1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/ssl/sslsock.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,2992 @@
1.4 +/*
1.5 + * vtables (and methods that call through them) for the 4 types of
1.6 + * SSLSockets supported. Only one type is still supported.
1.7 + * Various other functions.
1.8 + *
1.9 + * This Source Code Form is subject to the terms of the Mozilla Public
1.10 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.11 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.12 +#include "seccomon.h"
1.13 +#include "cert.h"
1.14 +#include "keyhi.h"
1.15 +#include "ssl.h"
1.16 +#include "sslimpl.h"
1.17 +#include "sslproto.h"
1.18 +#include "nspr.h"
1.19 +#include "private/pprio.h"
1.20 +#ifndef NO_PKCS11_BYPASS
1.21 +#include "blapi.h"
1.22 +#endif
1.23 +#include "nss.h"
1.24 +
1.25 +#define SET_ERROR_CODE /* reminder */
1.26 +
1.27 +static const sslSocketOps ssl_default_ops = { /* No SSL. */
1.28 + ssl_DefConnect,
1.29 + NULL,
1.30 + ssl_DefBind,
1.31 + ssl_DefListen,
1.32 + ssl_DefShutdown,
1.33 + ssl_DefClose,
1.34 + ssl_DefRecv,
1.35 + ssl_DefSend,
1.36 + ssl_DefRead,
1.37 + ssl_DefWrite,
1.38 + ssl_DefGetpeername,
1.39 + ssl_DefGetsockname
1.40 +};
1.41 +
1.42 +static const sslSocketOps ssl_secure_ops = { /* SSL. */
1.43 + ssl_SecureConnect,
1.44 + NULL,
1.45 + ssl_DefBind,
1.46 + ssl_DefListen,
1.47 + ssl_SecureShutdown,
1.48 + ssl_SecureClose,
1.49 + ssl_SecureRecv,
1.50 + ssl_SecureSend,
1.51 + ssl_SecureRead,
1.52 + ssl_SecureWrite,
1.53 + ssl_DefGetpeername,
1.54 + ssl_DefGetsockname
1.55 +};
1.56 +
1.57 +/*
1.58 +** default settings for socket enables
1.59 +*/
1.60 +static sslOptions ssl_defaults = {
1.61 + { siBuffer, NULL, 0 }, /* nextProtoNego */
1.62 + PR_TRUE, /* useSecurity */
1.63 + PR_FALSE, /* useSocks */
1.64 + PR_FALSE, /* requestCertificate */
1.65 + 2, /* requireCertificate */
1.66 + PR_FALSE, /* handshakeAsClient */
1.67 + PR_FALSE, /* handshakeAsServer */
1.68 + PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */
1.69 + PR_FALSE, /* unusedBit9 */
1.70 + PR_FALSE, /* unusedBit10 */
1.71 + PR_FALSE, /* noCache */
1.72 + PR_FALSE, /* fdx */
1.73 + PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */
1.74 + PR_TRUE, /* detectRollBack */
1.75 + PR_FALSE, /* noStepDown */
1.76 + PR_FALSE, /* bypassPKCS11 */
1.77 + PR_FALSE, /* noLocks */
1.78 + PR_FALSE, /* enableSessionTickets */
1.79 + PR_FALSE, /* enableDeflate */
1.80 + 2, /* enableRenegotiation (default: requires extension) */
1.81 + PR_FALSE, /* requireSafeNegotiation */
1.82 + PR_FALSE, /* enableFalseStart */
1.83 + PR_TRUE, /* cbcRandomIV */
1.84 + PR_FALSE, /* enableOCSPStapling */
1.85 + PR_TRUE, /* enableNPN */
1.86 + PR_FALSE, /* enableALPN */
1.87 + PR_FALSE, /* dummy */
1.88 + PR_FALSE /* enableFallbackSCSV */
1.89 +};
1.90 +
1.91 +/*
1.92 + * default range of enabled SSL/TLS protocols
1.93 + */
1.94 +static SSLVersionRange versions_defaults_stream = {
1.95 + SSL_LIBRARY_VERSION_3_0,
1.96 + SSL_LIBRARY_VERSION_TLS_1_0
1.97 +};
1.98 +
1.99 +static SSLVersionRange versions_defaults_datagram = {
1.100 + SSL_LIBRARY_VERSION_TLS_1_1,
1.101 + SSL_LIBRARY_VERSION_TLS_1_1
1.102 +};
1.103 +
1.104 +#define VERSIONS_DEFAULTS(variant) \
1.105 + (variant == ssl_variant_stream ? &versions_defaults_stream : \
1.106 + &versions_defaults_datagram)
1.107 +
1.108 +sslSessionIDLookupFunc ssl_sid_lookup;
1.109 +sslSessionIDCacheFunc ssl_sid_cache;
1.110 +sslSessionIDUncacheFunc ssl_sid_uncache;
1.111 +
1.112 +static PRBool ssl_inited = PR_FALSE;
1.113 +static PRDescIdentity ssl_layer_id;
1.114 +
1.115 +PRBool locksEverDisabled; /* implicitly PR_FALSE */
1.116 +PRBool ssl_force_locks; /* implicitly PR_FALSE */
1.117 +int ssl_lock_readers = 1; /* default true. */
1.118 +char ssl_debug;
1.119 +char ssl_trace;
1.120 +FILE * ssl_trace_iob;
1.121 +FILE * ssl_keylog_iob;
1.122 +char lockStatus[] = "Locks are ENABLED. ";
1.123 +#define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */
1.124 +
1.125 +/* SRTP_NULL_HMAC_SHA1_80 and SRTP_NULL_HMAC_SHA1_32 are not implemented. */
1.126 +static const PRUint16 srtpCiphers[] = {
1.127 + SRTP_AES128_CM_HMAC_SHA1_80,
1.128 + SRTP_AES128_CM_HMAC_SHA1_32,
1.129 + 0
1.130 +};
1.131 +
1.132 +/* forward declarations. */
1.133 +static sslSocket *ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant variant);
1.134 +static SECStatus ssl_MakeLocks(sslSocket *ss);
1.135 +static void ssl_SetDefaultsFromEnvironment(void);
1.136 +static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack,
1.137 + PRDescIdentity id);
1.138 +
1.139 +/************************************************************************/
1.140 +
1.141 +/*
1.142 +** Lookup a socket structure from a file descriptor.
1.143 +** Only functions called through the PRIOMethods table should use this.
1.144 +** Other app-callable functions should use ssl_FindSocket.
1.145 +*/
1.146 +static sslSocket *
1.147 +ssl_GetPrivate(PRFileDesc *fd)
1.148 +{
1.149 + sslSocket *ss;
1.150 +
1.151 + PORT_Assert(fd != NULL);
1.152 + PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED);
1.153 + PORT_Assert(fd->identity == ssl_layer_id);
1.154 +
1.155 + if (fd->methods->file_type != PR_DESC_LAYERED ||
1.156 + fd->identity != ssl_layer_id) {
1.157 + PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
1.158 + return NULL;
1.159 + }
1.160 +
1.161 + ss = (sslSocket *)fd->secret;
1.162 + /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
1.163 + * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
1.164 + * contents of the PRFileDesc pointed by ss->fd and the new layer.
1.165 + * See bug 807250.
1.166 + */
1.167 + ss->fd = fd;
1.168 + return ss;
1.169 +}
1.170 +
1.171 +/* This function tries to find the SSL layer in the stack.
1.172 + * It searches for the first SSL layer at or below the argument fd,
1.173 + * and failing that, it searches for the nearest SSL layer above the
1.174 + * argument fd. It returns the private sslSocket from the found layer.
1.175 + */
1.176 +sslSocket *
1.177 +ssl_FindSocket(PRFileDesc *fd)
1.178 +{
1.179 + PRFileDesc *layer;
1.180 + sslSocket *ss;
1.181 +
1.182 + PORT_Assert(fd != NULL);
1.183 + PORT_Assert(ssl_layer_id != 0);
1.184 +
1.185 + layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
1.186 + if (layer == NULL) {
1.187 + PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
1.188 + return NULL;
1.189 + }
1.190 +
1.191 + ss = (sslSocket *)layer->secret;
1.192 + /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
1.193 + * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
1.194 + * contents of the PRFileDesc pointed by ss->fd and the new layer.
1.195 + * See bug 807250.
1.196 + */
1.197 + ss->fd = layer;
1.198 + return ss;
1.199 +}
1.200 +
1.201 +static sslSocket *
1.202 +ssl_DupSocket(sslSocket *os)
1.203 +{
1.204 + sslSocket *ss;
1.205 + SECStatus rv;
1.206 +
1.207 + ss = ssl_NewSocket((PRBool)(!os->opt.noLocks), os->protocolVariant);
1.208 + if (ss) {
1.209 + ss->opt = os->opt;
1.210 + ss->opt.useSocks = PR_FALSE;
1.211 + ss->vrange = os->vrange;
1.212 +
1.213 + ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
1.214 + ss->url = !os->url ? NULL : PORT_Strdup(os->url);
1.215 +
1.216 + ss->ops = os->ops;
1.217 + ss->rTimeout = os->rTimeout;
1.218 + ss->wTimeout = os->wTimeout;
1.219 + ss->cTimeout = os->cTimeout;
1.220 + ss->dbHandle = os->dbHandle;
1.221 +
1.222 + /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */
1.223 + ss->allowedByPolicy = os->allowedByPolicy;
1.224 + ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy;
1.225 + ss->chosenPreference = os->chosenPreference;
1.226 + PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
1.227 + PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, os->ssl3.dtlsSRTPCiphers,
1.228 + sizeof(PRUint16) * os->ssl3.dtlsSRTPCipherCount);
1.229 + ss->ssl3.dtlsSRTPCipherCount = os->ssl3.dtlsSRTPCipherCount;
1.230 +
1.231 + if (os->cipherSpecs) {
1.232 + ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
1.233 + if (ss->cipherSpecs)
1.234 + PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs,
1.235 + os->sizeCipherSpecs);
1.236 + ss->sizeCipherSpecs = os->sizeCipherSpecs;
1.237 + ss->preferredCipher = os->preferredCipher;
1.238 + } else {
1.239 + ss->cipherSpecs = NULL; /* produced lazily */
1.240 + ss->sizeCipherSpecs = 0;
1.241 + ss->preferredCipher = NULL;
1.242 + }
1.243 + if (ss->opt.useSecurity) {
1.244 + /* This int should be SSLKEAType, but CC on Irix complains,
1.245 + * during the for loop.
1.246 + */
1.247 + int i;
1.248 + sslServerCerts * oc = os->serverCerts;
1.249 + sslServerCerts * sc = ss->serverCerts;
1.250 +
1.251 + for (i=kt_null; i < kt_kea_size; i++, oc++, sc++) {
1.252 + if (oc->serverCert && oc->serverCertChain) {
1.253 + sc->serverCert = CERT_DupCertificate(oc->serverCert);
1.254 + sc->serverCertChain = CERT_DupCertList(oc->serverCertChain);
1.255 + if (!sc->serverCertChain)
1.256 + goto loser;
1.257 + } else {
1.258 + sc->serverCert = NULL;
1.259 + sc->serverCertChain = NULL;
1.260 + }
1.261 + sc->serverKeyPair = oc->serverKeyPair ?
1.262 + ssl3_GetKeyPairRef(oc->serverKeyPair) : NULL;
1.263 + if (oc->serverKeyPair && !sc->serverKeyPair)
1.264 + goto loser;
1.265 + sc->serverKeyBits = oc->serverKeyBits;
1.266 + ss->certStatusArray[i] = !os->certStatusArray[i] ? NULL :
1.267 + SECITEM_DupArray(NULL, os->certStatusArray[i]);
1.268 + }
1.269 + ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
1.270 + ssl3_GetKeyPairRef(os->stepDownKeyPair);
1.271 + ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL :
1.272 + ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair);
1.273 +/*
1.274 + * XXX the preceding CERT_ and SECKEY_ functions can fail and return NULL.
1.275 + * XXX We should detect this, and not just march on with NULL pointers.
1.276 + */
1.277 + ss->authCertificate = os->authCertificate;
1.278 + ss->authCertificateArg = os->authCertificateArg;
1.279 + ss->getClientAuthData = os->getClientAuthData;
1.280 + ss->getClientAuthDataArg = os->getClientAuthDataArg;
1.281 + ss->sniSocketConfig = os->sniSocketConfig;
1.282 + ss->sniSocketConfigArg = os->sniSocketConfigArg;
1.283 + ss->handleBadCert = os->handleBadCert;
1.284 + ss->badCertArg = os->badCertArg;
1.285 + ss->handshakeCallback = os->handshakeCallback;
1.286 + ss->handshakeCallbackData = os->handshakeCallbackData;
1.287 + ss->canFalseStartCallback = os->canFalseStartCallback;
1.288 + ss->canFalseStartCallbackData = os->canFalseStartCallbackData;
1.289 + ss->pkcs11PinArg = os->pkcs11PinArg;
1.290 +
1.291 + /* Create security data */
1.292 + rv = ssl_CopySecurityInfo(ss, os);
1.293 + if (rv != SECSuccess) {
1.294 + goto loser;
1.295 + }
1.296 + }
1.297 + }
1.298 + return ss;
1.299 +
1.300 +loser:
1.301 + ssl_FreeSocket(ss);
1.302 + return NULL;
1.303 +}
1.304 +
1.305 +static void
1.306 +ssl_DestroyLocks(sslSocket *ss)
1.307 +{
1.308 + /* Destroy locks. */
1.309 + if (ss->firstHandshakeLock) {
1.310 + PZ_DestroyMonitor(ss->firstHandshakeLock);
1.311 + ss->firstHandshakeLock = NULL;
1.312 + }
1.313 + if (ss->ssl3HandshakeLock) {
1.314 + PZ_DestroyMonitor(ss->ssl3HandshakeLock);
1.315 + ss->ssl3HandshakeLock = NULL;
1.316 + }
1.317 + if (ss->specLock) {
1.318 + NSSRWLock_Destroy(ss->specLock);
1.319 + ss->specLock = NULL;
1.320 + }
1.321 +
1.322 + if (ss->recvLock) {
1.323 + PZ_DestroyLock(ss->recvLock);
1.324 + ss->recvLock = NULL;
1.325 + }
1.326 + if (ss->sendLock) {
1.327 + PZ_DestroyLock(ss->sendLock);
1.328 + ss->sendLock = NULL;
1.329 + }
1.330 + if (ss->xmitBufLock) {
1.331 + PZ_DestroyMonitor(ss->xmitBufLock);
1.332 + ss->xmitBufLock = NULL;
1.333 + }
1.334 + if (ss->recvBufLock) {
1.335 + PZ_DestroyMonitor(ss->recvBufLock);
1.336 + ss->recvBufLock = NULL;
1.337 + }
1.338 +}
1.339 +
1.340 +/* Caller holds any relevant locks */
1.341 +static void
1.342 +ssl_DestroySocketContents(sslSocket *ss)
1.343 +{
1.344 + /* "i" should be of type SSLKEAType, but CC on IRIX complains during
1.345 + * the for loop.
