OLD | NEW |
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff --git a/ssl/ssl.h b/ssl/ssl.h |
2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-17 17:55:01.518095989 -0800 | 2 index e2d1b09..593dd00 100644 |
3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-17 17:55:19.158389328 -0800 | 3 --- a/ssl/ssl.h |
4 @@ -7199,6 +7199,85 @@ done: | 4 +++ b/ssl/ssl.h |
| 5 @@ -409,6 +409,11 @@ SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd); |
| 6 SSL_IMPORT SECStatus SSL_ForceHandshakeWithTimeout(PRFileDesc *fd, |
| 7 PRIntervalTime timeout); |
| 8 |
| 9 +SSL_IMPORT SECStatus SSL_RestartHandshakeAfterCertReq(PRFileDesc *fd, |
| 10 +» » » » » CERTCertificate *cert, |
| 11 +» » » » » SECKEYPrivateKey *key, |
| 12 +» » » » » CERTCertificateList *certChain); |
| 13 + |
| 14 /* |
| 15 ** Query security status of socket. *on is set to one if security is |
| 16 ** enabled. *keySize will contain the stream key size used. *issuer will |
| 17 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c |
| 18 index cb59cc1..1852806 100644 |
| 19 --- a/ssl/ssl3con.c |
| 20 +++ b/ssl/ssl3con.c |
| 21 @@ -7259,6 +7259,85 @@ done: |
5 return rv; | 22 return rv; |
6 } | 23 } |
7 | 24 |
8 +/* | 25 +/* |
9 + * attempt to restart the handshake after asynchronously handling | 26 + * attempt to restart the handshake after asynchronously handling |
10 + * a request for the client's certificate. | 27 + * a request for the client's certificate. |
11 + * | 28 + * |
12 + * inputs: | 29 + * inputs: |
13 + * cert Client cert chosen by application. | 30 + * cert Client cert chosen by application. |
14 + * Note: ssl takes this reference, and does not bump the | 31 + * Note: ssl takes this reference, and does not bump the |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 + } | 97 + } |
81 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); | 98 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); |
82 + rv = SECFailure; | 99 + rv = SECFailure; |
83 + } | 100 + } |
84 + return rv; | 101 + return rv; |
85 +} | 102 +} |
86 + | 103 + |
87 static SECStatus | 104 static SECStatus |
88 ssl3_CheckFalseStart(sslSocket *ss) | 105 ssl3_CheckFalseStart(sslSocket *ss) |
89 { | 106 { |
90 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h | 107 diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h |
91 --- a/nss/lib/ssl/ssl.h»2014-01-17 17:55:01.538096321 -0800 | 108 index 9f59f5a..c6ac398 100644 |
92 +++ b/nss/lib/ssl/ssl.h»2014-01-17 17:55:19.158389328 -0800 | 109 --- a/ssl/sslimpl.h |
93 @@ -399,6 +399,11 @@ SSL_IMPORT SECStatus SSL_ForceHandshake( | 110 +++ b/ssl/sslimpl.h |
94 SSL_IMPORT SECStatus SSL_ForceHandshakeWithTimeout(PRFileDesc *fd, | 111 @@ -1592,16 +1592,17 @@ extern SECStatus ssl3_MasterKeyDeriveBypass( ssl3Cipher
Spec * pwSpec, |
95 PRIntervalTime timeout); | |
96 | |
97 +SSL_IMPORT SECStatus SSL_RestartHandshakeAfterCertReq(PRFileDesc *fd, | |
98 +» » » » » CERTCertificate *cert, | |
99 +» » » » » SECKEYPrivateKey *key, | |
100 +» » » » » CERTCertificateList *certChain); | |
101 + | |
102 /* | |
103 ** Query security status of socket. *on is set to one if security is | |
104 ** enabled. *keySize will contain the stream key size used. *issuer will | |
105 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h | |
106 --- a/nss/lib/ssl/sslimpl.h» 2014-01-17 17:55:01.538096321 -0800 | |
107 +++ b/nss/lib/ssl/sslimpl.h» 2014-01-17 17:55:19.158389328 -0800 | |
108 @@ -1588,16 +1588,17 @@ extern SECStatus ssl3_MasterKeyDeriveBy | |
109 /* These functions are called from secnav, even though they're "private". */ | 112 /* These functions are called from secnav, even though they're "private". */ |
110 | 113 |
111 extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error); | 114 extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error); |
112 -extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss, | 115 -extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss, |
113 - CERTCertificate *cert, | 116 - CERTCertificate *cert, |
114 - SECKEYPrivateKey *key, | 117 - SECKEYPrivateKey *key, |
115 - CERTCertificateList *certChain); | 118 - CERTCertificateList *certChain); |
116 extern sslSocket *ssl_FindSocket(PRFileDesc *fd); | 119 extern sslSocket *ssl_FindSocket(PRFileDesc *fd); |
117 extern void ssl_FreeSocket(struct sslSocketStr *ssl); | 120 extern void ssl_FreeSocket(struct sslSocketStr *ssl); |
118 extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, | 121 extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, |
119 SSL3AlertDescription desc); | 122 SSL3AlertDescription desc); |
120 extern SECStatus ssl3_DecodeError(sslSocket *ss); | 123 extern SECStatus ssl3_DecodeError(sslSocket *ss); |
121 | 124 |
122 +extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss, | 125 +extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss, |
123 + CERTCertificate * cert, | 126 + CERTCertificate * cert, |
124 + SECKEYPrivateKey * key, | 127 + SECKEYPrivateKey * key, |
125 + CERTCertificateList *certChain); | 128 + CERTCertificateList *certChain); |
126 + | 129 + |
127 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; | 130 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; |
128 | 131 |
129 /* | 132 /* |
130 diff -pu a/nss/lib/ssl/sslsecur.c b/nss/lib/ssl/sslsecur.c | 133 diff --git a/ssl/sslsecur.c b/ssl/sslsecur.c |
131 --- a/nss/lib/ssl/sslsecur.c» 2014-01-17 17:49:26.072517368 -0800 | 134 index ea2d408..d44336e 100644 |
132 +++ b/nss/lib/ssl/sslsecur.c» 2014-01-17 17:55:19.158389328 -0800 | 135 --- a/ssl/sslsecur.c |
133 @@ -1518,17 +1518,70 @@ SSL_CertDBHandleSet(PRFileDesc *fd, CERT | 136 +++ b/ssl/sslsecur.c |
| 137 @@ -1516,17 +1516,70 @@ SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *db
Handle) |
134 return SECSuccess; | 138 return SECSuccess; |
135 } | 139 } |
136 | 140 |
137 -/* DO NOT USE. This function was exported in ssl.def with the wrong signature; | 141 -/* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
138 - * this implementation exists to maintain link-time compatibility. | 142 - * this implementation exists to maintain link-time compatibility. |
139 +/* | 143 +/* |
140 + * attempt to restart the handshake after asynchronously handling | 144 + * attempt to restart the handshake after asynchronously handling |
141 + * a request for the client's certificate. | 145 + * a request for the client's certificate. |
142 + * | 146 + * |
143 + * inputs: | 147 + * inputs: |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
200 + } | 204 + } |
201 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); | 205 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); |
202 + ret = SECFailure; | 206 + ret = SECFailure; |
203 + } | 207 + } |
204 + | 208 + |
205 + ssl_Release1stHandshakeLock(ss); /************************************/ | 209 + ssl_Release1stHandshakeLock(ss); /************************************/ |
206 + return ret; | 210 + return ret; |
207 } | 211 } |
208 | 212 |
209 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; | 213 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
OLD | NEW |