OLD | NEW |
| (Empty) |
1 /* | |
2 * Accessor functions for SSLSocket private members. | |
3 * | |
4 * This Source Code Form is subject to the terms of the Mozilla Public | |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
7 | |
8 #include "cert.h" | |
9 #include "ssl.h" | |
10 #include "certt.h" | |
11 #include "sslimpl.h" | |
12 | |
13 /* given PRFileDesc, returns a copy of certificate associated with the socket | |
14 * the caller should delete the cert when done with SSL_DestroyCertificate | |
15 */ | |
16 CERTCertificate * | |
17 SSL_RevealCert(PRFileDesc *fd) | |
18 { | |
19 CERTCertificate *cert = NULL; | |
20 sslSocket *sslsocket = NULL; | |
21 | |
22 sslsocket = ssl_FindSocket(fd); | |
23 | |
24 /* CERT_DupCertificate increases reference count and returns pointer to | |
25 * the same cert | |
26 */ | |
27 if (sslsocket && sslsocket->sec.peerCert) | |
28 cert = CERT_DupCertificate(sslsocket->sec.peerCert); | |
29 | |
30 return cert; | |
31 } | |
32 | |
33 /* given PRFileDesc, returns a pointer to PinArg associated with the socket | |
34 */ | |
35 void * | |
36 SSL_RevealPinArg(PRFileDesc *fd) | |
37 { | |
38 sslSocket *sslsocket = NULL; | |
39 void *PinArg = NULL; | |
40 | |
41 sslsocket = ssl_FindSocket(fd); | |
42 | |
43 /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ | |
44 if (sslsocket) | |
45 PinArg = sslsocket->pkcs11PinArg; | |
46 | |
47 return PinArg; | |
48 } | |
49 | |
50 /* given PRFileDesc, returns a pointer to the URL associated with the socket | |
51 * the caller should free url when done | |
52 */ | |
53 char * | |
54 SSL_RevealURL(PRFileDesc *fd) | |
55 { | |
56 sslSocket *sslsocket = NULL; | |
57 char *url = NULL; | |
58 | |
59 sslsocket = ssl_FindSocket(fd); | |
60 | |
61 if (sslsocket && sslsocket->url) | |
62 url = PL_strdup(sslsocket->url); | |
63 | |
64 return url; | |
65 } | |
66 | |
67 /* given PRFileDesc, returns status information related to extensions | |
68 * negotiated with peer during the handshake. | |
69 */ | |
70 | |
71 SECStatus | |
72 SSL_HandshakeNegotiatedExtension(PRFileDesc *socket, | |
73 SSLExtensionType extId, | |
74 PRBool *pYes) | |
75 { | |
76 /* some decisions derived from SSL_GetChannelInfo */ | |
77 sslSocket *sslsocket = NULL; | |
78 | |
79 if (!pYes) { | |
80 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
81 return SECFailure; | |
82 } | |
83 | |
84 sslsocket = ssl_FindSocket(socket); | |
85 if (!sslsocket) { | |
86 SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", | |
87 SSL_GETPID(), socket)); | |
88 return SECFailure; | |
89 } | |
90 | |
91 *pYes = PR_FALSE; | |
92 | |
93 /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ | |
94 if (sslsocket->opt.useSecurity) { | |
95 if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ | |
96 /* now we know this socket went through ssl3_InitState() and | |
97 * ss->xtnData got initialized, which is the only member accessed by | |
98 * ssl3_ExtensionNegotiated(); | |
99 * Member xtnData appears to get accessed in functions that handle | |
100 * the handshake (hello messages and extension sending), | |
101 * therefore the handshake lock should be sufficient. | |
102 */ | |
103 ssl_GetSSL3HandshakeLock(sslsocket); | |
104 *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); | |
105 ssl_ReleaseSSL3HandshakeLock(sslsocket); | |
106 } | |
107 } | |
108 | |
109 return SECSuccess; | |
110 } | |
OLD | NEW |