1.346 + */
1.347 + int i;
1.348 +
1.349 + /* Free up socket */
1.350 + ssl_DestroySecurityInfo(&ss->sec);
1.351 +
1.352 + ssl3_DestroySSL3Info(ss);
1.353 +
1.354 + PORT_Free(ss->saveBuf.buf);
1.355 + PORT_Free(ss->pendingBuf.buf);
1.356 + ssl_DestroyGather(&ss->gs);
1.357 +
1.358 + if (ss->peerID != NULL)
1.359 + PORT_Free(ss->peerID);
1.360 + if (ss->url != NULL)
1.361 + PORT_Free((void *)ss->url); /* CONST */
1.362 + if (ss->cipherSpecs) {
1.363 + PORT_Free(ss->cipherSpecs);
1.364 + ss->cipherSpecs = NULL;
1.365 + ss->sizeCipherSpecs = 0;
1.366 + }
1.367 +
1.368 + /* Clean up server configuration */
1.369 + for (i=kt_null; i < kt_kea_size; i++) {
1.370 + sslServerCerts * sc = ss->serverCerts + i;
1.371 + if (sc->serverCert != NULL)
1.372 + CERT_DestroyCertificate(sc->serverCert);
1.373 + if (sc->serverCertChain != NULL)
1.374 + CERT_DestroyCertificateList(sc->serverCertChain);
1.375 + if (sc->serverKeyPair != NULL)
1.376 + ssl3_FreeKeyPair(sc->serverKeyPair);
1.377 + if (ss->certStatusArray[i] != NULL) {
1.378 + SECITEM_FreeArray(ss->certStatusArray[i], PR_TRUE);
1.379 + ss->certStatusArray[i] = NULL;
1.380 + }
1.381 + }
1.382 + if (ss->stepDownKeyPair) {
1.383 + ssl3_FreeKeyPair(ss->stepDownKeyPair);
1.384 + ss->stepDownKeyPair = NULL;
1.385 + }
1.386 + if (ss->ephemeralECDHKeyPair) {
1.387 + ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
1.388 + ss->ephemeralECDHKeyPair = NULL;
1.389 + }
1.390 + SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE);
1.391 + PORT_Assert(!ss->xtnData.sniNameArr);
1.392 + if (ss->xtnData.sniNameArr) {
1.393 + PORT_Free(ss->xtnData.sniNameArr);
1.394 + ss->xtnData.sniNameArr = NULL;
1.395 + }
1.396 +}
1.397 +
1.398 +/*
1.399 + * free an sslSocket struct, and all the stuff that hangs off of it
1.400 + */
1.401 +void
1.402 +ssl_FreeSocket(sslSocket *ss)
1.403 +{
1.404 +/* Get every lock you can imagine!
1.405 +** Caller already holds these:
1.406 +** SSL_LOCK_READER(ss);
1.407 +** SSL_LOCK_WRITER(ss);
1.408 +*/
1.409 + ssl_Get1stHandshakeLock(ss);
1.410 + ssl_GetRecvBufLock(ss);
1.411 + ssl_GetSSL3HandshakeLock(ss);
1.412 + ssl_GetXmitBufLock(ss);
1.413 + ssl_GetSpecWriteLock(ss);
1.414 +
1.415 + ssl_DestroySocketContents(ss);
1.416 +
1.417 + /* Release all the locks acquired above. */
1.418 + SSL_UNLOCK_READER(ss);
1.419 + SSL_UNLOCK_WRITER(ss);
1.420 + ssl_Release1stHandshakeLock(ss);
1.421 + ssl_ReleaseRecvBufLock(ss);
1.422 + ssl_ReleaseSSL3HandshakeLock(ss);
1.423 + ssl_ReleaseXmitBufLock(ss);
1.424 + ssl_ReleaseSpecWriteLock(ss);
1.425 +
1.426 + ssl_DestroyLocks(ss);
1.427 +
1.428 +#ifdef DEBUG
1.429 + PORT_Memset(ss, 0x1f, sizeof *ss);
1.430 +#endif
1.431 + PORT_Free(ss);
1.432 + return;
1.433 +}
1.434 +
1.435 +/************************************************************************/
1.436 +SECStatus
1.437 +ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
1.438 +{
1.439 + PRFileDesc * osfd = ss->fd->lower;
1.440 + SECStatus rv = SECFailure;
1.441 + PRSocketOptionData opt;
1.442 +
1.443 + opt.option = PR_SockOpt_NoDelay;
1.444 + opt.value.no_delay = (PRBool)!enabled;
1.445 +
1.446 + if (osfd->methods->setsocketoption) {
1.447 + rv = (SECStatus) osfd->methods->setsocketoption(osfd, &opt);
1.448 + } else {
1.449 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.450 + }
1.451 +
1.452 + return rv;
1.453 +}
1.454 +
1.455 +static void
1.456 +ssl_ChooseOps(sslSocket *ss)
1.457 +{
1.458 + ss->ops = ss->opt.useSecurity ? &ssl_secure_ops : &ssl_default_ops;
1.459 +}
1.460 +
1.461 +/* Called from SSL_Enable (immediately below) */
1.462 +static SECStatus
1.463 +PrepareSocket(sslSocket *ss)
1.464 +{
1.465 + SECStatus rv = SECSuccess;
1.466 +
1.467 + ssl_ChooseOps(ss);
1.468 + return rv;
1.469 +}
1.470 +
1.471 +SECStatus
1.472 +SSL_Enable(PRFileDesc *fd, int which, PRBool on)
1.473 +{
1.474 + return SSL_OptionSet(fd, which, on);
1.475 +}
1.476 +
1.477 +#ifndef NO_PKCS11_BYPASS
1.478 +static const PRCallOnceType pristineCallOnce;
1.479 +static PRCallOnceType setupBypassOnce;
1.480 +
1.481 +static SECStatus SSL_BypassShutdown(void* appData, void* nssData)
1.482 +{
1.483 + /* unload freeBL shared library from memory */
1.484 + BL_Unload();
1.485 + setupBypassOnce = pristineCallOnce;
1.486 + return SECSuccess;
1.487 +}
1.488 +
1.489 +static PRStatus SSL_BypassRegisterShutdown(void)
1.490 +{
1.491 + SECStatus rv = NSS_RegisterShutdown(SSL_BypassShutdown, NULL);
1.492 + PORT_Assert(SECSuccess == rv);
1.493 + return SECSuccess == rv ? PR_SUCCESS : PR_FAILURE;
1.494 +}
1.495 +#endif
1.496 +
1.497 +static PRStatus SSL_BypassSetup(void)
1.498 +{
1.499 +#ifdef NO_PKCS11_BYPASS
1.500 + /* Guarantee binary compatibility */
1.501 + return PR_SUCCESS;
1.502 +#else
1.503 + return PR_CallOnce(&setupBypassOnce, &SSL_BypassRegisterShutdown);
1.504 +#endif
1.505 +}
1.506 +
1.507 +/* Implements the semantics for SSL_OptionSet(SSL_ENABLE_TLS, on) described in
1.508 + * ssl.h in the section "SSL version range setting API".
1.509 + */
1.510 +static void
1.511 +ssl_EnableTLS(SSLVersionRange *vrange, PRBool on)
1.512 +{
1.513 + if (SSL3_ALL_VERSIONS_DISABLED(vrange)) {
1.514 + if (on) {
1.515 + vrange->min = SSL_LIBRARY_VERSION_TLS_1_0;
1.516 + vrange->max = SSL_LIBRARY_VERSION_TLS_1_0;
1.517 + } /* else don't change anything */
1.518 + return;
1.519 + }
1.520 +
1.521 + if (on) {
1.522 + /* Expand the range of enabled version to include TLS 1.0 */
1.523 + vrange->min = PR_MIN(vrange->min, SSL_LIBRARY_VERSION_TLS_1_0);
1.524 + vrange->max = PR_MAX(vrange->max, SSL_LIBRARY_VERSION_TLS_1_0);
1.525 + } else {
1.526 + /* Disable all TLS versions, leaving only SSL 3.0 if it was enabled */
1.527 + if (vrange->min == SSL_LIBRARY_VERSION_3_0) {
1.528 + vrange->max = SSL_LIBRARY_VERSION_3_0;
1.529 + } else {
1.530 + /* Only TLS was enabled, so now no versions are. */
1.531 + vrange->min = SSL_LIBRARY_VERSION_NONE;
1.532 + vrange->max = SSL_LIBRARY_VERSION_NONE;
1.533 + }
1.534 + }
1.535 +}
1.536 +
1.537 +/* Implements the semantics for SSL_OptionSet(SSL_ENABLE_SSL3, on) described in
1.538 + * ssl.h in the section "SSL version range setting API".
1.539 + */
1.540 +static void
1.541 +ssl_EnableSSL3(SSLVersionRange *vrange, PRBool on)
1.542 +{
1.543 + if (SSL3_ALL_VERSIONS_DISABLED(vrange)) {
1.544 + if (on) {
1.545 + vrange->min = SSL_LIBRARY_VERSION_3_0;
1.546 + vrange->max = SSL_LIBRARY_VERSION_3_0;
1.547 + } /* else don't change anything */
1.548 + return;
1.549 + }
1.550 +
1.551 + if (on) {
1.552 + /* Expand the range of enabled versions to include SSL 3.0. We know
1.553 + * SSL 3.0 or some version of TLS is already enabled at this point, so
1.554 + * we don't need to change vrange->max.
1.555 + */
1.556 + vrange->min = SSL_LIBRARY_VERSION_3_0;
1.557 + } else {
1.558 + /* Disable SSL 3.0, leaving TLS unaffected. */
1.559 + if (vrange->max > SSL_LIBRARY_VERSION_3_0) {
1.560 + vrange->min = PR_MAX(vrange->min, SSL_LIBRARY_VERSION_TLS_1_0);
1.561 + } else {
1.562 + /* Only SSL 3.0 was enabled, so now no versions are. */
1.563 + vrange->min = SSL_LIBRARY_VERSION_NONE;
1.564 + vrange->max = SSL_LIBRARY_VERSION_NONE;
1.565 + }
1.566 + }
1.567 +}
1.568 +
1.569 +SECStatus
1.570 +SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
1.571 +{
1.572 + sslSocket *ss = ssl_FindSocket(fd);
1.573 + SECStatus rv = SECSuccess;
1.574 + PRBool holdingLocks;
1.575 +
1.576 + if (!ss) {
1.577 + SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
1.578 + return SECFailure;
1.579 + }
1.580 +
1.581 + holdingLocks = (!ss->opt.noLocks);
1.582 + ssl_Get1stHandshakeLock(ss);
1.583 + ssl_GetSSL3HandshakeLock(ss);
1.584 +
1.585 + switch (which) {
1.586 + case SSL_SOCKS:
1.587 + ss->opt.useSocks = PR_FALSE;
1.588 + rv = PrepareSocket(ss);
1.589 + if (on) {
1.590 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.591 + rv = SECFailure;
1.592 + }
1.593 + break;
1.594 +
1.595 + case SSL_SECURITY:
1.596 + ss->opt.useSecurity = on;
1.597 + rv = PrepareSocket(ss);
1.598 + break;
1.599 +
1.600 + case SSL_REQUEST_CERTIFICATE:
1.601 + ss->opt.requestCertificate = on;
1.602 + break;
1.603 +
1.604 + case SSL_REQUIRE_CERTIFICATE:
1.605 + ss->opt.requireCertificate = on;
1.606 + break;
1.607 +
1.608 + case SSL_HANDSHAKE_AS_CLIENT:
1.609 + if ( ss->opt.handshakeAsServer && on ) {
1.610 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.611 + rv = SECFailure;
1.612 + break;
1.613 + }
1.614 + ss->opt.handshakeAsClient = on;
1.615 + break;
1.616 +
1.617 + case SSL_HANDSHAKE_AS_SERVER:
1.618 + if ( ss->opt.handshakeAsClient && on ) {
1.619 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.620 + rv = SECFailure;
1.621 + break;
1.622 + }
1.623 + ss->opt.handshakeAsServer = on;
1.624 + break;
1.625 +
1.626 + case SSL_ENABLE_TLS:
1.627 + if (IS_DTLS(ss)) {
1.628 + if (on) {
1.629 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.630 + rv = SECFailure; /* not allowed */
1.631 + }
1.632 + break;
1.633 + }
1.634 + ssl_EnableTLS(&ss->vrange, on);
1.635 + ss->preferredCipher = NULL;
1.636 + if (ss->cipherSpecs) {
1.637 + PORT_Free(ss->cipherSpecs);
1.638 + ss->cipherSpecs = NULL;
1.639 + ss->sizeCipherSpecs = 0;
1.640 + }
1.641 + break;
1.642 +
1.643 + case SSL_ENABLE_SSL3:
1.644 + if (IS_DTLS(ss)) {
1.645 + if (on) {
1.646 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.647 + rv = SECFailure; /* not allowed */
1.648 + }
1.649 + break;
1.650 + }
1.651 + ssl_EnableSSL3(&ss->vrange, on);
1.652 + ss->preferredCipher = NULL;
1.653 + if (ss->cipherSpecs) {
1.654 + PORT_Free(ss->cipherSpecs);
1.655 + ss->cipherSpecs = NULL;
1.656 + ss->sizeCipherSpecs = 0;
1.657 + }
1.658 + break;
1.659 +
1.660 + case SSL_ENABLE_SSL2:
1.661 + if (IS_DTLS(ss)) {
1.662 + if (on) {
1.663 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.664 + rv = SECFailure; /* not allowed */
1.665 + }
1.666 + break;
1.667 + }
1.668 + ss->opt.enableSSL2 = on;
1.669 + if (on) {
1.670 + ss->opt.v2CompatibleHello = on;
1.671 + }
1.672 + ss->preferredCipher = NULL;
1.673 + if (ss->cipherSpecs) {
1.674 + PORT_Free(ss->cipherSpecs);
1.675 + ss->cipherSpecs = NULL;
1.676 + ss->sizeCipherSpecs = 0;
1.677 + }
1.678 + break;
1.679 +
1.680 + case SSL_NO_CACHE:
1.681 + ss->opt.noCache = on;
1.682 + break;
1.683 +
1.684 + case SSL_ENABLE_FDX:
1.685 + if (on && ss->opt.noLocks) {
1.686 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.687 + rv = SECFailure;
1.688 + }
1.689 + ss->opt.fdx = on;
1.690 + break;
1.691 +
1.692 + case SSL_V2_COMPATIBLE_HELLO:
1.693 + if (IS_DTLS(ss)) {
1.694 + if (on) {
1.695 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.696 + rv = SECFailure; /* not allowed */
1.697 + }
1.698 + break;
1.699 + }
1.700 + ss->opt.v2CompatibleHello = on;
1.701 + if (!on) {
1.702 + ss->opt.enableSSL2 = on;
1.703 + }
1.704 + break;
1.705 +
1.706 + case SSL_ROLLBACK_DETECTION:
1.707 + ss->opt.detectRollBack = on;
1.708 + break;
1.709 +
1.710 + case SSL_NO_STEP_DOWN:
1.711 + ss->opt.noStepDown = on;
1.712 + if (on)
1.713 + SSL_DisableExportCipherSuites(fd);
1.714 + break;
1.715 +
1.716 + case SSL_BYPASS_PKCS11:
1.717 + if (ss->handshakeBegun) {
1.718 + PORT_SetError(PR_INVALID_STATE_ERROR);
1.719 + rv = SECFailure;
1.720 + } else {
1.721 + if (PR_FALSE != on) {
1.722 + if (PR_SUCCESS == SSL_BypassSetup() ) {
1.723 +#ifdef NO_PKCS11_BYPASS
1.724 + ss->opt.bypassPKCS11 = PR_FALSE;
1.725 +#else
1.726 + ss->opt.bypassPKCS11 = on;
1.727 +#endif
1.728 + } else {
1.729 + rv = SECFailure;
1.730 + }
1.731 + } else {
1.732 + ss->opt.bypassPKCS11 = PR_FALSE;
1.733 + }
1.734 + }
1.735 + break;
1.736 +
1.737 + case SSL_NO_LOCKS:
1.738 + if (on && ss->opt.fdx) {
1.739 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.740 + rv = SECFailure;
1.741 + }
1.742 + if (on && ssl_force_locks)
1.743 + on = PR_FALSE; /* silent override */
1.744 + ss->opt.noLocks = on;
1.745 + if (on) {
1.746 + locksEverDisabled = PR_TRUE;
1.747 + strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED.");
1.748 + } else if (!holdingLocks) {
1.749 + rv = ssl_MakeLocks(ss);
1.750 + if (rv != SECSuccess) {
1.751 + ss->opt.noLocks = PR_TRUE;
1.752 + }
1.753 + }
1.754 + break;
1.755 +
1.756 + case SSL_ENABLE_SESSION_TICKETS:
1.757 + ss->opt.enableSessionTickets = on;
1.758 + break;
1.759 +
1.760 + case SSL_ENABLE_DEFLATE:
1.761 + ss->opt.enableDeflate = on;
1.762 + break;
1.763 +
1.764 + case SSL_ENABLE_RENEGOTIATION:
1.765 + ss->opt.enableRenegotiation = on;
1.766 + break;
1.767 +
1.768 + case SSL_REQUIRE_SAFE_NEGOTIATION:
1.769 + ss->opt.requireSafeNegotiation = on;
1.770 + break;
1.771 +
1.772 + case SSL_ENABLE_FALSE_START:
1.773 + ss->opt.enableFalseStart = on;
1.774 + break;
1.775 +
1.776 + case SSL_CBC_RANDOM_IV:
1.777 + ss->opt.cbcRandomIV = on;
1.778 + break;
1.779 +
1.780 + case SSL_ENABLE_OCSP_STAPLING:
1.781 + ss->opt.enableOCSPStapling = on;
1.782 + break;
1.783 +
1.784 + case SSL_ENABLE_NPN:
1.785 + ss->opt.enableNPN = on;
1.786 + break;
1.787 +
1.788 + case SSL_ENABLE_ALPN:
1.789 + ss->opt.enableALPN = on;
1.790 + break;
1.791 +
1.792 + case SSL_ENABLE_FALLBACK_SCSV:
1.793 + ss->opt.enableFallbackSCSV = on;
1.794 + break;
1.795 +
1.796 + default:
1.797 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.798 + rv = SECFailure;
1.799 + }
1.800 +
1.801 + /* We can't use the macros for releasing the locks here,
1.802 + * because ss->opt.noLocks might have changed just above.
