OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 #include "bin/secure_socket.h" | 5 #include "bin/secure_socket.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <fcntl.h> | 8 #include <fcntl.h> |
9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
10 #include <stdio.h> | 10 #include <stdio.h> |
11 #include <string.h> | 11 #include <string.h> |
12 | 12 |
13 #include <key.h> | 13 #include <key.h> |
14 #include <keyt.h> | 14 #include <keyt.h> |
15 #include <nss.h> | 15 #include <nss.h> |
16 #include <pk11pub.h> | 16 #include <pk11pub.h> |
17 #include <prerror.h> | 17 #include <prerror.h> |
18 #include <prinit.h> | 18 #include <prinit.h> |
19 #include <prnetdb.h> | 19 #include <prnetdb.h> |
20 #include <secmod.h> | 20 #include <secmod.h> |
21 #include <ssl.h> | 21 #include <ssl.h> |
22 #include <sslproto.h> | 22 #include <sslproto.h> |
23 | 23 |
24 #include "bin/builtin.h" | 24 #include "bin/builtin.h" |
25 #include "bin/dartutils.h" | 25 #include "bin/dartutils.h" |
26 #include "bin/net/nss_memio.h" | 26 #include "bin/net/nss_memio.h" |
| 27 #include "bin/socket.h" |
27 #include "bin/thread.h" | 28 #include "bin/thread.h" |
28 #include "bin/utils.h" | 29 #include "bin/utils.h" |
29 #include "platform/utils.h" | 30 #include "platform/utils.h" |
30 | 31 |
31 #include "include/dart_api.h" | 32 #include "include/dart_api.h" |
32 | 33 |
33 | 34 |
34 namespace dart { | 35 namespace dart { |
35 namespace bin { | 36 namespace bin { |
36 | 37 |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 SSLFilter* filter = new SSLFilter; | 71 SSLFilter* filter = new SSLFilter; |
71 SetFilter(args, filter); | 72 SetFilter(args, filter); |
72 filter->Init(dart_this); | 73 filter->Init(dart_this); |
73 Dart_ExitScope(); | 74 Dart_ExitScope(); |
74 } | 75 } |
75 | 76 |
76 | 77 |
77 void FUNCTION_NAME(SecureSocket_Connect)(Dart_NativeArguments args) { | 78 void FUNCTION_NAME(SecureSocket_Connect)(Dart_NativeArguments args) { |
78 Dart_EnterScope(); | 79 Dart_EnterScope(); |
79 Dart_Handle host_name_object = ThrowIfError(Dart_GetNativeArgument(args, 1)); | 80 Dart_Handle host_name_object = ThrowIfError(Dart_GetNativeArgument(args, 1)); |
80 Dart_Handle port_object = ThrowIfError(Dart_GetNativeArgument(args, 2)); | 81 Dart_Handle host_sockaddr_storage_object = |
81 bool is_server = DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 3)); | 82 ThrowIfError(Dart_GetNativeArgument(args, 2)); |
| 83 Dart_Handle port_object = ThrowIfError(Dart_GetNativeArgument(args, 3)); |
| 84 bool is_server = DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 4)); |
82 Dart_Handle certificate_name_object = | 85 Dart_Handle certificate_name_object = |
83 ThrowIfError(Dart_GetNativeArgument(args, 4)); | 86 ThrowIfError(Dart_GetNativeArgument(args, 5)); |
84 bool request_client_certificate = | 87 bool request_client_certificate = |
85 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 5)); | 88 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 6)); |
86 bool require_client_certificate = | 89 bool require_client_certificate = |
87 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 6)); | 90 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 7)); |
88 bool send_client_certificate = | 91 bool send_client_certificate = |
89 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 7)); | 92 DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 8)); |
90 | 93 |
