OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 4987 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4998 rv = ssl3_InitState(ss); | 4998 rv = ssl3_InitState(ss); |
4999 if (rv != SECSuccess) { | 4999 if (rv != SECSuccess) { |
5000 errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */ | 5000 errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */ |
5001 goto alert_loser; | 5001 goto alert_loser; |
5002 } | 5002 } |
5003 if (ss->ssl3.hs.ws != wait_server_hello) { | 5003 if (ss->ssl3.hs.ws != wait_server_hello) { |
5004 errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO; | 5004 errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO; |
5005 desc = unexpected_message; | 5005 desc = unexpected_message; |
5006 goto alert_loser; | 5006 goto alert_loser; |
5007 } | 5007 } |
5008 | 5008 |
5009 /* clean up anything left from previous handshake. */ | 5009 /* clean up anything left from previous handshake. */ |
5010 if (ss->ssl3.clientCertChain != NULL) { | 5010 if (ss->ssl3.clientCertChain != NULL) { |
5011 CERT_DestroyCertificateList(ss->ssl3.clientCertChain); | 5011 CERT_DestroyCertificateList(ss->ssl3.clientCertChain); |
5012 ss->ssl3.clientCertChain = NULL; | 5012 ss->ssl3.clientCertChain = NULL; |
5013 } | 5013 } |
5014 if (ss->ssl3.clientCertificate != NULL) { | 5014 if (ss->ssl3.clientCertificate != NULL) { |
5015 CERT_DestroyCertificate(ss->ssl3.clientCertificate); | 5015 CERT_DestroyCertificate(ss->ssl3.clientCertificate); |
5016 ss->ssl3.clientCertificate = NULL; | 5016 ss->ssl3.clientCertificate = NULL; |
5017 } | 5017 } |
5018 if (ss->ssl3.clientPrivateKey != NULL) { | 5018 if (ss->ssl3.clientPrivateKey != NULL) { |
(...skipping 496 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5515 SSL_GETPID(), ss->fd)); | 5515 SSL_GETPID(), ss->fd)); |
5516 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); | 5516 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); |
5517 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); | 5517 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); |
5518 | 5518 |
5519 if (ss->ssl3.hs.ws != wait_cert_request && | 5519 if (ss->ssl3.hs.ws != wait_cert_request && |
5520 ss->ssl3.hs.ws != wait_server_key) { | 5520 ss->ssl3.hs.ws != wait_server_key) { |
5521 desc = unexpected_message; | 5521 desc = unexpected_message; |
5522 errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST; | 5522 errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST; |
5523 goto alert_loser; | 5523 goto alert_loser; |
5524 } | 5524 } |
5525 | 5525 |
5526 PORT_Assert(ss->ssl3.clientCertChain == NULL); | 5526 PORT_Assert(ss->ssl3.clientCertChain == NULL); |
5527 PORT_Assert(ss->ssl3.clientCertificate == NULL); | 5527 PORT_Assert(ss->ssl3.clientCertificate == NULL); |
5528 PORT_Assert(ss->ssl3.clientPrivateKey == NULL); | 5528 PORT_Assert(ss->ssl3.clientPrivateKey == NULL); |
5529 #ifdef NSS_PLATFORM_CLIENT_AUTH | 5529 #ifdef NSS_PLATFORM_CLIENT_AUTH |
5530 PORT_Assert(ss->ssl3.platformClientKey == (PlatformKey)NULL); | 5530 PORT_Assert(ss->ssl3.platformClientKey == (PlatformKey)NULL); |
5531 #endif /* NSS_PLATFORM_CLIENT_AUTH */ | 5531 #endif /* NSS_PLATFORM_CLIENT_AUTH */ |
5532 | 5532 |
5533 isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0); | 5533 isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0); |
5534 rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length); | 5534 rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length); |
5535 if (rv != SECSuccess) | 5535 if (rv != SECSuccess) |
5536 goto loser; /* malformed, alert has been sent */ | 5536 goto loser; /* malformed, alert has been sent */ |
5537 | 5537 |
5538 arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | 5538 arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
5539 if (arena == NULL) | 5539 if (arena == NULL) |
5540 goto no_mem; | 5540 goto no_mem; |
5541 | 5541 |
(...skipping 4273 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
9815 ssl3_DestroySSL3Info(sslSocket *ss) | 9815 ssl3_DestroySSL3Info(sslSocket *ss) |
9816 { | 9816 { |
9817 | 9817 |
9818 if (ss->ssl3.clientCertificate != NULL) | 9818 if (ss->ssl3.clientCertificate != NULL) |
9819 CERT_DestroyCertificate(ss->ssl3.clientCertificate); | 9819 CERT_DestroyCertificate(ss->ssl3.clientCertificate); |
9820 | 9820 |
9821 if (ss->ssl3.clientPrivateKey != NULL) | 9821 if (ss->ssl3.clientPrivateKey != NULL) |
9822 SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey); | 9822 SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey); |
9823 #ifdef NSS_PLATFORM_CLIENT_AUTH | 9823 #ifdef NSS_PLATFORM_CLIENT_AUTH |
9824 if (ss->ssl3.platformClientKey) | 9824 if (ss->ssl3.platformClientKey) |
9825 » ssl_FreePlatformKey(ss->ssl3.platformClientKey); | 9825 » ssl_FreePlatformKey(ss->ssl3.platformClientKey); |
9826 #endif /* NSS_PLATFORM_CLIENT_AUTH */ | 9826 #endif /* NSS_PLATFORM_CLIENT_AUTH */ |
9827 | 9827 |
9828 if (ss->ssl3.peerCertArena != NULL) | 9828 if (ss->ssl3.peerCertArena != NULL) |
9829 ssl3_CleanupPeerCerts(ss); | 9829 ssl3_CleanupPeerCerts(ss); |
9830 | 9830 |
9831 if (ss->ssl3.clientCertChain != NULL) { | 9831 if (ss->ssl3.clientCertChain != NULL) { |
9832 CERT_DestroyCertificateList(ss->ssl3.clientCertChain); | 9832 CERT_DestroyCertificateList(ss->ssl3.clientCertChain); |
9833 ss->ssl3.clientCertChain = NULL; | 9833 ss->ssl3.clientCertChain = NULL; |
9834 } | 9834 } |
9835 | 9835 |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
9878 | 9878 |
9879 ss->ssl3.initialized = PR_FALSE; | 9879 ss->ssl3.initialized = PR_FALSE; |
9880 | 9880 |
9881 if (ss->ssl3.nextProto.data) { | 9881 if (ss->ssl3.nextProto.data) { |
9882 PORT_Free(ss->ssl3.nextProto.data); | 9882 PORT_Free(ss->ssl3.nextProto.data); |
9883 ss->ssl3.nextProto.data = NULL; | 9883 ss->ssl3.nextProto.data = NULL; |
9884 } | 9884 } |
9885 } | 9885 } |
9886 | 9886 |
9887 /* End of ssl3con.c */ | 9887 /* End of ssl3con.c */ |
OLD | NEW |