1.803 + * We must release these locks (monitors) here, if we aquired them above,
1.804 + * regardless of the current value of ss->opt.noLocks.
1.805 + */
1.806 + if (holdingLocks) {
1.807 + PZ_ExitMonitor((ss)->ssl3HandshakeLock);
1.808 + PZ_ExitMonitor((ss)->firstHandshakeLock);
1.809 + }
1.810 +
1.811 + return rv;
1.812 +}
1.813 +
1.814 +SECStatus
1.815 +SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
1.816 +{
1.817 + sslSocket *ss = ssl_FindSocket(fd);
1.818 + SECStatus rv = SECSuccess;
1.819 + PRBool on = PR_FALSE;
1.820 +
1.821 + if (!pOn) {
1.822 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.823 + return SECFailure;
1.824 + }
1.825 + if (!ss) {
1.826 + SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
1.827 + *pOn = PR_FALSE;
1.828 + return SECFailure;
1.829 + }
1.830 +
1.831 + ssl_Get1stHandshakeLock(ss);
1.832 + ssl_GetSSL3HandshakeLock(ss);
1.833 +
1.834 + switch (which) {
1.835 + case SSL_SOCKS: on = PR_FALSE; break;
1.836 + case SSL_SECURITY: on = ss->opt.useSecurity; break;
1.837 + case SSL_REQUEST_CERTIFICATE: on = ss->opt.requestCertificate; break;
1.838 + case SSL_REQUIRE_CERTIFICATE: on = ss->opt.requireCertificate; break;
1.839 + case SSL_HANDSHAKE_AS_CLIENT: on = ss->opt.handshakeAsClient; break;
1.840 + case SSL_HANDSHAKE_AS_SERVER: on = ss->opt.handshakeAsServer; break;
1.841 + case SSL_ENABLE_TLS:
1.842 + on = ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_0;
1.843 + break;
1.844 + case SSL_ENABLE_SSL3:
1.845 + on = ss->vrange.min == SSL_LIBRARY_VERSION_3_0;
1.846 + break;
1.847 + case SSL_ENABLE_SSL2: on = ss->opt.enableSSL2; break;
1.848 + case SSL_NO_CACHE: on = ss->opt.noCache; break;
1.849 + case SSL_ENABLE_FDX: on = ss->opt.fdx; break;
1.850 + case SSL_V2_COMPATIBLE_HELLO: on = ss->opt.v2CompatibleHello; break;
1.851 + case SSL_ROLLBACK_DETECTION: on = ss->opt.detectRollBack; break;
1.852 + case SSL_NO_STEP_DOWN: on = ss->opt.noStepDown; break;
1.853 + case SSL_BYPASS_PKCS11: on = ss->opt.bypassPKCS11; break;
1.854 + case SSL_NO_LOCKS: on = ss->opt.noLocks; break;
1.855 + case SSL_ENABLE_SESSION_TICKETS:
1.856 + on = ss->opt.enableSessionTickets;
1.857 + break;
1.858 + case SSL_ENABLE_DEFLATE: on = ss->opt.enableDeflate; break;
1.859 + case SSL_ENABLE_RENEGOTIATION:
1.860 + on = ss->opt.enableRenegotiation; break;
1.861 + case SSL_REQUIRE_SAFE_NEGOTIATION:
1.862 + on = ss->opt.requireSafeNegotiation; break;
1.863 + case SSL_ENABLE_FALSE_START: on = ss->opt.enableFalseStart; break;
1.864 + case SSL_CBC_RANDOM_IV: on = ss->opt.cbcRandomIV; break;
1.865 + case SSL_ENABLE_OCSP_STAPLING: on = ss->opt.enableOCSPStapling; break;
1.866 + case SSL_ENABLE_NPN: on = ss->opt.enableNPN; break;
1.867 + case SSL_ENABLE_ALPN: on = ss->opt.enableALPN; break;
1.868 + case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break;
1.869 +
1.870 + default:
1.871 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.872 + rv = SECFailure;
1.873 + }
1.874 +
1.875 + ssl_ReleaseSSL3HandshakeLock(ss);
1.876 + ssl_Release1stHandshakeLock(ss);
1.877 +
1.878 + *pOn = on;
1.879 + return rv;
1.880 +}
1.881 +
1.882 +SECStatus
1.883 +SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
1.884 +{
1.885 + SECStatus rv = SECSuccess;
1.886 + PRBool on = PR_FALSE;
1.887 +
1.888 + if (!pOn) {
1.889 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.890 + return SECFailure;
1.891 + }
1.892 +
1.893 + ssl_SetDefaultsFromEnvironment();
1.894 +
1.895 + switch (which) {
1.896 + case SSL_SOCKS: on = PR_FALSE; break;
1.897 + case SSL_SECURITY: on = ssl_defaults.useSecurity; break;
1.898 + case SSL_REQUEST_CERTIFICATE: on = ssl_defaults.requestCertificate; break;
1.899 + case SSL_REQUIRE_CERTIFICATE: on = ssl_defaults.requireCertificate; break;
1.900 + case SSL_HANDSHAKE_AS_CLIENT: on = ssl_defaults.handshakeAsClient; break;
1.901 + case SSL_HANDSHAKE_AS_SERVER: on = ssl_defaults.handshakeAsServer; break;
1.902 + case SSL_ENABLE_TLS:
1.903 + on = versions_defaults_stream.max >= SSL_LIBRARY_VERSION_TLS_1_0;
1.904 + break;
1.905 + case SSL_ENABLE_SSL3:
1.906 + on = versions_defaults_stream.min == SSL_LIBRARY_VERSION_3_0;
1.907 + break;
1.908 + case SSL_ENABLE_SSL2: on = ssl_defaults.enableSSL2; break;
1.909 + case SSL_NO_CACHE: on = ssl_defaults.noCache; break;
1.910 + case SSL_ENABLE_FDX: on = ssl_defaults.fdx; break;
1.911 + case SSL_V2_COMPATIBLE_HELLO: on = ssl_defaults.v2CompatibleHello; break;
1.912 + case SSL_ROLLBACK_DETECTION: on = ssl_defaults.detectRollBack; break;
1.913 + case SSL_NO_STEP_DOWN: on = ssl_defaults.noStepDown; break;
1.914 + case SSL_BYPASS_PKCS11: on = ssl_defaults.bypassPKCS11; break;
1.915 + case SSL_NO_LOCKS: on = ssl_defaults.noLocks; break;
1.916 + case SSL_ENABLE_SESSION_TICKETS:
1.917 + on = ssl_defaults.enableSessionTickets;
1.918 + break;
1.919 + case SSL_ENABLE_DEFLATE: on = ssl_defaults.enableDeflate; break;
1.920 + case SSL_ENABLE_RENEGOTIATION:
1.921 + on = ssl_defaults.enableRenegotiation; break;
1.922 + case SSL_REQUIRE_SAFE_NEGOTIATION:
1.923 + on = ssl_defaults.requireSafeNegotiation;
1.924 + break;
1.925 + case SSL_ENABLE_FALSE_START: on = ssl_defaults.enableFalseStart; break;
1.926 + case SSL_CBC_RANDOM_IV: on = ssl_defaults.cbcRandomIV; break;
1.927 + case SSL_ENABLE_OCSP_STAPLING:
1.928 + on = ssl_defaults.enableOCSPStapling;
1.929 + break;
1.930 + case SSL_ENABLE_NPN: on = ssl_defaults.enableNPN; break;
1.931 + case SSL_ENABLE_ALPN: on = ssl_defaults.enableALPN; break;
1.932 + case SSL_ENABLE_FALLBACK_SCSV:
1.933 + on = ssl_defaults.enableFallbackSCSV;
1.934 + break;
1.935 +
1.936 + default:
1.937 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.938 + rv = SECFailure;
1.939 + }
1.940 +
1.941 + *pOn = on;
1.942 + return rv;
1.943 +}
1.944 +
1.945 +/* XXX Use Global Lock to protect this stuff. */
1.946 +SECStatus
1.947 +SSL_EnableDefault(int which, PRBool on)
1.948 +{
1.949 + return SSL_OptionSetDefault(which, on);
1.950 +}
1.951 +
1.952 +SECStatus
1.953 +SSL_OptionSetDefault(PRInt32 which, PRBool on)
1.954 +{
1.955 + SECStatus status = ssl_Init();
1.956 +
1.957 + if (status != SECSuccess) {
1.958 + return status;
1.959 + }
1.960 +
1.961 + ssl_SetDefaultsFromEnvironment();
1.962 +
1.963 + switch (which) {
1.964 + case SSL_SOCKS:
1.965 + ssl_defaults.useSocks = PR_FALSE;
1.966 + if (on) {
1.967 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.968 + return SECFailure;
1.969 + }
1.970 + break;
1.971 +
1.972 + case SSL_SECURITY:
1.973 + ssl_defaults.useSecurity = on;
1.974 + break;
1.975 +
1.976 + case SSL_REQUEST_CERTIFICATE:
1.977 + ssl_defaults.requestCertificate = on;
1.978 + break;
1.979 +
1.980 + case SSL_REQUIRE_CERTIFICATE:
1.981 + ssl_defaults.requireCertificate = on;
1.982 + break;
1.983 +
1.984 + case SSL_HANDSHAKE_AS_CLIENT:
1.985 + if ( ssl_defaults.handshakeAsServer && on ) {
1.986 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.987 + return SECFailure;
1.988 + }
1.989 + ssl_defaults.handshakeAsClient = on;
1.990 + break;
1.991 +
1.992 + case SSL_HANDSHAKE_AS_SERVER:
1.993 + if ( ssl_defaults.handshakeAsClient && on ) {
1.994 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.995 + return SECFailure;
1.996 + }
1.997 + ssl_defaults.handshakeAsServer = on;
1.998 + break;
1.999 +
1.1000 + case SSL_ENABLE_TLS:
1.1001 + ssl_EnableTLS(&versions_defaults_stream, on);
1.1002 + break;
1.1003 +
1.1004 + case SSL_ENABLE_SSL3:
1.1005 + ssl_EnableSSL3(&versions_defaults_stream, on);
1.1006 + break;
1.1007 +
1.1008 + case SSL_ENABLE_SSL2:
1.1009 + ssl_defaults.enableSSL2 = on;
1.1010 + if (on) {
1.1011 + ssl_defaults.v2CompatibleHello = on;
1.1012 + }
1.1013 + break;
1.1014 +
1.1015 + case SSL_NO_CACHE:
1.1016 + ssl_defaults.noCache = on;
1.1017 + break;
1.1018 +
1.1019 + case SSL_ENABLE_FDX:
1.1020 + if (on && ssl_defaults.noLocks) {
1.1021 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1022 + return SECFailure;
1.1023 + }
1.1024 + ssl_defaults.fdx = on;
1.1025 + break;
1.1026 +
1.1027 + case SSL_V2_COMPATIBLE_HELLO:
1.1028 + ssl_defaults.v2CompatibleHello = on;
1.1029 + if (!on) {
1.1030 + ssl_defaults.enableSSL2 = on;
1.1031 + }
1.1032 + break;
1.1033 +
1.1034 + case SSL_ROLLBACK_DETECTION:
1.1035 + ssl_defaults.detectRollBack = on;
1.1036 + break;
1.1037 +
1.1038 + case SSL_NO_STEP_DOWN:
1.1039 + ssl_defaults.noStepDown = on;
1.1040 + if (on)
1.1041 + SSL_DisableDefaultExportCipherSuites();
1.1042 + break;
1.1043 +
1.1044 + case SSL_BYPASS_PKCS11:
1.1045 + if (PR_FALSE != on) {
1.1046 + if (PR_SUCCESS == SSL_BypassSetup()) {
1.1047 +#ifdef NO_PKCS11_BYPASS
1.1048 + ssl_defaults.bypassPKCS11 = PR_FALSE;
1.1049 +#else
1.1050 + ssl_defaults.bypassPKCS11 = on;
1.1051 +#endif
1.1052 + } else {
1.1053 + return SECFailure;
1.1054 + }
1.1055 + } else {
1.1056 + ssl_defaults.bypassPKCS11 = PR_FALSE;
1.1057 + }
1.1058 + break;
1.1059 +
1.1060 + case SSL_NO_LOCKS:
1.1061 + if (on && ssl_defaults.fdx) {
1.1062 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1063 + return SECFailure;
1.1064 + }
1.1065 + if (on && ssl_force_locks)
1.1066 + on = PR_FALSE; /* silent override */
1.1067 + ssl_defaults.noLocks = on;
1.1068 + if (on) {
1.1069 + locksEverDisabled = PR_TRUE;
1.1070 + strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED.");
1.1071 + }
1.1072 + break;
1.1073 +
1.1074 + case SSL_ENABLE_SESSION_TICKETS:
1.1075 + ssl_defaults.enableSessionTickets = on;
1.1076 + break;
1.1077 +
1.1078 + case SSL_ENABLE_DEFLATE:
1.1079 + ssl_defaults.enableDeflate = on;
1.1080 + break;
1.1081 +
1.1082 + case SSL_ENABLE_RENEGOTIATION:
1.1083 + ssl_defaults.enableRenegotiation = on;
1.1084 + break;
1.1085 +
1.1086 + case SSL_REQUIRE_SAFE_NEGOTIATION:
1.1087 + ssl_defaults.requireSafeNegotiation = on;
1.1088 + break;
1.1089 +
1.1090 + case SSL_ENABLE_FALSE_START:
1.1091 + ssl_defaults.enableFalseStart = on;
1.1092 + break;
1.1093 +
1.1094 + case SSL_CBC_RANDOM_IV:
1.1095 + ssl_defaults.cbcRandomIV = on;
1.1096 + break;
1.1097 +
1.1098 + case SSL_ENABLE_OCSP_STAPLING:
1.1099 + ssl_defaults.enableOCSPStapling = on;
1.1100 + break;
1.1101 +
1.1102 + case SSL_ENABLE_NPN:
1.1103 + ssl_defaults.enableNPN = on;
1.1104 + break;
1.1105 +
1.1106 + case SSL_ENABLE_ALPN:
1.1107 + ssl_defaults.enableALPN = on;
1.1108 + break;
1.1109 +
1.1110 + case SSL_ENABLE_FALLBACK_SCSV:
1.1111 + ssl_defaults.enableFallbackSCSV = on;
1.1112 + break;
1.1113 +
1.1114 + default:
1.1115 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1116 + return SECFailure;
1.1117 + }
1.1118 + return SECSuccess;
1.1119 +}
1.1120 +
1.1121 +/* function tells us if the cipher suite is one that we no longer support. */
1.1122 +static PRBool
1.1123 +ssl_IsRemovedCipherSuite(PRInt32 suite)
1.1124 +{
1.1125 + switch (suite) {
1.1126 + case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
1.1127 + case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
1.1128 + case SSL_FORTEZZA_DMS_WITH_RC4_128_SHA:
1.1129 + return PR_TRUE;
1.1130 + default:
1.1131 + return PR_FALSE;
1.1132 + }
1.1133 +}
1.1134 +
1.1135 +/* Part of the public NSS API.
