OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
9 | 9 |
10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
(...skipping 2304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2315 if (extensionLength < 4) { | 2315 if (extensionLength < 4) { |
2316 extensionLength = 4; | 2316 extensionLength = 4; |
2317 } | 2317 } |
2318 | 2318 |
2319 return extensionLength; | 2319 return extensionLength; |
2320 } | 2320 } |
2321 | 2321 |
2322 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a | 2322 /* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a |
2323 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures | 2323 * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures |
2324 * that we don't trigger bugs in F5 products. */ | 2324 * that we don't trigger bugs in F5 products. */ |
2325 unsigned int | 2325 PRInt32 |
2326 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, | 2326 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen, |
2327 PRUint32 maxBytes) | 2327 PRUint32 maxBytes) |
2328 { | 2328 { |
2329 unsigned int paddingLen = extensionLen - 4; | 2329 unsigned int paddingLen = extensionLen - 4; |
2330 unsigned char padding[256]; | 2330 unsigned char padding[256]; |
2331 | 2331 |
2332 if (extensionLen == 0) { | 2332 if (extensionLen == 0) { |
2333 return 0; | 2333 return 0; |
2334 } | 2334 } |
2335 | 2335 |
2336 if (extensionLen < 4 || | 2336 if (extensionLen < 4 || |
2337 extensionLen > maxBytes || | 2337 extensionLen > maxBytes || |
2338 paddingLen > sizeof(padding)) { | 2338 paddingLen > sizeof(padding)) { |
2339 PORT_Assert(0); | 2339 PORT_Assert(0); |
2340 » return 0; | 2340 » return -1; |
2341 } | 2341 } |
2342 | 2342 |
2343 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) | 2343 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, ssl_padding_xtn, 2)) |
2344 return -1; | 2344 return -1; |
2345 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) | 2345 if (SECSuccess != ssl3_AppendHandshakeNumber(ss, paddingLen, 2)) |
2346 return -1; | 2346 return -1; |
2347 memset(padding, ' ', paddingLen); | 2347 memset(padding, ' ', paddingLen); |
2348 if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) | 2348 if (SECSuccess != ssl3_AppendHandshake(ss, padding, paddingLen)) |
2349 return -1; | 2349 return -1; |
2350 | 2350 |
2351 return extensionLen; | 2351 return extensionLen; |
2352 } | 2352 } |
OLD | NEW |