OLD | NEW |
1 /* | 1 /* |
2 * Accessor functions for SSLSocket private members. | 2 * Accessor functions for SSLSocket private members. |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 #include "cert.h" | 8 #include "cert.h" |
9 #include "ssl.h" | 9 #include "ssl.h" |
10 #include "certt.h" | 10 #include "certt.h" |
11 #include "sslimpl.h" | 11 #include "sslimpl.h" |
12 | 12 |
13 /* given PRFileDesc, returns a copy of certificate associated with the socket | 13 /* given PRFileDesc, returns a copy of certificate associated with the socket |
14 * the caller should delete the cert when done with SSL_DestroyCertificate | 14 * the caller should delete the cert when done with SSL_DestroyCertificate |
15 */ | 15 */ |
16 CERTCertificate * | 16 CERTCertificate * |
17 SSL_RevealCert(PRFileDesc * fd) | 17 SSL_RevealCert(PRFileDesc *fd) |
18 { | 18 { |
19 CERTCertificate * cert = NULL; | 19 CERTCertificate *cert = NULL; |
20 sslSocket * sslsocket = NULL; | 20 sslSocket *sslsocket = NULL; |
21 | 21 |
22 sslsocket = ssl_FindSocket(fd); | 22 sslsocket = ssl_FindSocket(fd); |
23 | 23 |
24 /* CERT_DupCertificate increases reference count and returns pointer to | 24 /* CERT_DupCertificate increases reference count and returns pointer to |
25 * the same cert | 25 * the same cert |
26 */ | 26 */ |
27 if (sslsocket && sslsocket->sec.peerCert) | 27 if (sslsocket && sslsocket->sec.peerCert) |
28 cert = CERT_DupCertificate(sslsocket->sec.peerCert); | 28 cert = CERT_DupCertificate(sslsocket->sec.peerCert); |
29 | 29 |
30 return cert; | 30 return cert; |
31 } | 31 } |
32 | 32 |
33 /* given PRFileDesc, returns a pointer to PinArg associated with the socket | 33 /* given PRFileDesc, returns a pointer to PinArg associated with the socket |
34 */ | 34 */ |
35 void * | 35 void * |
36 SSL_RevealPinArg(PRFileDesc * fd) | 36 SSL_RevealPinArg(PRFileDesc *fd) |
37 { | 37 { |
38 sslSocket * sslsocket = NULL; | 38 sslSocket *sslsocket = NULL; |
39 void * PinArg = NULL; | 39 void *PinArg = NULL; |
40 | 40 |
41 sslsocket = ssl_FindSocket(fd); | 41 sslsocket = ssl_FindSocket(fd); |
42 | 42 |
43 /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ | 43 /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ |
44 if (sslsocket) | 44 if (sslsocket) |
45 PinArg = sslsocket->pkcs11PinArg; | 45 PinArg = sslsocket->pkcs11PinArg; |
46 | 46 |
47 return PinArg; | 47 return PinArg; |
48 } | 48 } |
49 | 49 |
50 | |
51 /* given PRFileDesc, returns a pointer to the URL associated with the socket | 50 /* given PRFileDesc, returns a pointer to the URL associated with the socket |
52 * the caller should free url when done | 51 * the caller should free url when done |
53 */ | 52 */ |
54 char * | 53 char * |
55 SSL_RevealURL(PRFileDesc * fd) | 54 SSL_RevealURL(PRFileDesc *fd) |
56 { | 55 { |
57 sslSocket * sslsocket = NULL; | 56 sslSocket *sslsocket = NULL; |
58 char * url = NULL; | 57 char *url = NULL; |
59 | 58 |
60 sslsocket = ssl_FindSocket(fd); | 59 sslsocket = ssl_FindSocket(fd); |
61 | 60 |
62 if (sslsocket && sslsocket->url) | 61 if (sslsocket && sslsocket->url) |
63 url = PL_strdup(sslsocket->url); | 62 url = PL_strdup(sslsocket->url); |
64 | 63 |
65 return url; | 64 return url; |
66 } | 65 } |
67 | 66 |
68 | 67 /* given PRFileDesc, returns status information related to extensions |
69 /* given PRFileDesc, returns status information related to extensions | |
70 * negotiated with peer during the handshake. | 68 * negotiated with peer during the handshake. |
71 */ | 69 */ |
72 | 70 |
73 SECStatus | 71 SECStatus |
74 SSL_HandshakeNegotiatedExtension(PRFileDesc * socket, | 72 SSL_HandshakeNegotiatedExtension(PRFileDesc *socket, |
75 SSLExtensionType extId, | 73 SSLExtensionType extId, |
76 PRBool *pYes) | 74 PRBool *pYes) |
77 { | 75 { |
78 /* some decisions derived from SSL_GetChannelInfo */ | 76 /* some decisions derived from SSL_GetChannelInfo */ |
79 sslSocket * sslsocket = NULL; | 77 sslSocket *sslsocket = NULL; |
80 | 78 |
81 if (!pYes) { | 79 if (!pYes) { |
82 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 80 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
83 return SECFailure; | 81 return SECFailure; |
84 } | 82 } |
85 | 83 |
86 sslsocket = ssl_FindSocket(socket); | 84 sslsocket = ssl_FindSocket(socket); |
87 if (!sslsocket) { | 85 if (!sslsocket) { |
88 SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", | 86 SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", |
89 SSL_GETPID(), socket)); | 87 SSL_GETPID(), socket)); |
90 return SECFailure; | 88 return SECFailure; |
91 } | 89 } |
92 | 90 |
93 *pYes = PR_FALSE; | 91 *pYes = PR_FALSE; |
94 | 92 |
95 /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ | 93 /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ |
96 if (sslsocket->opt.useSecurity) { | 94 if (sslsocket->opt.useSecurity) { |
97 if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ | 95 if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ |
98 /* now we know this socket went through ssl3_InitState() and | 96 /* now we know this socket went through ssl3_InitState() and |
99 * ss->xtnData got initialized, which is the only member accessed by | 97 * ss->xtnData got initialized, which is the only member accessed by |
100 * ssl3_ExtensionNegotiated(); | 98 * ssl3_ExtensionNegotiated(); |
101 * Member xtnData appears to get accessed in functions that handle | 99 * Member xtnData appears to get accessed in functions that handle |
102 * the handshake (hello messages and extension sending), | 100 * the handshake (hello messages and extension sending), |
103 * therefore the handshake lock should be sufficient. | 101 * therefore the handshake lock should be sufficient. |
104 */ | 102 */ |
105 ssl_GetSSL3HandshakeLock(sslsocket); | 103 ssl_GetSSL3HandshakeLock(sslsocket); |
106 *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); | 104 *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); |
107 ssl_ReleaseSSL3HandshakeLock(sslsocket); | 105 ssl_ReleaseSSL3HandshakeLock(sslsocket); |
| 106 } |
108 } | 107 } |
109 } | |
110 | 108 |
111 return SECSuccess; | 109 return SECSuccess; |
112 } | 110 } |
OLD | NEW |