| OLD | NEW |
|---|
| 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
| 2 /* | 2 /* |
| 3 * SSL3 Protocol | 3 * SSL3 Protocol |
| 4 * | 4 * |
| 5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
| 6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 8 | 8 |
| 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
| 10 | 10 |
| (...skipping 5355 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5366 if (ss->ssl3.hs.sendingSCSV) { | 5366 if (ss->ssl3.hs.sendingSCSV) { |
| 5367 /* Add the actual SCSV */ | 5367 /* Add the actual SCSV */ |
| 5368 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, | 5368 rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, |
| 5369 sizeof(ssl3CipherSuite)); | 5369 sizeof(ssl3CipherSuite)); |
| 5370 if (rv != SECSuccess) { | 5370 if (rv != SECSuccess) { |
| 5371 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } | 5371 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
| 5372 return rv; /* err set by ssl3_AppendHandshake* */ | 5372 return rv; /* err set by ssl3_AppendHandshake* */ |
| 5373 } | 5373 } |
| 5374 actual_count++; | 5374 actual_count++; |
| 5375 } | 5375 } |
| 5376 if (fallbackSCSV) { | 5376 |
| 5377 » rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, | |
| 5378 » » » » » sizeof(ssl3CipherSuite)); | |
| 5379 » if (rv != SECSuccess) { | |
| 5380 » if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } | |
| 5381 » return rv;» /* err set by ssl3_AppendHandshake* */ | |
| 5382 » } | |
| 5383 » actual_count++; | |
| 5384 } | |
| 5385 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { | 5377 for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
| 5386 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; | 5378 ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i]; |
| 5387 if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) { | 5379 if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) { |
| 5388 actual_count++; | 5380 actual_count++; |
| 5389 if (actual_count > num_suites) { | 5381 if (actual_count > num_suites) { |
| 5390 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock);
} | 5382 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock);
} |
| 5391 /* set error card removal/insertion error */ | 5383 /* set error card removal/insertion error */ |
| 5392 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); | 5384 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); |
| 5393 return SECFailure; | 5385 return SECFailure; |
| 5394 } | 5386 } |
| 5395 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, | 5387 rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, |
| 5396 sizeof(ssl3CipherSuite)); | 5388 sizeof(ssl3CipherSuite)); |
| 5397 if (rv != SECSuccess) { | 5389 if (rv != SECSuccess) { |
| 5398 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock);
} | 5390 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock);
} |
| 5399 return rv; /* err set by ssl3_AppendHandshake* */ | 5391 return rv; /* err set by ssl3_AppendHandshake* */ |
| 5400 } | 5392 } |
| 5401 } | 5393 } |
| 5402 } | 5394 } |
| 5403 | 5395 |
| 5396 if (fallbackSCSV) { |
| 5397 rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, |
| 5398 sizeof(ssl3CipherSuite)); |
| 5399 if (rv != SECSuccess) { |
| 5400 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
| 5401 return rv; /* err set by ssl3_AppendHandshake* */ |
| 5402 } |
| 5403 actual_count++; |
| 5404 } |
| 5405 |
| 5404 /* if cards were removed or inserted between count_cipher_suites and | 5406 /* if cards were removed or inserted between count_cipher_suites and |
| 5405 * generating our list, detect the error here rather than send it off to | 5407 * generating our list, detect the error here rather than send it off to |
| 5406 * the server.. */ | 5408 * the server.. */ |
| 5407 if (actual_count != num_suites) { | 5409 if (actual_count != num_suites) { |
| 5408 /* Card removal/insertion error */ | 5410 /* Card removal/insertion error */ |
| 5409 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } | 5411 if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } |
| 5410 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); | 5412 PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); |
| 5411 return SECFailure; | 5413 return SECFailure; |
| 5412 } | 5414 } |
| 5413 | 5415 |
| (...skipping 7435 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 12849 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12851 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
| 12850 } | 12852 } |
| 12851 } | 12853 } |
| 12852 | 12854 |
| 12853 ss->ssl3.initialized = PR_FALSE; | 12855 ss->ssl3.initialized = PR_FALSE; |
| 12854 | 12856 |
| 12855 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12857 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 12856 } | 12858 } |
| 12857 | 12859 |
| 12858 /* End of ssl3con.c */ | 12860 /* End of ssl3con.c */ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 683113005:
Update from chromium https://crrev.com/302282 (Closed)
Base URL: git@github.com:domokit/mojo.git@master