OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 12405 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
12416 pref = suite->enabled; | 12416 pref = suite->enabled; |
12417 rv = SECSuccess; | 12417 rv = SECSuccess; |
12418 } else { | 12418 } else { |
12419 pref = SSL_NOT_ALLOWED; | 12419 pref = SSL_NOT_ALLOWED; |
12420 rv = SECFailure; /* err code was set by Lookup. */ | 12420 rv = SECFailure; /* err code was set by Lookup. */ |
12421 } | 12421 } |
12422 *enabled = pref; | 12422 *enabled = pref; |
12423 return rv; | 12423 return rv; |
12424 } | 12424 } |
12425 | 12425 |
| 12426 SECStatus |
| 12427 ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciphers, unsigned int
len) |
| 12428 { |
| 12429 unsigned int i; |
| 12430 |
| 12431 for (i = 0; i < len; i++) { |
| 12432 PRUint16 id = ciphers[i]; |
| 12433 unsigned int existingIndex, j; |
| 12434 PRBool found = PR_FALSE; |
| 12435 |
| 12436 for (j = i; j < ssl_V3_SUITES_IMPLEMENTED; j++) { |
| 12437 if (ss->cipherSuites[j].cipher_suite == id) { |
| 12438 existingIndex = j; |
| 12439 found = PR_TRUE; |
| 12440 break; |
| 12441 } |
| 12442 } |
| 12443 |
| 12444 if (!found) { |
| 12445 PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); |
| 12446 return SECFailure; |
| 12447 } |
| 12448 |
| 12449 if (existingIndex != i) { |
| 12450 const ssl3CipherSuiteCfg temp = ss->cipherSuites[i]; |
| 12451 ss->cipherSuites[i] = ss->cipherSuites[existingIndex]; |
| 12452 ss->cipherSuites[existingIndex] = temp; |
| 12453 } |
| 12454 } |
| 12455 |
| 12456 /* Disable all cipher suites that weren't included. */ |
| 12457 for (; i < ssl_V3_SUITES_IMPLEMENTED; i++) { |
| 12458 ss->cipherSuites[i].enabled = 0; |
| 12459 } |
| 12460 |
| 12461 return SECSuccess; |
| 12462 } |
| 12463 |
12426 /* copy global default policy into socket. */ | 12464 /* copy global default policy into socket. */ |
12427 void | 12465 void |
12428 ssl3_InitSocketPolicy(sslSocket *ss) | 12466 ssl3_InitSocketPolicy(sslSocket *ss) |
12429 { | 12467 { |
12430 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites); | 12468 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites); |
12431 } | 12469 } |
12432 | 12470 |
12433 SECStatus | 12471 SECStatus |
12434 ssl3_GetTLSUniqueChannelBinding(sslSocket *ss, | 12472 ssl3_GetTLSUniqueChannelBinding(sslSocket *ss, |
12435 unsigned char *out, | 12473 unsigned char *out, |
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
12648 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12686 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12649 } | 12687 } |
12650 } | 12688 } |
12651 | 12689 |
12652 ss->ssl3.initialized = PR_FALSE; | 12690 ss->ssl3.initialized = PR_FALSE; |
12653 | 12691 |
12654 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12692 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12655 } | 12693 } |
12656 | 12694 |
12657 /* End of ssl3con.c */ | 12695 /* End of ssl3con.c */ |
OLD | NEW |