1.1136 + * Since this is a global (not per-socket) setting, we cannot use the
1.1137 + * HandshakeLock to protect this. Probably want a global lock.
1.1138 + */
1.1139 +SECStatus
1.1140 +SSL_SetPolicy(long which, int policy)
1.1141 +{
1.1142 + if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
1.1143 + /* one of the two old FIPS ciphers */
1.1144 + if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
1.1145 + which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
1.1146 + else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
1.1147 + which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
1.1148 + }
1.1149 + if (ssl_IsRemovedCipherSuite(which))
1.1150 + return SECSuccess;
1.1151 + return SSL_CipherPolicySet(which, policy);
1.1152 +}
1.1153 +
1.1154 +SECStatus
1.1155 +SSL_CipherPolicySet(PRInt32 which, PRInt32 policy)
1.1156 +{
1.1157 + SECStatus rv = ssl_Init();
1.1158 +
1.1159 + if (rv != SECSuccess) {
1.1160 + return rv;
1.1161 + }
1.1162 +
1.1163 + if (ssl_IsRemovedCipherSuite(which)) {
1.1164 + rv = SECSuccess;
1.1165 + } else if (SSL_IS_SSL2_CIPHER(which)) {
1.1166 + rv = ssl2_SetPolicy(which, policy);
1.1167 + } else {
1.1168 + rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy);
1.1169 + }
1.1170 + return rv;
1.1171 +}
1.1172 +
1.1173 +SECStatus
1.1174 +SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy)
1.1175 +{
1.1176 + SECStatus rv;
1.1177 +
1.1178 + if (!oPolicy) {
1.1179 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1180 + return SECFailure;
1.1181 + }
1.1182 + if (ssl_IsRemovedCipherSuite(which)) {
1.1183 + *oPolicy = SSL_NOT_ALLOWED;
1.1184 + rv = SECSuccess;
1.1185 + } else if (SSL_IS_SSL2_CIPHER(which)) {
1.1186 + rv = ssl2_GetPolicy(which, oPolicy);
1.1187 + } else {
1.1188 + rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy);
1.1189 + }
1.1190 + return rv;
1.1191 +}
1.1192 +
1.1193 +/* Part of the public NSS API.
1.1194 + * Since this is a global (not per-socket) setting, we cannot use the
1.1195 + * HandshakeLock to protect this. Probably want a global lock.
1.1196 + * These changes have no effect on any sslSockets already created.
1.1197 + */
1.1198 +SECStatus
1.1199 +SSL_EnableCipher(long which, PRBool enabled)
1.1200 +{
1.1201 + if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
1.1202 + /* one of the two old FIPS ciphers */
1.1203 + if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
1.1204 + which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
1.1205 + else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
1.1206 + which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
1.1207 + }
1.1208 + if (ssl_IsRemovedCipherSuite(which))
1.1209 + return SECSuccess;
1.1210 + return SSL_CipherPrefSetDefault(which, enabled);
1.1211 +}
1.1212 +
1.1213 +SECStatus
1.1214 +SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
1.1215 +{
1.1216 + SECStatus rv = ssl_Init();
1.1217 +
1.1218 + if (rv != SECSuccess) {
1.1219 + return rv;
1.1220 + }
1.1221 +
1.1222 + if (ssl_IsRemovedCipherSuite(which))
1.1223 + return SECSuccess;
1.1224 + if (enabled && ssl_defaults.noStepDown && SSL_IsExportCipherSuite(which)) {
1.1225 + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
1.1226 + return SECFailure;
1.1227 + }
1.1228 + if (SSL_IS_SSL2_CIPHER(which)) {
1.1229 + rv = ssl2_CipherPrefSetDefault(which, enabled);
1.1230 + } else {
1.1231 + rv = ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled);
1.1232 + }
1.1233 + return rv;
1.1234 +}
1.1235 +
1.1236 +SECStatus
1.1237 +SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
1.1238 +{
1.1239 + SECStatus rv;
1.1240 +
1.1241 + if (!enabled) {
1.1242 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1243 + return SECFailure;
1.1244 + }
1.1245 + if (ssl_IsRemovedCipherSuite(which)) {
1.1246 + *enabled = PR_FALSE;
1.1247 + rv = SECSuccess;
1.1248 + } else if (SSL_IS_SSL2_CIPHER(which)) {
1.1249 + rv = ssl2_CipherPrefGetDefault(which, enabled);
1.1250 + } else {
1.1251 + rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled);
1.1252 + }
1.1253 + return rv;
1.1254 +}
1.1255 +
1.1256 +SECStatus
1.1257 +SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
1.1258 +{
1.1259 + SECStatus rv;
1.1260 + sslSocket *ss = ssl_FindSocket(fd);
1.1261 +
1.1262 + if (!ss) {
1.1263 + SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
1.1264 + return SECFailure;
1.1265 + }
1.1266 + if (ssl_IsRemovedCipherSuite(which))
1.1267 + return SECSuccess;
1.1268 + if (enabled && ss->opt.noStepDown && SSL_IsExportCipherSuite(which)) {
1.1269 + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
1.1270 + return SECFailure;
1.1271 + }
1.1272 + if (SSL_IS_SSL2_CIPHER(which)) {
1.1273 + rv = ssl2_CipherPrefSet(ss, which, enabled);
1.1274 + } else {
1.1275 + rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
1.1276 + }
1.1277 + return rv;
1.1278 +}
1.1279 +
1.1280 +SECStatus
1.1281 +SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
1.1282 +{
1.1283 + SECStatus rv;
1.1284 + sslSocket *ss = ssl_FindSocket(fd);
1.1285 +
1.1286 + if (!enabled) {
1.1287 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1288 + return SECFailure;
1.1289 + }
1.1290 + if (!ss) {
1.1291 + SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
1.1292 + *enabled = PR_FALSE;
1.1293 + return SECFailure;
1.1294 + }
1.1295 + if (ssl_IsRemovedCipherSuite(which)) {
1.1296 + *enabled = PR_FALSE;
1.1297 + rv = SECSuccess;
1.1298 + } else if (SSL_IS_SSL2_CIPHER(which)) {
1.1299 + rv = ssl2_CipherPrefGet(ss, which, enabled);
1.1300 + } else {
1.1301 + rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
1.1302 + }
1.1303 + return rv;
1.1304 +}
1.1305 +
1.1306 +SECStatus
1.1307 +NSS_SetDomesticPolicy(void)
1.1308 +{
1.1309 + SECStatus status = SECSuccess;
1.1310 + const PRUint16 *cipher;
1.1311 +
1.1312 + for (cipher = SSL_ImplementedCiphers; *cipher != 0; ++cipher) {
1.1313 + status = SSL_SetPolicy(*cipher, SSL_ALLOWED);
1.1314 + if (status != SECSuccess)
1.1315 + break;
1.1316 + }
1.1317 + return status;
1.1318 +}
1.1319 +
1.1320 +SECStatus
1.1321 +NSS_SetExportPolicy(void)
1.1322 +{
1.1323 + return NSS_SetDomesticPolicy();
1.1324 +}
1.1325 +
1.1326 +SECStatus
1.1327 +NSS_SetFrancePolicy(void)
1.1328 +{
1.1329 + return NSS_SetDomesticPolicy();
1.1330 +}
1.1331 +
1.1332 +
1.1333 +
1.1334 +/* LOCKS ??? XXX */
1.1335 +static PRFileDesc *
1.1336 +ssl_ImportFD(PRFileDesc *model, PRFileDesc *fd, SSLProtocolVariant variant)
1.1337 +{
1.1338 + sslSocket * ns = NULL;
1.1339 + PRStatus rv;
1.1340 + PRNetAddr addr;
1.1341 + SECStatus status = ssl_Init();
1.1342 +
1.1343 + if (status != SECSuccess) {
1.1344 + return NULL;
1.1345 + }
1.1346 +
1.1347 + if (model == NULL) {
1.1348 + /* Just create a default socket if we're given NULL for the model */
1.1349 + ns = ssl_NewSocket((PRBool)(!ssl_defaults.noLocks), variant);
1.1350 + } else {
1.1351 + sslSocket * ss = ssl_FindSocket(model);
1.1352 + if (ss == NULL || ss->protocolVariant != variant) {
1.1353 + SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
1.1354 + SSL_GETPID(), model));
1.1355 + return NULL;
1.1356 + }
1.1357 + ns = ssl_DupSocket(ss);
1.1358 + }
1.1359 + if (ns == NULL)
1.1360 + return NULL;
1.1361 +
1.1362 + rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER);
1.1363 + if (rv != PR_SUCCESS) {
1.1364 + ssl_FreeSocket(ns);
1.1365 + SET_ERROR_CODE
1.1366 + return NULL;
1.1367 + }
1.1368 +#if defined(DEBUG) || defined(FORCE_PR_ASSERT)
1.1369 + {
1.1370 + sslSocket * ss = ssl_FindSocket(fd);
1.1371 + PORT_Assert(ss == ns);
1.1372 + }
1.1373 +#endif
1.1374 + ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
1.1375 + return fd;
1.1376 +}
1.1377 +
1.1378 +PRFileDesc *
1.1379 +SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
1.1380 +{
1.1381 + return ssl_ImportFD(model, fd, ssl_variant_stream);
1.1382 +}
1.1383 +
1.1384 +PRFileDesc *
1.1385 +DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd)
1.1386 +{
1.1387 + return ssl_ImportFD(model, fd, ssl_variant_datagram);
1.1388 +}
1.1389 +
1.1390 +/* SSL_SetNextProtoCallback is used to select an application protocol
1.1391 + * for ALPN and NPN. For ALPN, this runs on the server; for NPN it
1.1392 + * runs on the client. */
1.1393 +/* Note: The ALPN version doesn't allow for the use of a default, setting a
1.1394 + * status of SSL_NEXT_PROTO_NO_OVERLAP is treated as a failure. */
1.1395 +SECStatus
1.1396 +SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback,
1.1397 + void *arg)
1.1398 +{
1.1399 + sslSocket *ss = ssl_FindSocket(fd);
1.1400 +
1.1401 + if (!ss) {
1.1402 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoCallback", SSL_GETPID(),
1.1403 + fd));
1.1404 + return SECFailure;
1.1405 + }
1.1406 +
1.1407 + ssl_GetSSL3HandshakeLock(ss);
1.1408 + ss->nextProtoCallback = callback;
1.1409 + ss->nextProtoArg = arg;
1.1410 + ssl_ReleaseSSL3HandshakeLock(ss);
1.1411 +
1.1412 + return SECSuccess;
1.1413 +}
1.1414 +
1.1415 +/* ssl_NextProtoNegoCallback is set as an ALPN/NPN callback when
1.1416 + * SSL_SetNextProtoNego is used.
