariant; |
| 2987 } | 3058 } |
| 2988 return ss; | 3059 return ss; |
| 2989 } | 3060 } |
| 2990 | 3061 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9982019:
Implement RFC 5764 (DTLS-SRTP). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/