91 const char* host_name = NULL; | 94 const char* host_name = NULL; |
92 // TODO(whesse): Is truncating a Dart string containing \0 what we want? | 95 // TODO(whesse): Is truncating a Dart string containing \0 what we want? |
93 ThrowIfError(Dart_StringToCString(host_name_object, &host_name)); | 96 ThrowIfError(Dart_StringToCString(host_name_object, &host_name)); |
94 | 97 |
| 98 RawAddr raw_addr; |
| 99 Dart_TypedData_Type type; |
| 100 uint8_t* buffer = NULL; |
| 101 intptr_t len; |
| 102 ThrowIfError(Dart_TypedDataAcquireData(host_sockaddr_storage_object, |
| 103 &type, |
| 104 reinterpret_cast<void**>(&buffer), |
| 105 &len)); |
| 106 ASSERT(static_cast<size_t>(len) <= sizeof(raw_addr)); |
| 107 memmove(&raw_addr, buffer, len); |
| 108 Dart_TypedDataReleaseData(host_sockaddr_storage_object); |
| 109 |
95 int64_t port; | 110 int64_t port; |
96 if (!DartUtils::GetInt64Value(port_object, &port)) { | 111 if (!DartUtils::GetInt64Value(port_object, &port)) { |
97 FATAL("The range of port_object was checked in Dart - it cannot fail here"); | 112 FATAL("The range of port_object was checked in Dart - it cannot fail here"); |
98 } | 113 } |
99 | 114 |
100 const char* certificate_name = NULL; | 115 const char* certificate_name = NULL; |
101 if (Dart_IsString(certificate_name_object)) { | 116 if (Dart_IsString(certificate_name_object)) { |
102 ThrowIfError(Dart_StringToCString(certificate_name_object, | 117 ThrowIfError(Dart_StringToCString(certificate_name_object, |
103 &certificate_name)); | 118 &certificate_name)); |
104 } | 119 } |
105 // If this is a server connection, it must have a certificate to connect with. | 120 // If this is a server connection, it must have a certificate to connect with. |
106 ASSERT(!is_server || certificate_name != NULL); | 121 ASSERT(!is_server || certificate_name != NULL); |
107 | 122 |
108 GetFilter(args)->Connect(host_name, | 123 GetFilter(args)->Connect(host_name, |
| 124 &raw_addr, |
109 static_cast<int>(port), | 125 static_cast<int>(port), |
110 is_server, | 126 is_server, |
111 certificate_name, | 127 certificate_name, |
112 request_client_certificate, | 128 request_client_certificate, |
113 require_client_certificate, | 129 require_client_certificate, |
114 send_client_certificate); | 130 send_client_certificate); |
115 Dart_ExitScope(); | 131 Dart_ExitScope(); |
116 } | 132 } |
117 | 133 |
118 | 134 |
(...skipping 331 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
450 Dart_Handle SSLFilter::PeerCertificate() { | 466 Dart_Handle SSLFilter::PeerCertificate() { |
451 CERTCertificate* certificate = SSL_PeerCertificate(filter_); | 467 CERTCertificate* certificate = SSL_PeerCertificate(filter_); |
452 if (certificate == NULL) return Dart_Null(); | 468 if (certificate == NULL) return Dart_Null(); |
453 Dart_Handle x509_object = X509FromCertificate(certificate); | 469 Dart_Handle x509_object = X509FromCertificate(certificate); |
454 CERT_DestroyCertificate(certificate); | 470 CERT_DestroyCertificate(certificate); |
455 return x509_object; | 471 return x509_object; |
456 } | 472 } |
457 | 473 |
458 | 474 |
459 void SSLFilter::Connect(const char* host_name, | 475 void SSLFilter::Connect(const char* host_name, |
| 476 RawAddr* raw_addr, |
460 int port, | 477 int port, |
461 bool is_server, | 478 bool is_server, |
462 const char* certificate_name, | 479 const char* certificate_name, |
463 bool request_client_certificate, | 480 bool request_client_certificate, |