1.1417 + */
1.1418 +static SECStatus
1.1419 +ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd,
1.1420 + const unsigned char *protos, unsigned int protos_len,
1.1421 + unsigned char *protoOut, unsigned int *protoOutLen,
1.1422 + unsigned int protoMaxLen)
1.1423 +{
1.1424 + unsigned int i, j;
1.1425 + const unsigned char *result;
1.1426 + sslSocket *ss = ssl_FindSocket(fd);
1.1427 +
1.1428 + if (!ss) {
1.1429 + SSL_DBG(("%d: SSL[%d]: bad socket in ssl_NextProtoNegoCallback",
1.1430 + SSL_GETPID(), fd));
1.1431 + return SECFailure;
1.1432 + }
1.1433 +
1.1434 + /* For each protocol in server preference, see if we support it. */
1.1435 + for (i = 0; i < protos_len; ) {
1.1436 + for (j = 0; j < ss->opt.nextProtoNego.len; ) {
1.1437 + if (protos[i] == ss->opt.nextProtoNego.data[j] &&
1.1438 + PORT_Memcmp(&protos[i+1], &ss->opt.nextProtoNego.data[j+1],
1.1439 + protos[i]) == 0) {
1.1440 + /* We found a match. */
1.1441 + ss->ssl3.nextProtoState = SSL_NEXT_PROTO_NEGOTIATED;
1.1442 + result = &protos[i];
1.1443 + goto found;
1.1444 + }
1.1445 + j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j];
1.1446 + }
1.1447 + i += 1 + (unsigned int)protos[i];
1.1448 + }
1.1449 +
1.1450 + /* The other side supports the extension, and either doesn't have any
1.1451 + * protocols configured, or none of its options match ours. In this case we
1.1452 + * request our favoured protocol. */
1.1453 + /* This will be treated as a failure for ALPN. */
1.1454 + ss->ssl3.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP;
1.1455 + result = ss->opt.nextProtoNego.data;
1.1456 +
1.1457 +found:
1.1458 + if (protoMaxLen < result[0]) {
1.1459 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
1.1460 + return SECFailure;
1.1461 + }
1.1462 + memcpy(protoOut, result + 1, result[0]);
1.1463 + *protoOutLen = result[0];
1.1464 + return SECSuccess;
1.1465 +}
1.1466 +
1.1467 +SECStatus
1.1468 +SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data,
1.1469 + unsigned int length)
1.1470 +{
1.1471 + sslSocket *ss;
1.1472 + SECStatus rv;
1.1473 + SECItem dataItem = { siBuffer, (unsigned char *) data, length };
1.1474 +
1.1475 + ss = ssl_FindSocket(fd);
1.1476 + if (!ss) {
1.1477 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoNego",
1.1478 + SSL_GETPID(), fd));
1.1479 + return SECFailure;
1.1480 + }
1.1481 +
1.1482 + if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess)
1.1483 + return SECFailure;
1.1484 +
1.1485 + ssl_GetSSL3HandshakeLock(ss);
1.1486 + SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE);
1.1487 + rv = SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &dataItem);
1.1488 + ssl_ReleaseSSL3HandshakeLock(ss);
1.1489 +
1.1490 + if (rv != SECSuccess)
1.1491 + return rv;
1.1492 +
1.1493 + return SSL_SetNextProtoCallback(fd, ssl_NextProtoNegoCallback, NULL);
1.1494 +}
1.1495 +
1.1496 +SECStatus
1.1497 +SSL_GetNextProto(PRFileDesc *fd, SSLNextProtoState *state, unsigned char *buf,
1.1498 + unsigned int *bufLen, unsigned int bufLenMax)
1.1499 +{
1.1500 + sslSocket *ss = ssl_FindSocket(fd);
1.1501 +
1.1502 + if (!ss) {
1.1503 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNextProto", SSL_GETPID(),
1.1504 + fd));
1.1505 + return SECFailure;
1.1506 + }
1.1507 +
1.1508 + if (!state || !buf || !bufLen) {
1.1509 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1510 + return SECFailure;
1.1511 + }
1.1512 +
1.1513 + *state = ss->ssl3.nextProtoState;
1.1514 +
1.1515 + if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
1.1516 + ss->ssl3.nextProto.data) {
1.1517 + if (ss->ssl3.nextProto.len > bufLenMax) {
1.1518 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
1.1519 + return SECFailure;
1.1520 + }
1.1521 + PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len);
1.1522 + *bufLen = ss->ssl3.nextProto.len;
1.1523 + } else {
1.1524 + *bufLen = 0;
1.1525 + }
1.1526 +
1.1527 + return SECSuccess;
1.1528 +}
1.1529 +
1.1530 +SECStatus SSL_SetSRTPCiphers(PRFileDesc *fd,
1.1531 + const PRUint16 *ciphers,
1.1532 + unsigned int numCiphers)
1.1533 +{
1.1534 + sslSocket *ss;
1.1535 + unsigned int i;
1.1536 +
1.1537 + ss = ssl_FindSocket(fd);
1.1538 + if (!ss || !IS_DTLS(ss)) {
1.1539 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSRTPCiphers",
1.1540 + SSL_GETPID(), fd));
1.1541 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1542 + return SECFailure;
1.1543 + }
1.1544 +
1.1545 + if (numCiphers > MAX_DTLS_SRTP_CIPHER_SUITES) {
1.1546 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1547 + return SECFailure;
1.1548 + }
1.1549 +
1.1550 + ss->ssl3.dtlsSRTPCipherCount = 0;
1.1551 + for (i = 0; i < numCiphers; i++) {
1.1552 + const PRUint16 *srtpCipher = srtpCiphers;
1.1553 +
1.1554 + while (*srtpCipher) {
1.1555 + if (ciphers[i] == *srtpCipher)
1.1556 + break;
1.1557 + srtpCipher++;
1.1558 + }
1.1559 + if (*srtpCipher) {
1.1560 + ss->ssl3.dtlsSRTPCiphers[ss->ssl3.dtlsSRTPCipherCount++] =
1.1561 + ciphers[i];
1.1562 + } else {
1.1563 + SSL_DBG(("%d: SSL[%d]: invalid or unimplemented SRTP cipher "
1.1564 + "suite specified: 0x%04hx", SSL_GETPID(), fd,
1.1565 + ciphers[i]));
1.1566 + }
1.1567 + }
1.1568 +
1.1569 + if (ss->ssl3.dtlsSRTPCipherCount == 0) {
1.1570 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1571 + return SECFailure;
1.1572 + }
1.1573 +
1.1574 + return SECSuccess;
1.1575 +}
1.1576 +
1.1577 +SECStatus
1.1578 +SSL_GetSRTPCipher(PRFileDesc *fd, PRUint16 *cipher)
1.1579 +{
1.1580 + sslSocket * ss;
1.1581 +
1.1582 + ss = ssl_FindSocket(fd);
1.1583 + if (!ss) {
1.1584 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetSRTPCipher",
1.1585 + SSL_GETPID(), fd));
1.1586 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1587 + return SECFailure;
1.1588 + }
1.1589 +
1.1590 + if (!ss->ssl3.dtlsSRTPCipherSuite) {
1.1591 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1592 + return SECFailure;
1.1593 + }
1.1594 +
1.1595 + *cipher = ss->ssl3.dtlsSRTPCipherSuite;
1.1596 + return SECSuccess;
1.1597 +}
1.1598 +
1.1599 +PRFileDesc *
1.1600 +SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd)
1.1601 +{
1.1602 + sslSocket * sm = NULL, *ss = NULL;
1.1603 + int i;
1.1604 + sslServerCerts * mc = NULL;
1.1605 + sslServerCerts * sc = NULL;
1.1606 +
1.1607 + if (model == NULL) {
1.1608 + PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
1.1609 + return NULL;
1.1610 + }
1.1611 + sm = ssl_FindSocket(model);
1.1612 + if (sm == NULL) {
1.1613 + SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ReconfigFD",
1.1614 + SSL_GETPID(), model));
1.1615 + return NULL;
1.1616 + }
1.1617 + ss = ssl_FindSocket(fd);
1.1618 + PORT_Assert(ss);
1.1619 + if (ss == NULL) {
1.1620 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1621 + return NULL;
1.1622 + }
1.1623 +
1.1624 + ss->opt = sm->opt;
1.1625 + ss->vrange = sm->vrange;
1.1626 + PORT_Memcpy(ss->cipherSuites, sm->cipherSuites, sizeof sm->cipherSuites);
1.1627 + PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, sm->ssl3.dtlsSRTPCiphers,
1.1628 + sizeof(PRUint16) * sm->ssl3.dtlsSRTPCipherCount);
1.1629 + ss->ssl3.dtlsSRTPCipherCount = sm->ssl3.dtlsSRTPCipherCount;
1.1630 +
1.1631 + if (!ss->opt.useSecurity) {
1.1632 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1633 + return NULL;
1.1634 + }
1.1635 + /* This int should be SSLKEAType, but CC on Irix complains,
1.1636 + * during the for loop.
1.1637 + */
1.1638 + for (i=kt_null; i < kt_kea_size; i++) {
1.1639 + mc = &(sm->serverCerts[i]);
1.1640 + sc = &(ss->serverCerts[i]);
1.1641 + if (mc->serverCert && mc->serverCertChain) {
1.1642 + if (sc->serverCert) {
1.1643 + CERT_DestroyCertificate(sc->serverCert);
1.1644 + }
1.1645 + sc->serverCert = CERT_DupCertificate(mc->serverCert);
1.1646 + if (sc->serverCertChain) {
1.1647 + CERT_DestroyCertificateList(sc->serverCertChain);
1.1648 + }
1.1649 + sc->serverCertChain = CERT_DupCertList(mc->serverCertChain);
1.1650 + if (!sc->serverCertChain)
1.1651 + goto loser;
1.1652 + if (sm->certStatusArray[i]) {
1.1653 + if (ss->certStatusArray[i]) {
1.1654 + SECITEM_FreeArray(ss->certStatusArray[i], PR_TRUE);
1.1655 + ss->certStatusArray[i] = NULL;
1.1656 + }
1.1657 + ss->certStatusArray[i] = SECITEM_DupArray(NULL, sm->certStatusArray[i]);
1.1658 + if (!ss->certStatusArray[i])
1.1659 + goto loser;
1.1660 + }
1.1661 + }
1.1662 + if (mc->serverKeyPair) {
1.1663 + if (sc->serverKeyPair) {
1.1664 + ssl3_FreeKeyPair(sc->serverKeyPair);
1.1665 + }
1.1666 + sc->serverKeyPair = ssl3_GetKeyPairRef(mc->serverKeyPair);
1.1667 + sc->serverKeyBits = mc->serverKeyBits;
1.1668 + }
1.1669 + }
1.1670 + if (sm->stepDownKeyPair) {
1.1671 + if (ss->stepDownKeyPair) {
1.1672 + ssl3_FreeKeyPair(ss->stepDownKeyPair);
1.1673 + }
1.1674 + ss->stepDownKeyPair = ssl3_GetKeyPairRef(sm->stepDownKeyPair);
1.1675 + }
1.1676 + if (sm->ephemeralECDHKeyPair) {
1.1677 + if (ss->ephemeralECDHKeyPair) {
1.1678 + ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
1.1679 + }
1.1680 + ss->ephemeralECDHKeyPair =
1.1681 + ssl3_GetKeyPairRef(sm->ephemeralECDHKeyPair);
1.1682 + }
1.1683 + /* copy trust anchor names */
1.1684 + if (sm->ssl3.ca_list) {
1.1685 + if (ss->ssl3.ca_list) {
1.1686 + CERT_FreeDistNames(ss->ssl3.ca_list);
1.1687 + }
1.1688 + ss->ssl3.ca_list = CERT_DupDistNames(sm->ssl3.ca_list);
1.1689 + if (!ss->ssl3.ca_list) {
1.1690 + goto loser;
1.1691 + }
1.1692 + }
1.1693 +
1.1694 + if (sm->authCertificate)
1.1695 + ss->authCertificate = sm->authCertificate;
1.1696 + if (sm->authCertificateArg)
1.1697 + ss->authCertificateArg = sm->authCertificateArg;
1.1698 + if (sm->getClientAuthData)
1.1699 + ss->getClientAuthData = sm->getClientAuthData;
1.1700 + if (sm->getClientAuthDataArg)
1.1701 + ss->getClientAuthDataArg = sm->getClientAuthDataArg;
1.1702 + if (sm->sniSocketConfig)
1.1703 + ss->sniSocketConfig = sm->sniSocketConfig;
1.1704 + if (sm->sniSocketConfigArg)
1.1705 + ss->sniSocketConfigArg = sm->sniSocketConfigArg;
1.1706 + if (sm->handleBadCert)
1.1707 + ss->handleBadCert = sm->handleBadCert;
1.1708 + if (sm->badCertArg)
1.1709 + ss->badCertArg = sm->badCertArg;
1.1710 + if (sm->handshakeCallback)
1.1711 + ss->handshakeCallback = sm->handshakeCallback;
1.1712 + if (sm->handshakeCallbackData)
1.1713 + ss->handshakeCallbackData = sm->handshakeCallbackData;
1.1714 + if (sm->pkcs11PinArg)
1.1715 + ss->pkcs11PinArg = sm->pkcs11PinArg;
1.1716 + return fd;
1.1717 +loser:
1.1718 + return NULL;
1.1719 +}
1.1720 +
1.1721 +PRBool
1.1722 +ssl3_VersionIsSupported(SSLProtocolVariant protocolVariant,
1.1723 + SSL3ProtocolVersion version)
1.1724 +{
1.1725 + switch (protocolVariant) {
1.1726 + case ssl_variant_stream:
1.1727 + return (version >= SSL_LIBRARY_VERSION_3_0 &&
1.1728 + version <= SSL_LIBRARY_VERSION_MAX_SUPPORTED);
1.1729 + case ssl_variant_datagram:
1.1730 + return (version >= SSL_LIBRARY_VERSION_TLS_1_1 &&
1.1731 + version <= SSL_LIBRARY_VERSION_MAX_SUPPORTED);
1.1732 + default:
1.1733 + /* Can't get here */
1.1734 + PORT_Assert(PR_FALSE);
1.1735 + return PR_FALSE;
1.1736 + }
1.1737 +}
1.1738 +
1.1739 +/* Returns PR_TRUE if the given version range is valid and
1.1740 +** fully supported; otherwise, returns PR_FALSE.
