OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 #include "ssl.h" | 4 #include "ssl.h" |
5 #include "sslimpl.h" | 5 #include "sslimpl.h" |
6 #include "sslproto.h" | 6 #include "sslproto.h" |
7 | 7 |
8 static const char * | 8 static const char * |
9 ssl_GetCompressionMethodName(SSLCompressionMethod compression) | 9 ssl_GetCompressionMethodName(SSLCompressionMethod compression) |
10 { | 10 { |
11 switch (compression) { | 11 switch (compression) { |
12 case ssl_compression_null: | 12 case ssl_compression_null: |
13 return "NULL"; | 13 return "NULL"; |
14 #ifdef NSS_ENABLE_ZLIB | 14 #ifdef NSS_ENABLE_ZLIB |
15 case ssl_compression_deflate: | 15 case ssl_compression_deflate: |
16 return "DEFLATE"; | 16 return "DEFLATE"; |
17 #endif | 17 #endif |
18 default: | 18 default: |
19 return "???"; | 19 return "???"; |
20 } | 20 } |
21 } | 21 } |
22 | 22 |
23 SECStatus | 23 SECStatus |
24 SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) | 24 SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) |
25 { | 25 { |
26 sslSocket * ss; | 26 sslSocket * ss; |
27 SSLChannelInfo inf; | 27 SSLChannelInfo inf; |
28 sslSessionID * sid; | 28 sslSessionID * sid; |
29 PRBool enoughFirstHsDone = PR_FALSE; | |
30 | 29 |
31 if (!info || len < sizeof inf.length) { | 30 if (!info || len < sizeof inf.length) { |
32 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 31 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
33 return SECFailure; | 32 return SECFailure; |
34 } | 33 } |
35 | 34 |
36 ss = ssl_FindSocket(fd); | 35 ss = ssl_FindSocket(fd); |
37 if (!ss) { | 36 if (!ss) { |
38 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo", | 37 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo", |
39 SSL_GETPID(), fd)); | 38 SSL_GETPID(), fd)); |
40 return SECFailure; | 39 return SECFailure; |
41 } | 40 } |
42 | 41 |
43 memset(&inf, 0, sizeof inf); | 42 memset(&inf, 0, sizeof inf); |
44 inf.length = PR_MIN(sizeof inf, len); | 43 inf.length = PR_MIN(sizeof inf, len); |
45 | 44 |
46 if (ss->firstHsDone) { | 45 if (ss->opt.useSecurity && ss->enoughFirstHsDone) { |
47 » enoughFirstHsDone = PR_TRUE; | |
48 } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 && | |
49 » ssl3_CanFalseStart(ss)) { | |
50 » enoughFirstHsDone = PR_TRUE; | |
51 } | |
52 | |
53 if (ss->opt.useSecurity && enoughFirstHsDone) { | |
54 sid = ss->sec.ci.sid; | 46 sid = ss->sec.ci.sid; |
55 inf.protocolVersion = ss->version; | 47 inf.protocolVersion = ss->version; |
56 inf.authKeyBits = ss->sec.authKeyBits; | 48 inf.authKeyBits = ss->sec.authKeyBits; |
57 inf.keaKeyBits = ss->sec.keaKeyBits; | 49 inf.keaKeyBits = ss->sec.keaKeyBits; |
58 if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */ | 50 if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */ |
59 inf.cipherSuite = ss->sec.cipherType | 0xff00; | 51 inf.cipherSuite = ss->sec.cipherType | 0xff00; |
60 inf.compressionMethod = ssl_compression_null; | 52 inf.compressionMethod = ssl_compression_null; |
61 inf.compressionMethodName = "N/A"; | 53 inf.compressionMethodName = "N/A"; |
62 } else if (ss->ssl3.initialized) { /* SSL3 and TLS */ | 54 } else if (ss->ssl3.initialized) { /* SSL3 and TLS */ |
63 ssl_GetSpecReadLock(ss); | 55 ssl_GetSpecReadLock(ss); |
(...skipping 344 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
408 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, | 400 rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, |
409 valLen, out, outLen); | 401 valLen, out, outLen); |
410 } | 402 } |
411 ssl_ReleaseSpecReadLock(ss); | 403 ssl_ReleaseSpecReadLock(ss); |
412 ssl_ReleaseSSL3HandshakeLock(ss); | 404 ssl_ReleaseSSL3HandshakeLock(ss); |
413 ssl_ReleaseRecvBufLock(ss); | 405 ssl_ReleaseRecvBufLock(ss); |
414 | 406 |
415 PORT_ZFree(val, valLen); | 407 PORT_ZFree(val, valLen); |
416 return rv; | 408 return rv; |
417 } | 409 } |
OLD | NEW |