OLD | NEW |
---|---|
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 10694 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
10705 rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); | 10705 rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); |
10706 if (rv != SECSuccess) | 10706 if (rv != SECSuccess) |
10707 goto loser; /* error code set by AppendHandshake */ | 10707 goto loser; /* error code set by AppendHandshake */ |
10708 rv = ssl3_AppendHandshakeNumber(ss, CHANNEL_ID_LENGTH, 2); | 10708 rv = ssl3_AppendHandshakeNumber(ss, CHANNEL_ID_LENGTH, 2); |
10709 if (rv != SECSuccess) | 10709 if (rv != SECSuccess) |
10710 goto loser; /* error code set by AppendHandshake */ | 10710 goto loser; /* error code set by AppendHandshake */ |
10711 | 10711 |
10712 spki = SECKEY_EncodeDERSubjectPublicKeyInfo(ss->ssl3.channelIDPub); | 10712 spki = SECKEY_EncodeDERSubjectPublicKeyInfo(ss->ssl3.channelIDPub); |
10713 | 10713 |
10714 if (spki->len != sizeof(P256_SPKI_PREFIX) + CHANNEL_ID_PUBLIC_KEY_LENGTH || | 10714 if (spki->len != sizeof(P256_SPKI_PREFIX) + CHANNEL_ID_PUBLIC_KEY_LENGTH || |
10715 » memcmp(spki->data, P256_SPKI_PREFIX, sizeof(P256_SPKI_PREFIX) != 0)) { | 10715 » memcmp(spki->data, P256_SPKI_PREFIX, sizeof(P256_SPKI_PREFIX)) != 0) { |
wtc
2013/12/03 01:27:33
So we were comparing only one byte :-(
| |
10716 PORT_SetError(SSL_ERROR_INVALID_CHANNEL_ID_KEY); | 10716 PORT_SetError(SSL_ERROR_INVALID_CHANNEL_ID_KEY); |
10717 rv = SECFailure; | 10717 rv = SECFailure; |
10718 goto loser; | 10718 goto loser; |
10719 } | 10719 } |
10720 | 10720 |
10721 pub_bytes = spki->data + sizeof(P256_SPKI_PREFIX); | 10721 pub_bytes = spki->data + sizeof(P256_SPKI_PREFIX); |
10722 | 10722 |
10723 signed_data_len = 0; | 10723 signed_data_len = 0; |
10724 memcpy(signed_data + signed_data_len, CHANNEL_ID_MAGIC, | 10724 memcpy(signed_data + signed_data_len, CHANNEL_ID_MAGIC, |
10725 sizeof(CHANNEL_ID_MAGIC)); | 10725 sizeof(CHANNEL_ID_MAGIC)); |
(...skipping 1922 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
12648 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12648 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12649 } | 12649 } |
12650 } | 12650 } |
12651 | 12651 |
12652 ss->ssl3.initialized = PR_FALSE; | 12652 ss->ssl3.initialized = PR_FALSE; |
12653 | 12653 |
12654 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12654 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12655 } | 12655 } |
12656 | 12656 |
12657 /* End of ssl3con.c */ | 12657 /* End of ssl3con.c */ |
OLD | NEW |