1.1741 +*/
1.1742 +static PRBool
1.1743 +ssl3_VersionRangeIsValid(SSLProtocolVariant protocolVariant,
1.1744 + const SSLVersionRange *vrange)
1.1745 +{
1.1746 + return vrange &&
1.1747 + vrange->min <= vrange->max &&
1.1748 + ssl3_VersionIsSupported(protocolVariant, vrange->min) &&
1.1749 + ssl3_VersionIsSupported(protocolVariant, vrange->max);
1.1750 +}
1.1751 +
1.1752 +SECStatus
1.1753 +SSL_VersionRangeGetSupported(SSLProtocolVariant protocolVariant,
1.1754 + SSLVersionRange *vrange)
1.1755 +{
1.1756 + if (!vrange) {
1.1757 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1758 + return SECFailure;
1.1759 + }
1.1760 +
1.1761 + switch (protocolVariant) {
1.1762 + case ssl_variant_stream:
1.1763 + vrange->min = SSL_LIBRARY_VERSION_3_0;
1.1764 + vrange->max = SSL_LIBRARY_VERSION_MAX_SUPPORTED;
1.1765 + break;
1.1766 + case ssl_variant_datagram:
1.1767 + vrange->min = SSL_LIBRARY_VERSION_TLS_1_1;
1.1768 + vrange->max = SSL_LIBRARY_VERSION_MAX_SUPPORTED;
1.1769 + break;
1.1770 + default:
1.1771 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1772 + return SECFailure;
1.1773 + }
1.1774 +
1.1775 + return SECSuccess;
1.1776 +}
1.1777 +
1.1778 +SECStatus
1.1779 +SSL_VersionRangeGetDefault(SSLProtocolVariant protocolVariant,
1.1780 + SSLVersionRange *vrange)
1.1781 +{
1.1782 + if ((protocolVariant != ssl_variant_stream &&
1.1783 + protocolVariant != ssl_variant_datagram) || !vrange) {
1.1784 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1785 + return SECFailure;
1.1786 + }
1.1787 +
1.1788 + *vrange = *VERSIONS_DEFAULTS(protocolVariant);
1.1789 +
1.1790 + return SECSuccess;
1.1791 +}
1.1792 +
1.1793 +SECStatus
1.1794 +SSL_VersionRangeSetDefault(SSLProtocolVariant protocolVariant,
1.1795 + const SSLVersionRange *vrange)
1.1796 +{
1.1797 + if (!ssl3_VersionRangeIsValid(protocolVariant, vrange)) {
1.1798 + PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
1.1799 + return SECFailure;
1.1800 + }
1.1801 +
1.1802 + *VERSIONS_DEFAULTS(protocolVariant) = *vrange;
1.1803 +
1.1804 + return SECSuccess;
1.1805 +}
1.1806 +
1.1807 +SECStatus
1.1808 +SSL_VersionRangeGet(PRFileDesc *fd, SSLVersionRange *vrange)
1.1809 +{
1.1810 + sslSocket *ss = ssl_FindSocket(fd);
1.1811 +
1.1812 + if (!ss) {
1.1813 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL3_VersionRangeGet",
1.1814 + SSL_GETPID(), fd));
1.1815 + return SECFailure;
1.1816 + }
1.1817 +
1.1818 + if (!vrange) {
1.1819 + PORT_SetError(SEC_ERROR_INVALID_ARGS);
1.1820 + return SECFailure;
1.1821 + }
1.1822 +
1.1823 + ssl_Get1stHandshakeLock(ss);
1.1824 + ssl_GetSSL3HandshakeLock(ss);
1.1825 +
1.1826 + *vrange = ss->vrange;
1.1827 +
1.1828 + ssl_ReleaseSSL3HandshakeLock(ss);
1.1829 + ssl_Release1stHandshakeLock(ss);
1.1830 +
1.1831 + return SECSuccess;
1.1832 +}
1.1833 +
1.1834 +SECStatus
1.1835 +SSL_VersionRangeSet(PRFileDesc *fd, const SSLVersionRange *vrange)
1.1836 +{
1.1837 + sslSocket *ss = ssl_FindSocket(fd);
1.1838 +
1.1839 + if (!ss) {
1.1840 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL3_VersionRangeSet",
1.1841 + SSL_GETPID(), fd));
1.1842 + return SECFailure;
1.1843 + }
1.1844 +
1.1845 + if (!ssl3_VersionRangeIsValid(ss->protocolVariant, vrange)) {
1.1846 + PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
1.1847 + return SECFailure;
1.1848 + }
1.1849 +
1.1850 + ssl_Get1stHandshakeLock(ss);
1.1851 + ssl_GetSSL3HandshakeLock(ss);
1.1852 +
1.1853 + ss->vrange = *vrange;
1.1854 +
1.1855 + ssl_ReleaseSSL3HandshakeLock(ss);
1.1856 + ssl_Release1stHandshakeLock(ss);
1.1857 +
1.1858 + return SECSuccess;
1.1859 +}
1.1860 +
1.1861 +const SECItemArray *
1.1862 +SSL_PeerStapledOCSPResponses(PRFileDesc *fd)
1.1863 +{
1.1864 + sslSocket *ss = ssl_FindSocket(fd);
1.1865 +
1.1866 + if (!ss) {
1.1867 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_PeerStapledOCSPResponses",
1.1868 + SSL_GETPID(), fd));
1.1869 + return NULL;
1.1870 + }
1.1871 +
1.1872 + if (!ss->sec.ci.sid) {
1.1873 + PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
1.1874 + return NULL;
1.1875 + }
1.1876 +
1.1877 + return &ss->sec.ci.sid->peerCertStatus;
1.1878 +}
1.1879 +
1.1880 +/************************************************************************/
1.1881 +/* The following functions are the TOP LEVEL SSL functions.
1.1882 +** They all get called through the NSPRIOMethods table below.
1.1883 +*/
1.1884 +
1.1885 +static PRFileDesc * PR_CALLBACK
1.1886 +ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout)
1.1887 +{
1.1888 + sslSocket *ss;
1.1889 + sslSocket *ns = NULL;
1.1890 + PRFileDesc *newfd = NULL;
1.1891 + PRFileDesc *osfd;
1.1892 + PRStatus status;
1.1893 +
1.1894 + ss = ssl_GetPrivate(fd);
1.1895 + if (!ss) {
1.1896 + SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd));
1.1897 + return NULL;
1.1898 + }
1.1899 +
1.1900 + /* IF this is a listen socket, there shouldn't be any I/O going on */
1.1901 + SSL_LOCK_READER(ss);
1.1902 + SSL_LOCK_WRITER(ss);
1.1903 + ssl_Get1stHandshakeLock(ss);
1.1904 + ssl_GetSSL3HandshakeLock(ss);
1.1905 +
1.1906 + ss->cTimeout = timeout;
1.1907 +
1.1908 + osfd = ss->fd->lower;
1.1909 +
1.1910 + /* First accept connection */
1.1911 + newfd = osfd->methods->accept(osfd, sockaddr, timeout);
1.1912 + if (newfd == NULL) {
1.1913 + SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d",
1.1914 + SSL_GETPID(), ss->fd, PORT_GetError()));
1.1915 + } else {
1.1916 + /* Create ssl module */
1.1917 + ns = ssl_DupSocket(ss);
1.1918 + }
1.1919 +
1.1920 + ssl_ReleaseSSL3HandshakeLock(ss);
1.1921 + ssl_Release1stHandshakeLock(ss);
1.1922 + SSL_UNLOCK_WRITER(ss);
1.1923 + SSL_UNLOCK_READER(ss); /* ss isn't used below here. */
1.1924 +
1.1925 + if (ns == NULL)
1.1926 + goto loser;
1.1927 +
1.1928 + /* push ssl module onto the new socket */
1.1929 + status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER);
1.1930 + if (status != PR_SUCCESS)
1.1931 + goto loser;
1.1932 +
1.1933 + /* Now start server connection handshake with client.
1.1934 + ** Don't need locks here because nobody else has a reference to ns yet.
1.1935 + */
1.1936 + if ( ns->opt.useSecurity ) {
1.1937 + if ( ns->opt.handshakeAsClient ) {
1.1938 + ns->handshake = ssl2_BeginClientHandshake;
1.1939 + ss->handshaking = sslHandshakingAsClient;
1.1940 + } else {
1.1941 + ns->handshake = ssl2_BeginServerHandshake;
1.1942 + ss->handshaking = sslHandshakingAsServer;
1.1943 + }
1.1944 + }
1.1945 + ns->TCPconnected = 1;
1.1946 + return newfd;
1.1947 +
1.1948 +loser:
1.1949 + if (ns != NULL)
1.1950 + ssl_FreeSocket(ns);
1.1951 + if (newfd != NULL)
1.1952 + PR_Close(newfd);
1.1953 + return NULL;
1.1954 +}
1.1955 +
1.1956 +static PRStatus PR_CALLBACK
1.1957 +ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout)
1.1958 +{
1.1959 + sslSocket *ss;
1.1960 + PRStatus rv;
1.1961 +
1.1962 + ss = ssl_GetPrivate(fd);
1.1963 + if (!ss) {
1.1964 + SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd));
1.1965 + return PR_FAILURE;
1.1966 + }
1.1967 +
1.1968 + /* IF this is a listen socket, there shouldn't be any I/O going on */
1.1969 + SSL_LOCK_READER(ss);
1.1970 + SSL_LOCK_WRITER(ss);
1.1971 +
1.1972 + ss->cTimeout = timeout;
1.1973 + rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
1.1974 +
1.1975 + SSL_UNLOCK_WRITER(ss);
1.1976 + SSL_UNLOCK_READER(ss);
1.1977 +
1.1978 + return rv;
1.1979 +}
1.1980 +
1.1981 +static PRStatus PR_CALLBACK
1.1982 +ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr)
1.1983 +{
1.1984 + sslSocket * ss = ssl_GetPrivate(fd);
1.1985 + PRStatus rv;
1.1986 +
1.1987 + if (!ss) {
1.1988 + SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd));
1.1989 + return PR_FAILURE;
1.1990 + }
1.1991 + SSL_LOCK_READER(ss);
1.1992 + SSL_LOCK_WRITER(ss);
1.1993 +
1.1994 + rv = (PRStatus)(*ss->ops->bind)(ss, addr);
1.1995 +
1.1996 + SSL_UNLOCK_WRITER(ss);
1.1997 + SSL_UNLOCK_READER(ss);
1.1998 + return rv;
1.1999 +}
1.2000 +
1.2001 +static PRStatus PR_CALLBACK
1.2002 +ssl_Listen(PRFileDesc *fd, PRIntn backlog)
1.2003 +{
1.2004 + sslSocket * ss = ssl_GetPrivate(fd);
1.2005 + PRStatus rv;
1.2006 +
1.2007 + if (!ss) {
1.2008 + SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd));
1.2009 + return PR_FAILURE;
1.2010 + }
1.2011 + SSL_LOCK_READER(ss);
1.2012 + SSL_LOCK_WRITER(ss);
1.2013 +
1.2014 + rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
1.2015 +
1.2016 + SSL_UNLOCK_WRITER(ss);
1.2017 + SSL_UNLOCK_READER(ss);
1.2018 + return rv;
1.2019 +}
1.2020 +
1.2021 +static PRStatus PR_CALLBACK
1.2022 +ssl_Shutdown(PRFileDesc *fd, PRIntn how)
1.2023 +{
1.2024 + sslSocket * ss = ssl_GetPrivate(fd);
1.2025 + PRStatus rv;
1.2026 +
1.2027 + if (!ss) {
1.2028 + SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd));
1.2029 + return PR_FAILURE;
1.2030 + }
1.2031 + if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
1.2032 + SSL_LOCK_READER(ss);
1.2033 + }
1.2034 + if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
1.2035 + SSL_LOCK_WRITER(ss);
1.2036 + }
1.2037 +
1.2038 + rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
1.2039 +
1.2040 + if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
1.2041 + SSL_UNLOCK_WRITER(ss);
1.2042 + }
1.2043 + if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
1.2044 + SSL_UNLOCK_READER(ss);
1.2045 + }
1.2046 + return rv;
1.2047 +}
1.2048 +
1.2049 +static PRStatus PR_CALLBACK
1.2050 +ssl_Close(PRFileDesc *fd)
1.2051 +{
1.2052 + sslSocket *ss;
1.2053 + PRStatus rv;
1.2054 +
1.2055 + ss = ssl_GetPrivate(fd);
1.2056 + if (!ss) {
1.2057 + SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd));
1.2058 + return PR_FAILURE;
1.2059 + }
1.2060 +
1.2061 + /* There must not be any I/O going on */
1.2062 + SSL_LOCK_READER(ss);
1.2063 + SSL_LOCK_WRITER(ss);
1.2064 +
1.2065 + /* By the time this function returns,
1.2066 + ** ss is an invalid pointer, and the locks to which it points have
1.2067 + ** been unlocked and freed. So, this is the ONE PLACE in all of SSL
1.2068 + ** where the LOCK calls and the corresponding UNLOCK calls are not in
1.2069 + ** the same function scope. The unlock calls are in ssl_FreeSocket().
