OLD | NEW |
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff --git a/ssl/ssl.h b/ssl/ssl.h |
2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-17 18:45:24.378132013 -0800 | 2 index e9f5fb0..be6d88e 100644 |
3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-17 18:46:29.929216162 -0800 | 3 --- a/ssl/ssl.h |
4 @@ -12540,6 +12540,46 @@ ssl3_CipherPrefGet(sslSocket *ss, ssl3Ci | 4 +++ b/ssl/ssl.h |
| 5 @@ -295,6 +295,13 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 ciphe
r, PRBool *enabled); |
| 6 SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy); |
| 7 SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy); |
| 8 |
| 9 +/* SSL_CipherOrderSet sets the cipher suite preference order from |ciphers|, |
| 10 + * which must be an array of cipher suite ids of length |len|. All the given |
| 11 + * cipher suite ids must appear in the array that is returned by |
| 12 + * |SSL_GetImplementedCiphers| and may only appear once, at most. */ |
| 13 +SSL_IMPORT SECStatus SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers
, |
| 14 + unsigned int len); |
| 15 + |
| 16 /* SSLChannelBindingType enumerates the types of supported channel binding |
| 17 * values. See RFC 5929. */ |
| 18 typedef enum SSLChannelBindingType { |
| 19 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c |
| 20 index 3421e0b..c1f30a3 100644 |
| 21 --- a/ssl/ssl3con.c |
| 22 +++ b/ssl/ssl3con.c |
| 23 @@ -12623,6 +12623,46 @@ ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which
, PRBool *enabled) |
5 return rv; | 24 return rv; |
6 } | 25 } |
7 | 26 |
8 +SECStatus | 27 +SECStatus |
9 +ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciphers, unsigned int
len) | 28 +ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciphers, unsigned int
len) |
10 +{ | 29 +{ |
11 + /* |i| iterates over |ciphers| while |done| and |j| iterate over | 30 + /* |i| iterates over |ciphers| while |done| and |j| iterate over |
12 + * |ss->cipherSuites|. */ | 31 + * |ss->cipherSuites|. */ |
13 + unsigned int i, done; | 32 + unsigned int i, done; |
14 + | 33 + |
(...skipping 26 matching lines...) Expand all Loading... |
41 + for (; done < ssl_V3_SUITES_IMPLEMENTED; done++) { | 60 + for (; done < ssl_V3_SUITES_IMPLEMENTED; done++) { |
42 + ss->cipherSuites[done].enabled = 0; | 61 + ss->cipherSuites[done].enabled = 0; |
43 + } | 62 + } |
44 + | 63 + |
45 + return SECSuccess; | 64 + return SECSuccess; |
46 +} | 65 +} |
47 + | 66 + |
48 /* copy global default policy into socket. */ | 67 /* copy global default policy into socket. */ |
49 void | 68 void |
50 ssl3_InitSocketPolicy(sslSocket *ss) | 69 ssl3_InitSocketPolicy(sslSocket *ss) |
51 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h | 70 diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h |
52 --- a/nss/lib/ssl/ssl.h»2014-01-17 18:45:24.378132013 -0800 | 71 index 2f61a46..f796a14 100644 |
53 +++ b/nss/lib/ssl/ssl.h»2014-01-17 18:46:29.929216162 -0800 | 72 --- a/ssl/sslimpl.h |
54 @@ -285,6 +285,13 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDe | 73 +++ b/ssl/sslimpl.h |
55 SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy); | 74 @@ -1747,6 +1747,8 @@ extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3Cip
herSuite which, PRBool |
56 SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy); | |
57 | |
58 +/* SSL_CipherOrderSet sets the cipher suite preference order from |ciphers|, | |
59 + * which must be an array of cipher suite ids of length |len|. All the given | |
60 + * cipher suite ids must appear in the array that is returned by | |
61 + * |SSL_GetImplementedCiphers| and may only appear once, at most. */ | |
62 +SSL_IMPORT SECStatus SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers
, | |
63 + unsigned int len); | |
64 + | |
65 /* SSLChannelBindingType enumerates the types of supported channel binding | |
66 * values. See RFC 5929. */ | |
67 typedef enum SSLChannelBindingType { | |
68 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h | |
69 --- a/nss/lib/ssl/sslimpl.h» 2014-01-17 18:45:24.378132013 -0800 | |
70 +++ b/nss/lib/ssl/sslimpl.h» 2014-01-17 18:46:29.929216162 -0800 | |
71 @@ -1743,6 +1743,8 @@ extern SECStatus ssl3_CipherPrefSet(sslS | |
72 extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBoo
l *on); | 75 extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBoo
l *on); |
73 extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enable
d); | 76 extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enable
d); |
74 extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabl
ed); | 77 extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabl
ed); |
75 +extern SECStatus ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciph
er, | 78 +extern SECStatus ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciph
er, |
76 + unsigned int len); | 79 + unsigned int len); |
77 | 80 |
78 extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy); | 81 extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy); |
79 extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy); | 82 extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy); |
80 diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c | 83 diff --git a/ssl/sslsock.c b/ssl/sslsock.c |
81 --- a/nss/lib/ssl/sslsock.c» 2014-01-17 18:45:24.378132013 -0800 | 84 index 80f4e67..13634c6 100644 |
82 +++ b/nss/lib/ssl/sslsock.c» 2014-01-17 18:46:29.929216162 -0800 | 85 --- a/ssl/sslsock.c |
83 @@ -1278,6 +1278,19 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt3 | 86 +++ b/ssl/sslsock.c |
84 return rv; | 87 @@ -1316,6 +1316,19 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool e
nabled) |
85 } | 88 } |
86 | 89 |
87 +SECStatus | 90 SECStatus |
88 +SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers, unsigned int len) | 91 +SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers, unsigned int len) |
89 +{ | 92 +{ |
90 + sslSocket *ss = ssl_FindSocket(fd); | 93 + sslSocket *ss = ssl_FindSocket(fd); |
91 + | 94 + |
92 + if (!ss) { | 95 + if (!ss) { |
93 + SSL_DBG(("%d: SSL[%d]: bad socket in CipherOrderSet", SSL_GETPID(), | 96 + SSL_DBG(("%d: SSL[%d]: bad socket in CipherOrderSet", SSL_GETPID(), |
94 + fd)); | 97 + fd)); |
95 + return SECFailure; | 98 + return SECFailure; |
96 + } | 99 + } |
97 + return ssl3_CipherOrderSet(ss, ciphers, len); | 100 + return ssl3_CipherOrderSet(ss, ciphers, len); |
98 +} | 101 +} |
99 + | 102 + |
100 SECStatus | 103 +SECStatus |
101 SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled) | 104 SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled) |
102 { | 105 { |
| 106 SECStatus rv; |
OLD | NEW |