464 bool require_client_certificate, | 481 bool require_client_certificate, |
465 bool send_client_certificate) { | 482 bool send_client_certificate) { |
466 is_server_ = is_server; | 483 is_server_ = is_server; |
467 if (in_handshake_) { | 484 if (in_handshake_) { |
468 ThrowException("Connect called while already in handshake state."); | 485 ThrowException("Connect called while already in handshake state."); |
469 } | 486 } |
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
563 status = SSL_BadCertHook(filter_, | 580 status = SSL_BadCertHook(filter_, |
564 BadCertificateCallback, | 581 BadCertificateCallback, |
565 static_cast<void*>(this)); | 582 static_cast<void*>(this)); |
566 | 583 |
567 PRBool as_server = is_server ? PR_TRUE : PR_FALSE; | 584 PRBool as_server = is_server ? PR_TRUE : PR_FALSE; |
568 status = SSL_ResetHandshake(filter_, as_server); | 585 status = SSL_ResetHandshake(filter_, as_server); |
569 if (status != SECSuccess) { | 586 if (status != SECSuccess) { |
570 ThrowPRException("Failed SSL_ResetHandshake call"); | 587 ThrowPRException("Failed SSL_ResetHandshake call"); |
571 } | 588 } |
572 | 589 |
573 // SetPeerAddress | 590 // Set the peer address from the address passed. The DNS has already |
574 PRNetAddr host_address; | 591 // been done in Dart code, so just use that address. This relies on |
575 PRAddrInfo* info = PR_GetAddrInfoByName(host_name, | 592 // following about PRNetAddr: "The raw member of the union is |
576 PR_AF_UNSPEC, | 593 // equivalent to struct sockaddr", which is stated in the NSS |
577 PR_AI_ADDRCONFIG); | 594 // documentation. |
578 if (info == NULL) { | 595 PRNetAddr peername; |
579 ThrowPRException("Failed PR_GetAddrInfoByName call"); | 596 memset(&peername, 0, sizeof(peername)); |
580 } | 597 intptr_t len = SocketAddress::GetAddrLength(*raw_addr); |
| 598 ASSERT(static_cast<size_t>(len) <= sizeof(peername)); |
| 599 memmove(&peername, &raw_addr->addr, len); |
581 | 600 |
582 PR_EnumerateAddrInfo(0, info, port, &host_address); | 601 // Adjust the address family field for BSD, whose sockaddr |
| 602 // structure has a one-byte length and one-byte address family |
| 603 // field at the beginning. PRNetAddr has a two-byte address |
| 604 // family field at the beginning. |
| 605 peername.raw.family = raw_addr->addr.sa_family; |
583 | 606 |
584 memio_SetPeerName(filter_, &host_address); | 607 memio_SetPeerName(filter_, &peername); |
585 PR_FreeAddrInfo(info); | |
586 } | 608 } |
587 | 609 |
588 | 610 |
589 void SSLFilter::Handshake() { | 611 void SSLFilter::Handshake() { |
590 SECStatus status = SSL_ForceHandshake(filter_); | 612 SECStatus status = SSL_ForceHandshake(filter_); |
591 if (status == SECSuccess) { | 613 if (status == SECSuccess) { |
592 if (in_handshake_) { | 614 if (in_handshake_) { |
593 ThrowIfError(Dart_InvokeClosure( | 615 ThrowIfError(Dart_InvokeClosure( |
594 Dart_HandleFromPersistent(handshake_complete_), 0, NULL)); | 616 Dart_HandleFromPersistent(handshake_complete_), 0, NULL)); |
595 in_handshake_ = false; | 617 in_handshake_ = false; |
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
722 bytes_processed = 0; | 744 bytes_processed = 0; |
723 } | 745 } |
724 break; | 746 break; |
725 } | 747 } |
726 } | 748 } |
727 return bytes_processed; | 749 return bytes_processed; |
728 } | 750 } |
729 | 751 |
730 } // namespace bin | 752 } // namespace bin |
731 } // namespace dart | 753 } // namespace dart |
OLD | NEW |