1.2070 + */
1.2071 + rv = (PRStatus)(*ss->ops->close)(ss);
1.2072 +
1.2073 + return rv;
1.2074 +}
1.2075 +
1.2076 +static int PR_CALLBACK
1.2077 +ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags,
1.2078 + PRIntervalTime timeout)
1.2079 +{
1.2080 + sslSocket *ss;
1.2081 + int rv;
1.2082 +
1.2083 + ss = ssl_GetPrivate(fd);
1.2084 + if (!ss) {
1.2085 + SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd));
1.2086 + return SECFailure;
1.2087 + }
1.2088 + SSL_LOCK_READER(ss);
1.2089 + ss->rTimeout = timeout;
1.2090 + if (!ss->opt.fdx)
1.2091 + ss->wTimeout = timeout;
1.2092 + rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags);
1.2093 + SSL_UNLOCK_READER(ss);
1.2094 + return rv;
1.2095 +}
1.2096 +
1.2097 +static int PR_CALLBACK
1.2098 +ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags,
1.2099 + PRIntervalTime timeout)
1.2100 +{
1.2101 + sslSocket *ss;
1.2102 + int rv;
1.2103 +
1.2104 + ss = ssl_GetPrivate(fd);
1.2105 + if (!ss) {
1.2106 + SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd));
1.2107 + return SECFailure;
1.2108 + }
1.2109 + SSL_LOCK_WRITER(ss);
1.2110 + ss->wTimeout = timeout;
1.2111 + if (!ss->opt.fdx)
1.2112 + ss->rTimeout = timeout;
1.2113 + rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags);
1.2114 + SSL_UNLOCK_WRITER(ss);
1.2115 + return rv;
1.2116 +}
1.2117 +
1.2118 +static int PR_CALLBACK
1.2119 +ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len)
1.2120 +{
1.2121 + sslSocket *ss;
1.2122 + int rv;
1.2123 +
1.2124 + ss = ssl_GetPrivate(fd);
1.2125 + if (!ss) {
1.2126 + SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd));
1.2127 + return SECFailure;
1.2128 + }
1.2129 + SSL_LOCK_READER(ss);
1.2130 + ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2131 + if (!ss->opt.fdx)
1.2132 + ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2133 + rv = (*ss->ops->read)(ss, (unsigned char*)buf, len);
1.2134 + SSL_UNLOCK_READER(ss);
1.2135 + return rv;
1.2136 +}
1.2137 +
1.2138 +static int PR_CALLBACK
1.2139 +ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len)
1.2140 +{
1.2141 + sslSocket *ss;
1.2142 + int rv;
1.2143 +
1.2144 + ss = ssl_GetPrivate(fd);
1.2145 + if (!ss) {
1.2146 + SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd));
1.2147 + return SECFailure;
1.2148 + }
1.2149 + SSL_LOCK_WRITER(ss);
1.2150 + ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2151 + if (!ss->opt.fdx)
1.2152 + ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2153 + rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len);
1.2154 + SSL_UNLOCK_WRITER(ss);
1.2155 + return rv;
1.2156 +}
1.2157 +
1.2158 +static PRStatus PR_CALLBACK
1.2159 +ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr)
1.2160 +{
1.2161 + sslSocket *ss;
1.2162 +
1.2163 + ss = ssl_GetPrivate(fd);
1.2164 + if (!ss) {
1.2165 + SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd));
1.2166 + return PR_FAILURE;
1.2167 + }
1.2168 + return (PRStatus)(*ss->ops->getpeername)(ss, addr);
1.2169 +}
1.2170 +
1.2171 +/*
1.2172 +*/
1.2173 +SECStatus
1.2174 +ssl_GetPeerInfo(sslSocket *ss)
1.2175 +{
1.2176 + PRFileDesc * osfd;
1.2177 + int rv;
1.2178 + PRNetAddr sin;
1.2179 +
1.2180 + osfd = ss->fd->lower;
1.2181 +
1.2182 + PORT_Memset(&sin, 0, sizeof(sin));
1.2183 + rv = osfd->methods->getpeername(osfd, &sin);
1.2184 + if (rv < 0) {
1.2185 + return SECFailure;
1.2186 + }
1.2187 + ss->TCPconnected = 1;
1.2188 + if (sin.inet.family == PR_AF_INET) {
1.2189 + PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer);
1.2190 + ss->sec.ci.port = sin.inet.port;
1.2191 + } else if (sin.ipv6.family == PR_AF_INET6) {
1.2192 + ss->sec.ci.peer = sin.ipv6.ip;
1.2193 + ss->sec.ci.port = sin.ipv6.port;
1.2194 + } else {
1.2195 + PORT_SetError(PR_ADDRESS_NOT_SUPPORTED_ERROR);
1.2196 + return SECFailure;
1.2197 + }
1.2198 + return SECSuccess;
1.2199 +}
1.2200 +
1.2201 +static PRStatus PR_CALLBACK
1.2202 +ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name)
1.2203 +{
1.2204 + sslSocket *ss;
1.2205 +
1.2206 + ss = ssl_GetPrivate(fd);
1.2207 + if (!ss) {
1.2208 + SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd));
1.2209 + return PR_FAILURE;
1.2210 + }
1.2211 + return (PRStatus)(*ss->ops->getsockname)(ss, name);
1.2212 +}
1.2213 +
1.2214 +SECStatus
1.2215 +SSL_SetStapledOCSPResponses(PRFileDesc *fd, const SECItemArray *responses,
1.2216 + SSLKEAType kea)
1.2217 +{
1.2218 + sslSocket *ss;
1.2219 +
1.2220 + ss = ssl_FindSocket(fd);
1.2221 + if (!ss) {
1.2222 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetStapledOCSPResponses",
1.2223 + SSL_GETPID(), fd));
1.2224 + return SECFailure;
1.2225 + }
1.2226 +
1.2227 + if ( kea <= 0 || kea >= kt_kea_size) {
1.2228 + SSL_DBG(("%d: SSL[%d]: invalid key in SSL_SetStapledOCSPResponses",
1.2229 + SSL_GETPID(), fd));
1.2230 + return SECFailure;
1.2231 + }
1.2232 +
1.2233 + if (ss->certStatusArray[kea]) {
1.2234 + SECITEM_FreeArray(ss->certStatusArray[kea], PR_TRUE);
1.2235 + ss->certStatusArray[kea] = NULL;
1.2236 + }
1.2237 + if (responses) {
1.2238 + ss->certStatusArray[kea] = SECITEM_DupArray(NULL, responses);
1.2239 + }
1.2240 + return (ss->certStatusArray[kea] || !responses) ? SECSuccess : SECFailure;
1.2241 +}
1.2242 +
1.2243 +SECStatus
1.2244 +SSL_SetSockPeerID(PRFileDesc *fd, const char *peerID)
1.2245 +{
1.2246 + sslSocket *ss;
1.2247 +
1.2248 + ss = ssl_FindSocket(fd);
1.2249 + if (!ss) {
1.2250 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSockPeerID",
1.2251 + SSL_GETPID(), fd));
1.2252 + return SECFailure;
1.2253 + }
1.2254 +
1.2255 + if (ss->peerID) {
1.2256 + PORT_Free(ss->peerID);
1.2257 + ss->peerID = NULL;
1.2258 + }
1.2259 + if (peerID)
1.2260 + ss->peerID = PORT_Strdup(peerID);
1.2261 + return (ss->peerID || !peerID) ? SECSuccess : SECFailure;
1.2262 +}
1.2263 +
1.2264 +#define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)
1.2265 +
1.2266 +static PRInt16 PR_CALLBACK
1.2267 +ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
1.2268 +{
1.2269 + sslSocket *ss;
1.2270 + PRInt16 new_flags = how_flags; /* should select on these flags. */
1.2271 + PRNetAddr addr;
1.2272 +
1.2273 + *p_out_flags = 0;
1.2274 + ss = ssl_GetPrivate(fd);
1.2275 + if (!ss) {
1.2276 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll",
1.2277 + SSL_GETPID(), fd));
1.2278 + return 0; /* don't poll on this socket */
1.2279 + }
1.2280 +
1.2281 + if (ss->opt.useSecurity &&
1.2282 + ss->handshaking != sslHandshakingUndetermined &&
1.2283 + !ss->firstHsDone &&
1.2284 + (how_flags & PR_POLL_RW)) {
1.2285 + if (!ss->TCPconnected) {
1.2286 + ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
1.2287 + }
1.2288 + /* If it's not connected, then presumably the application is polling
1.2289 + ** on read or write appropriately, so don't change it.
1.2290 + */
1.2291 + if (ss->TCPconnected) {
1.2292 + if (!ss->handshakeBegun) {
1.2293 + /* If the handshake has not begun, poll on read or write
1.2294 + ** based on the local application's role in the handshake,
1.2295 + ** not based on what the application requested.
1.2296 + */
1.2297 + new_flags &= ~PR_POLL_RW;
1.2298 + if (ss->handshaking == sslHandshakingAsClient) {
1.2299 + new_flags |= PR_POLL_WRITE;
1.2300 + } else { /* handshaking as server */
1.2301 + new_flags |= PR_POLL_READ;
1.2302 + }
1.2303 + } else
1.2304 + /* First handshake is in progress */
1.2305 + if (ss->lastWriteBlocked) {
1.2306 + if (new_flags & PR_POLL_READ) {
1.2307 + /* The caller is waiting for data to be received,
1.2308 + ** but the initial handshake is blocked on write, or the
1.2309 + ** client's first handshake record has not been written.
1.2310 + ** The code should select on write, not read.
1.2311 + */
1.2312 + new_flags ^= PR_POLL_READ; /* don't select on read. */
1.2313 + new_flags |= PR_POLL_WRITE; /* do select on write. */
1.2314 + }
1.2315 + } else if (new_flags & PR_POLL_WRITE) {
1.2316 + /* The caller is trying to write, but the handshake is
1.2317 + ** blocked waiting for data to read, and the first
1.2318 + ** handshake has been sent. So do NOT to poll on write
1.2319 + ** unless we did false start.
1.2320 + */
1.2321 + if (!(ss->version >= SSL_LIBRARY_VERSION_3_0 &&
1.2322 + ss->ssl3.hs.canFalseStart)) {
1.2323 + new_flags ^= PR_POLL_WRITE; /* don't select on write. */
1.2324 + }
1.2325 + new_flags |= PR_POLL_READ; /* do select on read. */
1.2326 + }
1.2327 + }
1.2328 + } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
1.2329 + *p_out_flags = PR_POLL_READ; /* it's ready already. */
1.2330 + return new_flags;
1.2331 + } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
1.2332 + (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
1.2333 + new_flags |= PR_POLL_WRITE; /* also select on write. */
1.2334 + }
1.2335 +
1.2336 + if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
1.2337 + ss->ssl3.hs.restartTarget != NULL) {
1.2338 + /* Read and write will block until the asynchronous callback completes
1.2339 + * (e.g. until SSL_AuthCertificateComplete is called), so don't tell
1.2340 + * the caller to poll the socket unless there is pending write data.
1.2341 + */
1.2342 + if (ss->lastWriteBlocked && ss->pendingBuf.len != 0) {
1.2343 + /* Ignore any newly-received data on the socket, but do wait for
1.2344 + * the socket to become writable again. Here, it is OK for an error
1.2345 + * to be detected, because our logic for sending pending write data
1.2346 + * will allow us to report the error to the caller without the risk
1.2347 + * of the application spinning.
1.2348 + */
1.2349 + new_flags &= (PR_POLL_WRITE | PR_POLL_EXCEPT);
1.2350 + } else {
1.2351 + /* Unfortunately, clearing new_flags will make it impossible for
1.2352 + * the application to detect errors that it would otherwise be
1.2353 + * able to detect with PR_POLL_EXCEPT, until the asynchronous
1.2354 + * callback completes. However, we must clear all the flags to
1.2355 + * prevent the application from spinning (alternating between
1.2356 + * calling PR_Poll that would return PR_POLL_EXCEPT, and send/recv
1.2357 + * which won't actually report the I/O error while we are waiting
1.2358 + * for the asynchronous callback to complete).
1.2359 + */
1.2360 + new_flags = 0;
1.2361 + }
1.2362 + }
1.2363 +
1.2364 + if (new_flags && (fd->lower->methods->poll != NULL)) {
1.2365 + PRInt16 lower_out_flags = 0;
1.2366 + PRInt16 lower_new_flags;
1.2367 + lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags,
1.2368 + &lower_out_flags);
1.2369 + if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) {
1.2370 + PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW;
1.2371 + if (lower_out_flags & PR_POLL_READ)
1.2372 + out_flags |= PR_POLL_WRITE;
1.2373 + if (lower_out_flags & PR_POLL_WRITE)
1.2374 + out_flags |= PR_POLL_READ;
1.2375 + *p_out_flags = out_flags;
1.2376 + new_flags = how_flags;
1.2377 + } else {
1.2378 + *p_out_flags = lower_out_flags;
1.2379 + new_flags = lower_new_flags;
1.2380 + }
1.2381 + }
1.2382 +
1.2383 + return new_flags;
1.2384 +}
1.2385 +
1.2386 +static PRInt32 PR_CALLBACK
1.2387 +ssl_TransmitFile(PRFileDesc *sd, PRFileDesc *fd,
1.2388 + const void *headers, PRInt32 hlen,
1.2389 + PRTransmitFileFlags flags, PRIntervalTime timeout)
1.2390 +{
1.2391 + PRSendFileData sfd;
1.2392 +
1.2393 + sfd.fd = fd;
1.2394 + sfd.file_offset = 0;
1.2395 + sfd.file_nbytes = 0;
1.2396 + sfd.header = headers;
1.2397 + sfd.hlen = hlen;
1.2398 + sfd.trailer = NULL;
1.2399 + sfd.tlen = 0;
1.2400 +
1.2401 + return sd->methods->sendfile(sd, &sfd, flags, timeout);
1.2402 +}
1.2403 +
1.2404 +
1.2405 +PRBool
1.2406 +ssl_FdIsBlocking(PRFileDesc *fd)
1.2407 +{
1.2408 + PRSocketOptionData opt;
1.2409 + PRStatus status;
1.2410 +
1.2411 + opt.option = PR_SockOpt_Nonblocking;
1.2412 + opt.value.non_blocking = PR_FALSE;
1.2413 + status = PR_GetSocketOption(fd, &opt);
1.2414 + if (status != PR_SUCCESS)
1.2415 + return PR_FALSE;
1.2416 + return (PRBool)!opt.value.non_blocking;
1.2417 +}
1.2418 +
1.2419 +PRBool
1.2420 +ssl_SocketIsBlocking(sslSocket *ss)
1.2421 +{
1.2422 + return ssl_FdIsBlocking(ss->fd);
1.2423 +}
1.2424 +
1.2425 +PRInt32 sslFirstBufSize = 8 * 1024;
1.2426 +PRInt32 sslCopyLimit = 1024;
1.2427 +
1.2428 +static PRInt32 PR_CALLBACK
1.2429 +ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors,
1.2430 + PRIntervalTime timeout)
1.2431 +{
1.2432 + PRInt32 i;
1.2433 + PRInt32 bufLen;
1.2434 + PRInt32 left;
1.2435 + PRInt32 rv;
1.2436 + PRInt32 sent = 0;
1.2437 + const PRInt32 first_len = sslFirstBufSize;
1.2438 + const PRInt32 limit = sslCopyLimit;
1.2439 + PRBool blocking;
1.2440 + PRIOVec myIov = { 0, 0 };
1.2441 + char buf[MAX_FRAGMENT_LENGTH];
1.2442 +
1.2443 + if (vectors < 0) {
1.2444 + PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
1.2445 + return -1;
1.2446 + }
1.2447 + if (vectors > PR_MAX_IOVECTOR_SIZE) {
1.2448 + PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
1.2449 + return -1;
1.2450 + }
1.2451 + for (i = 0; i < vectors; i++) {
1.2452 + if (iov[i].iov_len < 0) {
1.2453 + PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
1.2454 + return -1;
1.2455 + }
1.2456 + }
1.2457 + blocking = ssl_FdIsBlocking(fd);
1.2458 +
1.2459 +#define K16 sizeof(buf)
1.2460 +#define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; }
1.2461 +#define GET_VECTOR do { myIov = *iov++; --vectors; KILL_VECTORS } while (0)
1.2462 +#define HANDLE_ERR(rv, len) \
1.2463 + if (rv != len) { \
1.2464 + if (rv < 0) { \
1.2465 + if (!blocking \
1.2466 + && (PR_GetError() == PR_WOULD_BLOCK_ERROR) \
1.2467 + && (sent > 0)) { \
1.2468 + return sent; \
1.2469 + } else { \
1.2470 + return -1; \
1.2471 + } \
1.2472 + } \
1.2473 + /* Only a nonblocking socket can have partial sends */ \
1.2474 + PR_ASSERT(!blocking); \
1.2475 + return sent + rv; \
1.2476 + }
1.2477 +#define SEND(bfr, len) \
1.2478 + do { \
1.2479 + rv = ssl_Send(fd, bfr, len, 0, timeout); \
1.2480 + HANDLE_ERR(rv, len) \
1.2481 + sent += len; \
1.2482 + } while (0)
1.2483 +
1.2484 + /* Make sure the first write is at least 8 KB, if possible. */
1.2485 + KILL_VECTORS
1.2486 + if (!vectors)
1.2487 + return ssl_Send(fd, 0, 0, 0, timeout);
1.2488 + GET_VECTOR;
1.2489 + if (!vectors) {
1.2490 + return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout);
1.2491 + }
1.2492 + if (myIov.iov_len < first_len) {
1.2493 + PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
1.2494 + bufLen = myIov.iov_len;
1.2495 + left = first_len - bufLen;
1.2496 + while (vectors && left) {
1.2497 + int toCopy;
1.2498 + GET_VECTOR;
1.2499 + toCopy = PR_MIN(left, myIov.iov_len);
1.2500 + PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy);
1.2501 + bufLen += toCopy;
1.2502 + left -= toCopy;
1.2503 + myIov.iov_base += toCopy;
1.2504 + myIov.iov_len -= toCopy;
1.2505 + }
1.2506 + SEND( buf, bufLen );
1.2507 + }
1.2508 +
1.2509 + while (vectors || myIov.iov_len) {
1.2510 + PRInt32 addLen;
1.2511 + if (!myIov.iov_len) {
1.2512 + GET_VECTOR;
1.2513 + }
1.2514 + while (myIov.iov_len >= K16) {
1.2515 + SEND(myIov.iov_base, K16);
1.2516 + myIov.iov_base += K16;
1.2517 + myIov.iov_len -= K16;
1.2518 + }
1.2519 + if (!myIov.iov_len)
1.2520 + continue;
1.2521 +
1.2522 + if (!vectors || myIov.iov_len > limit) {
1.2523 + addLen = 0;
1.2524 + } else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) {
1.2525 + /* Addlen is already computed. */;
1.2526 + } else if (vectors > 1 &&
1.2527 + iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) {
1.2528 + addLen = limit - myIov.iov_len;
1.2529 + } else
1.2530 + addLen = 0;
1.2531 +
1.2532 + if (!addLen) {
1.2533 + SEND( myIov.iov_base, myIov.iov_len );
1.2534 + myIov.iov_len = 0;
1.2535 + continue;
1.2536 + }
1.2537 + PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
1.2538 + bufLen = myIov.iov_len;
1.2539 + do {
1.2540 + GET_VECTOR;
1.2541 + PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen);
1.2542 + myIov.iov_base += addLen;
1.2543 + myIov.iov_len -= addLen;
1.2544 + bufLen += addLen;
1.2545 +
1.2546 + left = PR_MIN( limit, K16 - bufLen);
1.2547 + if (!vectors /* no more left */
1.2548 + || myIov.iov_len > 0 /* we didn't use that one all up */
1.2549 + || bufLen >= K16 /* it's full. */
1.2550 + ) {
1.2551 + addLen = 0;
1.2552 + } else if ((addLen = iov->iov_len % K16) <= left) {
1.2553 + /* Addlen is already computed. */;
1.2554 + } else if (vectors > 1 &&
1.2555 + iov[1].iov_len % K16 + addLen <= left + limit) {
1.2556 + addLen = left;
1.2557 + } else
1.2558 + addLen = 0;
1.2559 +
1.2560 + } while (addLen);
1.2561 + SEND( buf, bufLen );
1.2562 + }
1.2563 + return sent;
1.2564 +}
1.2565 +
1.2566 +/*
1.2567 + * These functions aren't implemented.
