OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 6621 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6632 /* get a new sid */ | 6632 /* get a new sid */ |
6633 ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE); | 6633 ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE); |
6634 if (sid == NULL) { | 6634 if (sid == NULL) { |
6635 goto alert_loser; /* memory error is set. */ | 6635 goto alert_loser; /* memory error is set. */ |
6636 } | 6636 } |
6637 | 6637 |
6638 sid->version = ss->version; | 6638 sid->version = ss->version; |
6639 sid->u.ssl3.sessionIDLength = sidBytes.len; | 6639 sid->u.ssl3.sessionIDLength = sidBytes.len; |
6640 PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len); | 6640 PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len); |
6641 | 6641 |
| 6642 /* Copy Signed Certificate Timestamps, if any. */ |
| 6643 if (ss->xtnData.signedCertTimestamps.data) { |
| 6644 rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps, |
| 6645 &ss->xtnData.signedCertTimestamps); |
| 6646 if (rv != SECSuccess) |
| 6647 goto loser; |
| 6648 } |
| 6649 |
6642 ss->ssl3.hs.isResuming = PR_FALSE; | 6650 ss->ssl3.hs.isResuming = PR_FALSE; |
6643 ss->ssl3.hs.ws = wait_server_cert; | 6651 ss->ssl3.hs.ws = wait_server_cert; |
6644 | 6652 |
6645 winner: | 6653 winner: |
| 6654 /* Clean up the temporary pointer to the handshake buffer. */ |
| 6655 ss->xtnData.signedCertTimestamps.data = NULL; |
| 6656 ss->xtnData.signedCertTimestamps.len = 0; |
| 6657 |
6646 /* If we will need a ChannelID key then we make the callback now. This | 6658 /* If we will need a ChannelID key then we make the callback now. This |
6647 * allows the handshake to be restarted cleanly if the callback returns | 6659 * allows the handshake to be restarted cleanly if the callback returns |
6648 * SECWouldBlock. */ | 6660 * SECWouldBlock. */ |
6649 if (ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { | 6661 if (ssl3_ExtensionNegotiated(ss, ssl_channel_id_xtn)) { |
6650 rv = ss->getChannelID(ss->getChannelIDArg, ss->fd, | 6662 rv = ss->getChannelID(ss->getChannelIDArg, ss->fd, |
6651 &ss->ssl3.channelIDPub, &ss->ssl3.channelID); | 6663 &ss->ssl3.channelIDPub, &ss->ssl3.channelID); |
6652 if (rv == SECWouldBlock) { | 6664 if (rv == SECWouldBlock) { |
6653 ssl3_SetAlwaysBlock(ss); | 6665 ssl3_SetAlwaysBlock(ss); |
6654 return rv; | 6666 return rv; |
6655 } | 6667 } |
6656 if (rv != SECSuccess || | 6668 if (rv != SECSuccess || |
6657 ss->ssl3.channelIDPub == NULL || | 6669 ss->ssl3.channelIDPub == NULL || |
6658 ss->ssl3.channelID == NULL) { | 6670 ss->ssl3.channelID == NULL) { |
6659 PORT_SetError(SSL_ERROR_GET_CHANNEL_ID_FAILED); | 6671 PORT_SetError(SSL_ERROR_GET_CHANNEL_ID_FAILED); |
6660 desc = internal_error; | 6672 desc = internal_error; |
6661 goto alert_loser; | 6673 goto alert_loser; |
6662 } | 6674 } |
6663 } | 6675 } |
6664 | 6676 |
6665 return SECSuccess; | 6677 return SECSuccess; |
6666 | 6678 |
6667 alert_loser: | 6679 alert_loser: |
6668 (void)SSL3_SendAlert(ss, alert_fatal, desc); | 6680 (void)SSL3_SendAlert(ss, alert_fatal, desc); |
6669 | 6681 |
6670 loser: | 6682 loser: |
| 6683 /* Clean up the temporary pointer to the handshake buffer. */ |
| 6684 ss->xtnData.signedCertTimestamps.data = NULL; |
| 6685 ss->xtnData.signedCertTimestamps.len = 0; |
6671 errCode = ssl_MapLowLevelError(errCode); | 6686 errCode = ssl_MapLowLevelError(errCode); |
6672 return SECFailure; | 6687 return SECFailure; |
6673 } | 6688 } |
6674 | 6689 |
6675 /* ssl3_BigIntGreaterThanOne returns true iff |mpint|, taken as an unsigned, | 6690 /* ssl3_BigIntGreaterThanOne returns true iff |mpint|, taken as an unsigned, |
6676 * big-endian integer is > 1 */ | 6691 * big-endian integer is > 1 */ |
6677 static PRBool | 6692 static PRBool |
6678 ssl3_BigIntGreaterThanOne(const SECItem* mpint) { | 6693 ssl3_BigIntGreaterThanOne(const SECItem* mpint) { |
6679 unsigned char firstNonZeroByte = 0; | 6694 unsigned char firstNonZeroByte = 0; |
6680 unsigned int i; | 6695 unsigned int i; |
(...skipping 5952 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
12633 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12648 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12634 } | 12649 } |
12635 } | 12650 } |
12636 | 12651 |
12637 ss->ssl3.initialized = PR_FALSE; | 12652 ss->ssl3.initialized = PR_FALSE; |
12638 | 12653 |
12639 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12654 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12640 } | 12655 } |
12641 | 12656 |
12642 /* End of ssl3con.c */ | 12657 /* End of ssl3con.c */ |
OLD | NEW |