OLD | NEW |
1 diff --git a/ssl/ssl.h b/ssl/ssl.h | 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
2 index e2d1b09..593dd00 100644 | 2 index cf9f6db..85ced8a 100644 |
3 --- a/ssl/ssl.h | 3 --- a/lib/ssl/ssl.h |
4 +++ b/ssl/ssl.h | 4 +++ b/lib/ssl/ssl.h |
5 @@ -409,6 +409,11 @@ SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd); | 5 @@ -502,6 +502,11 @@ SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd); |
6 SSL_IMPORT SECStatus SSL_ForceHandshakeWithTimeout(PRFileDesc *fd, | 6 SSL_IMPORT SECStatus SSL_ForceHandshakeWithTimeout(PRFileDesc *fd, |
7 PRIntervalTime timeout); | 7 PRIntervalTime timeout); |
8 | 8 |
9 +SSL_IMPORT SECStatus SSL_RestartHandshakeAfterCertReq(PRFileDesc *fd, | 9 +SSL_IMPORT SECStatus SSL_RestartHandshakeAfterCertReq(PRFileDesc *fd, |
10 + CERTCertificate *cert, | 10 + CERTCertificate *cert, |
11 + SECKEYPrivateKey *key, | 11 + SECKEYPrivateKey *key, |
12 + CERTCertificateList *certChain); | 12 + CERTCertificateList *certChain); |
13 + | 13 + |
14 /* | 14 /* |
15 ** Query security status of socket. *on is set to one if security is | 15 ** Query security status of socket. *on is set to one if security is |
16 ** enabled. *keySize will contain the stream key size used. *issuer will | 16 ** enabled. *keySize will contain the stream key size used. *issuer will |
17 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c | 17 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
18 index 800c28e..29e8f1c 100644 | 18 index 27038f3..304e03b 100644 |
19 --- a/ssl/ssl3con.c | 19 --- a/lib/ssl/ssl3con.c |
20 +++ b/ssl/ssl3con.c | 20 +++ b/lib/ssl/ssl3con.c |
21 @@ -7275,6 +7275,85 @@ done: | 21 @@ -7482,6 +7482,85 @@ done: |
22 return rv; | 22 return rv; |
23 } | 23 } |
24 | 24 |
25 +/* | 25 +/* |
26 + * attempt to restart the handshake after asynchronously handling | 26 + * attempt to restart the handshake after asynchronously handling |
27 + * a request for the client's certificate. | 27 + * a request for the client's certificate. |
28 + * | 28 + * |
29 + * inputs: | 29 + * inputs: |
30 + * cert Client cert chosen by application. | 30 + * cert Client cert chosen by application. |
31 + * Note: ssl takes this reference, and does not bump the | 31 + * Note: ssl takes this reference, and does not bump the |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
97 + } | 97 + } |
98 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); | 98 + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); |
99 + rv = SECFailure; | 99 + rv = SECFailure; |
100 + } | 100 + } |
101 + return rv; | 101 + return rv; |
102 +} | 102 +} |
103 + | 103 + |
104 static SECStatus | 104 static SECStatus |
105 ssl3_CheckFalseStart(sslSocket *ss) | 105 ssl3_CheckFalseStart(sslSocket *ss) |
106 { | 106 { |
107 diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h | 107 diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h |
108 index 46e618a..2cf0b3a 100644 | 108 index c7231a7..c089889 100644 |
109 --- a/ssl/sslimpl.h | 109 --- a/lib/ssl/sslimpl.h |
110 +++ b/ssl/sslimpl.h | 110 +++ b/lib/ssl/sslimpl.h |
111 @@ -1599,16 +1599,17 @@ extern SECStatus ssl3_MasterKeyDeriveBypass( ssl3Cipher
Spec * pwSpec, | 111 @@ -1629,16 +1629,17 @@ extern SECStatus ssl3_MasterSecretDeriveBypass( ssl3Cip
herSpec * pwSpec, |
112 /* These functions are called from secnav, even though they're "private". */ | 112 /* These functions are called from secnav, even though they're "private". */ |
113 | 113 |
114 extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error); | 114 extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error); |
115 -extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss, | 115 -extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss, |
116 - CERTCertificate *cert, | 116 - CERTCertificate *cert, |
117 - SECKEYPrivateKey *key, | 117 - SECKEYPrivateKey *key, |
118 - CERTCertificateList *certChain); | 118 - CERTCertificateList *certChain); |
119 extern sslSocket *ssl_FindSocket(PRFileDesc *fd); | 119 extern sslSocket *ssl_FindSocket(PRFileDesc *fd); |
120 extern void ssl_FreeSocket(struct sslSocketStr *ssl); | 120 extern void ssl_FreeSocket(struct sslSocketStr *ssl); |
121 extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, | 121 extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, |
122 SSL3AlertDescription desc); | 122 SSL3AlertDescription desc); |
123 extern SECStatus ssl3_DecodeError(sslSocket *ss); | 123 extern SECStatus ssl3_DecodeError(sslSocket *ss); |
124 | 124 |
125 +extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss, | 125 +extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss, |
126 + CERTCertificate * cert, | 126 + CERTCertificate * cert, |
127 + SECKEYPrivateKey * key, | 127 + SECKEYPrivateKey * key, |
128 + CERTCertificateList *certChain); | 128 + CERTCertificateList *certChain); |
129 + | 129 + |
130 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; | 130 extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
; |
131 | 131 |
132 /* | 132 /* |
133 diff --git a/ssl/sslsecur.c b/ssl/sslsecur.c | 133 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c |
134 index ea2d408..d44336e 100644 | 134 index 53b4885..f77d6fa 100644 |
135 --- a/ssl/sslsecur.c | 135 --- a/lib/ssl/sslsecur.c |
136 +++ b/ssl/sslsecur.c | 136 +++ b/lib/ssl/sslsecur.c |
137 @@ -1516,17 +1516,70 @@ SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *db
Handle) | 137 @@ -1532,17 +1532,70 @@ SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *db
Handle) |
138 return SECSuccess; | 138 return SECSuccess; |
139 } | 139 } |
140 | 140 |
141 -/* DO NOT USE. This function was exported in ssl.def with the wrong signature; | 141 -/* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
142 - * this implementation exists to maintain link-time compatibility. | 142 - * this implementation exists to maintain link-time compatibility. |
143 +/* | 143 +/* |
144 + * attempt to restart the handshake after asynchronously handling | 144 + * attempt to restart the handshake after asynchronously handling |
145 + * a request for the client's certificate. | 145 + * a request for the client's certificate. |
146 + * | 146 + * |
147 + * inputs: | 147 + * inputs: |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
204 + } | 204 + } |
205 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); | 205 + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); |
206 + ret = SECFailure; | 206 + ret = SECFailure; |
207 + } | 207 + } |
208 + | 208 + |
209 + ssl_Release1stHandshakeLock(ss); /************************************/ | 209 + ssl_Release1stHandshakeLock(ss); /************************************/ |
210 + return ret; | 210 + return ret; |
211 } | 211 } |
212 | 212 |
213 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; | 213 /* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
OLD | NEW |