OLD | NEW |
1 /* | 1 /* |
2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. | 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 #include "nssrenam.h" | 8 #include "nssrenam.h" |
9 #include "cert.h" | 9 #include "cert.h" |
10 #include "secitem.h" | 10 #include "secitem.h" |
(...skipping 410 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
421 | 421 |
422 /************************************************************************/ | 422 /************************************************************************/ |
423 | 423 |
424 /* Called from ssl2_CreateSessionCypher(), which already holds handshake lock. | 424 /* Called from ssl2_CreateSessionCypher(), which already holds handshake lock. |
425 */ | 425 */ |
426 static SECStatus | 426 static SECStatus |
427 ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey, | 427 ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey, |
428 int cipherChoice) | 428 int cipherChoice) |
429 { | 429 { |
430 switch (cipherChoice) { | 430 switch (cipherChoice) { |
431 | |
432 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: | 431 case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5: |
433 case SSL_CK_RC2_128_CBC_WITH_MD5: | 432 case SSL_CK_RC2_128_CBC_WITH_MD5: |
434 case SSL_CK_RC4_128_EXPORT40_WITH_MD5: | 433 case SSL_CK_RC4_128_EXPORT40_WITH_MD5: |
435 case SSL_CK_RC4_128_WITH_MD5: | 434 case SSL_CK_RC4_128_WITH_MD5: |
436 case SSL_CK_DES_64_CBC_WITH_MD5: | 435 case SSL_CK_DES_64_CBC_WITH_MD5: |
437 case SSL_CK_DES_192_EDE3_CBC_WITH_MD5: | 436 case SSL_CK_DES_192_EDE3_CBC_WITH_MD5: |
438 sec->hash = HASH_GetHashObject(HASH_AlgMD5); | 437 sec->hash = HASH_GetHashObject(HASH_AlgMD5); |
439 » SECITEM_CopyItem(0, &sec->sendSecret, writeKey); | 438 » if (SECITEM_CopyItem(0, &sec->sendSecret, writeKey) || |
440 » SECITEM_CopyItem(0, &sec->rcvSecret, readKey); | 439 » SECITEM_CopyItem(0, &sec->rcvSecret, readKey)) { |
| 440 » return SECFailure; |
| 441 » } |
441 break; | 442 break; |
442 | 443 |
443 default: | 444 default: |
444 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); | 445 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); |
445 return SECFailure; | 446 return SECFailure; |
446 } | 447 } |
447 sec->hashcx = (*sec->hash->create)(); | 448 sec->hashcx = (*sec->hash->create)(); |
448 if (sec->hashcx == NULL) | 449 if (sec->hashcx == NULL) |
449 return SECFailure; | 450 return SECFailure; |
450 return SECSuccess; | 451 return SECSuccess; |
(...skipping 2643 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3094 ss->version = SSL_LIBRARY_VERSION_3_0; | 3095 ss->version = SSL_LIBRARY_VERSION_3_0; |
3095 | 3096 |
3096 ssl_GetSSL3HandshakeLock(ss); | 3097 ssl_GetSSL3HandshakeLock(ss); |
3097 ssl_GetXmitBufLock(ss); | 3098 ssl_GetXmitBufLock(ss); |
3098 rv = ssl3_SendClientHello(ss, PR_FALSE); | 3099 rv = ssl3_SendClientHello(ss, PR_FALSE); |
3099 ssl_ReleaseXmitBufLock(ss); | 3100 ssl_ReleaseXmitBufLock(ss); |
3100 ssl_ReleaseSSL3HandshakeLock(ss); | 3101 ssl_ReleaseSSL3HandshakeLock(ss); |
3101 | 3102 |
3102 return rv; | 3103 return rv; |
3103 } | 3104 } |
3104 #if defined(NSS_ENABLE_ECC) | 3105 #ifndef NSS_DISABLE_ECC |
3105 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ | 3106 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ |
3106 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ | 3107 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ |
3107 if (ss->cipherSpecs != NULL) { | 3108 if (ss->cipherSpecs != NULL) { |
3108 PORT_Free(ss->cipherSpecs); | 3109 PORT_Free(ss->cipherSpecs); |
3109 ss->cipherSpecs = NULL; | 3110 ss->cipherSpecs = NULL; |
3110 ss->sizeCipherSpecs = 0; | 3111 ss->sizeCipherSpecs = 0; |
3111 } | 3112 } |
3112 #endif | 3113 #endif /* NSS_DISABLE_ECC */ |
3113 | 3114 |
3114 if (!ss->cipherSpecs) { | 3115 if (!ss->cipherSpecs) { |
3115 rv = ssl2_ConstructCipherSpecs(ss); | 3116 rv = ssl2_ConstructCipherSpecs(ss); |
3116 if (rv < 0) { | 3117 if (rv < 0) { |
3117 return rv; | 3118 return rv; |
3118 } | 3119 } |
3119 } | 3120 } |
3120 localCipherSpecs = ss->cipherSpecs; | 3121 localCipherSpecs = ss->cipherSpecs; |
3121 localCipherSize = ss->sizeCipherSpecs; | 3122 localCipherSize = ss->sizeCipherSpecs; |
3122 | 3123 |
(...skipping 564 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3687 | 3688 |
3688 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; | 3689 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; |
3689 return NSS_VersionCheck(importedVersion); | 3690 return NSS_VersionCheck(importedVersion); |
3690 } | 3691 } |
3691 | 3692 |
3692 const char * | 3693 const char * |
3693 NSSSSL_GetVersion(void) | 3694 NSSSSL_GetVersion(void) |
3694 { | 3695 { |
3695 return NSS_VERSION; | 3696 return NSS_VERSION; |
3696 } | 3697 } |
OLD | NEW |