1.2568 + */
1.2569 +
1.2570 +static PRInt32 PR_CALLBACK
1.2571 +ssl_Available(PRFileDesc *fd)
1.2572 +{
1.2573 + PORT_Assert(0);
1.2574 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2575 + return SECFailure;
1.2576 +}
1.2577 +
1.2578 +static PRInt64 PR_CALLBACK
1.2579 +ssl_Available64(PRFileDesc *fd)
1.2580 +{
1.2581 + PRInt64 res;
1.2582 +
1.2583 + PORT_Assert(0);
1.2584 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2585 + LL_I2L(res, -1L);
1.2586 + return res;
1.2587 +}
1.2588 +
1.2589 +static PRStatus PR_CALLBACK
1.2590 +ssl_FSync(PRFileDesc *fd)
1.2591 +{
1.2592 + PORT_Assert(0);
1.2593 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2594 + return PR_FAILURE;
1.2595 +}
1.2596 +
1.2597 +static PRInt32 PR_CALLBACK
1.2598 +ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how) {
1.2599 + PORT_Assert(0);
1.2600 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2601 + return SECFailure;
1.2602 +}
1.2603 +
1.2604 +static PRInt64 PR_CALLBACK
1.2605 +ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how) {
1.2606 + PRInt64 res;
1.2607 +
1.2608 + PORT_Assert(0);
1.2609 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2610 + LL_I2L(res, -1L);
1.2611 + return res;
1.2612 +}
1.2613 +
1.2614 +static PRStatus PR_CALLBACK
1.2615 +ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info)
1.2616 +{
1.2617 + PORT_Assert(0);
1.2618 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2619 + return PR_FAILURE;
1.2620 +}
1.2621 +
1.2622 +static PRStatus PR_CALLBACK
1.2623 +ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info)
1.2624 +{
1.2625 + PORT_Assert(0);
1.2626 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2627 + return PR_FAILURE;
1.2628 +}
1.2629 +
1.2630 +static PRInt32 PR_CALLBACK
1.2631 +ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags,
1.2632 + PRNetAddr *addr, PRIntervalTime timeout)
1.2633 +{
1.2634 + PORT_Assert(0);
1.2635 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2636 + return SECFailure;
1.2637 +}
1.2638 +
1.2639 +static PRInt32 PR_CALLBACK
1.2640 +ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags,
1.2641 + const PRNetAddr *addr, PRIntervalTime timeout)
1.2642 +{
1.2643 + PORT_Assert(0);
1.2644 + PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
1.2645 + return SECFailure;
1.2646 +}
1.2647 +
1.2648 +static const PRIOMethods ssl_methods = {
1.2649 + PR_DESC_LAYERED,
1.2650 + ssl_Close, /* close */
1.2651 + ssl_Read, /* read */
1.2652 + ssl_Write, /* write */
1.2653 + ssl_Available, /* available */
1.2654 + ssl_Available64, /* available64 */
1.2655 + ssl_FSync, /* fsync */
1.2656 + ssl_Seek, /* seek */
1.2657 + ssl_Seek64, /* seek64 */
1.2658 + ssl_FileInfo, /* fileInfo */
1.2659 + ssl_FileInfo64, /* fileInfo64 */
1.2660 + ssl_WriteV, /* writev */
1.2661 + ssl_Connect, /* connect */
1.2662 + ssl_Accept, /* accept */
1.2663 + ssl_Bind, /* bind */
1.2664 + ssl_Listen, /* listen */
1.2665 + ssl_Shutdown, /* shutdown */
1.2666 + ssl_Recv, /* recv */
1.2667 + ssl_Send, /* send */
1.2668 + ssl_RecvFrom, /* recvfrom */
1.2669 + ssl_SendTo, /* sendto */
1.2670 + ssl_Poll, /* poll */
1.2671 + PR_EmulateAcceptRead, /* acceptread */
1.2672 + ssl_TransmitFile, /* transmitfile */
1.2673 + ssl_GetSockName, /* getsockname */
1.2674 + ssl_GetPeerName, /* getpeername */
1.2675 + NULL, /* getsockopt OBSOLETE */
1.2676 + NULL, /* setsockopt OBSOLETE */
1.2677 + NULL, /* getsocketoption */
1.2678 + NULL, /* setsocketoption */
1.2679 + PR_EmulateSendFile, /* Send a (partial) file with header/trailer*/
1.2680 + NULL, /* reserved for future use */
1.2681 + NULL, /* reserved for future use */
1.2682 + NULL, /* reserved for future use */
1.2683 + NULL, /* reserved for future use */
1.2684 + NULL /* reserved for future use */
1.2685 +};
1.2686 +
1.2687 +
1.2688 +static PRIOMethods combined_methods;
1.2689 +
1.2690 +static void
1.2691 +ssl_SetupIOMethods(void)
1.2692 +{
1.2693 + PRIOMethods *new_methods = &combined_methods;
1.2694 + const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods();
1.2695 + const PRIOMethods *my_methods = &ssl_methods;
1.2696 +
1.2697 + *new_methods = *nspr_methods;
1.2698 +
1.2699 + new_methods->file_type = my_methods->file_type;
1.2700 + new_methods->close = my_methods->close;
1.2701 + new_methods->read = my_methods->read;
1.2702 + new_methods->write = my_methods->write;
1.2703 + new_methods->available = my_methods->available;
1.2704 + new_methods->available64 = my_methods->available64;
1.2705 + new_methods->fsync = my_methods->fsync;
1.2706 + new_methods->seek = my_methods->seek;
1.2707 + new_methods->seek64 = my_methods->seek64;
1.2708 + new_methods->fileInfo = my_methods->fileInfo;
1.2709 + new_methods->fileInfo64 = my_methods->fileInfo64;
1.2710 + new_methods->writev = my_methods->writev;
1.2711 + new_methods->connect = my_methods->connect;
1.2712 + new_methods->accept = my_methods->accept;
1.2713 + new_methods->bind = my_methods->bind;
1.2714 + new_methods->listen = my_methods->listen;
1.2715 + new_methods->shutdown = my_methods->shutdown;
1.2716 + new_methods->recv = my_methods->recv;
1.2717 + new_methods->send = my_methods->send;
1.2718 + new_methods->recvfrom = my_methods->recvfrom;
1.2719 + new_methods->sendto = my_methods->sendto;
1.2720 + new_methods->poll = my_methods->poll;
1.2721 + new_methods->acceptread = my_methods->acceptread;
1.2722 + new_methods->transmitfile = my_methods->transmitfile;
1.2723 + new_methods->getsockname = my_methods->getsockname;
1.2724 + new_methods->getpeername = my_methods->getpeername;
1.2725 +/* new_methods->getsocketoption = my_methods->getsocketoption; */
1.2726 +/* new_methods->setsocketoption = my_methods->setsocketoption; */
1.2727 + new_methods->sendfile = my_methods->sendfile;
1.2728 +
1.2729 +}
1.2730 +
1.2731 +static PRCallOnceType initIoLayerOnce;
1.2732 +
1.2733 +static PRStatus
1.2734 +ssl_InitIOLayer(void)
1.2735 +{
1.2736 + ssl_layer_id = PR_GetUniqueIdentity("SSL");
1.2737 + ssl_SetupIOMethods();
1.2738 + ssl_inited = PR_TRUE;
1.2739 + return PR_SUCCESS;
1.2740 +}
1.2741 +
1.2742 +static PRStatus
1.2743 +ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id)
1.2744 +{
1.2745 + PRFileDesc *layer = NULL;
1.2746 + PRStatus status;
1.2747 +
1.2748 + if (!ssl_inited) {
1.2749 + status = PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer);
1.2750 + if (status != PR_SUCCESS)
1.2751 + goto loser;
1.2752 + }
1.2753 +
1.2754 + if (ns == NULL)
1.2755 + goto loser;
1.2756 +
1.2757 + layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods);
1.2758 + if (layer == NULL)
1.2759 + goto loser;
1.2760 + layer->secret = (PRFilePrivate *)ns;
1.2761 +
1.2762 + /* Here, "stack" points to the PRFileDesc on the top of the stack.
1.2763 + ** "layer" points to a new FD that is to be inserted into the stack.
1.2764 + ** If layer is being pushed onto the top of the stack, then
1.2765 + ** PR_PushIOLayer switches the contents of stack and layer, and then
1.2766 + ** puts stack on top of layer, so that after it is done, the top of
1.2767 + ** stack is the same "stack" as it was before, and layer is now the
1.2768 + ** FD for the former top of stack.
1.2769 + ** After this call, stack always points to the top PRFD on the stack.
1.2770 + ** If this function fails, the contents of stack and layer are as
1.2771 + ** they were before the call.
1.2772 + */
1.2773 + status = PR_PushIOLayer(stack, id, layer);
1.2774 + if (status != PR_SUCCESS)
1.2775 + goto loser;
1.2776 +
1.2777 + ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer;
1.2778 + return PR_SUCCESS;
1.2779 +
1.2780 +loser:
1.2781 + if (layer) {
1.2782 + layer->dtor(layer); /* free layer */
1.2783 + }
1.2784 + return PR_FAILURE;
1.2785 +}
1.2786 +
1.2787 +/* if this fails, caller must destroy socket. */
1.2788 +static SECStatus
1.2789 +ssl_MakeLocks(sslSocket *ss)
1.2790 +{
1.2791 + ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
1.2792 + if (!ss->firstHandshakeLock)
1.2793 + goto loser;
1.2794 + ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL);
1.2795 + if (!ss->ssl3HandshakeLock)
1.2796 + goto loser;
1.2797 + ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
1.2798 + if (!ss->specLock)
1.2799 + goto loser;
1.2800 + ss->recvBufLock = PZ_NewMonitor(nssILockSSL);
1.2801 + if (!ss->recvBufLock)
1.2802 + goto loser;
1.2803 + ss->xmitBufLock = PZ_NewMonitor(nssILockSSL);
1.2804 + if (!ss->xmitBufLock)
1.2805 + goto loser;
1.2806 + ss->writerThread = NULL;
1.2807 + if (ssl_lock_readers) {
1.2808 + ss->recvLock = PZ_NewLock(nssILockSSL);
1.2809 + if (!ss->recvLock)
1.2810 + goto loser;
1.2811 + ss->sendLock = PZ_NewLock(nssILockSSL);
1.2812 + if (!ss->sendLock)
1.2813 + goto loser;
1.2814 + }
1.2815 + return SECSuccess;
1.2816 +loser:
1.2817 + ssl_DestroyLocks(ss);
1.2818 + return SECFailure;
1.2819 +}
1.2820 +
1.2821 +#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS)
1.2822 +#define NSS_HAVE_GETENV 1
1.2823 +#endif
1.2824 +
1.2825 +#define LOWER(x) (x | 0x20) /* cheap ToLower function ignores LOCALE */
1.2826 +
1.2827 +static void
1.2828 +ssl_SetDefaultsFromEnvironment(void)
1.2829 +{
1.2830 +#if defined( NSS_HAVE_GETENV )
1.2831 + static int firsttime = 1;
1.2832 +
1.2833 + if (firsttime) {
1.2834 + char * ev;
1.2835 + firsttime = 0;
1.2836 +#ifdef DEBUG
1.2837 + ev = getenv("SSLDEBUGFILE");
1.2838 + if (ev && ev[0]) {
1.2839 + ssl_trace_iob = fopen(ev, "w");
1.2840 + }
1.2841 + if (!ssl_trace_iob) {
1.2842 + ssl_trace_iob = stderr;
1.2843 + }
1.2844 +#ifdef TRACE
1.2845 + ev = getenv("SSLTRACE");
1.2846 + if (ev && ev[0]) {
1.2847 + ssl_trace = atoi(ev);
1.2848 + SSL_TRACE(("SSL: tracing set to %d", ssl_trace));
1.2849 + }
1.2850 +#endif /* TRACE */
1.2851 + ev = getenv("SSLDEBUG");
1.2852 + if (ev && ev[0]) {
1.2853 + ssl_debug = atoi(ev);
1.2854 + SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
1.2855 + }
1.2856 +#endif /* DEBUG */
1.2857 + ev = getenv("SSLKEYLOGFILE");
1.2858 + if (ev && ev[0]) {
1.2859 + ssl_keylog_iob = fopen(ev, "a");
1.2860 + if (!ssl_keylog_iob) {
1.2861 + SSL_TRACE(("SSL: failed to open key log file"));
1.2862 + } else {
1.2863 + if (ftell(ssl_keylog_iob) == 0) {
1.2864 + fputs("# SSL/TLS secrets log file, generated by NSS\n",
1.2865 + ssl_keylog_iob);
1.2866 + }
1.2867 + SSL_TRACE(("SSL: logging SSL/TLS secrets to %s", ev));
1.2868 + }
1.2869 + }
1.2870 +#ifndef NO_PKCS11_BYPASS
1.2871 + ev = getenv("SSLBYPASS");
1.2872 + if (ev && ev[0]) {
1.2873 + ssl_defaults.bypassPKCS11 = (ev[0] == '1');
1.2874 + SSL_TRACE(("SSL: bypass default set to %d", \
1.2875 + ssl_defaults.bypassPKCS11));
1.2876 + }
1.2877 +#endif /* NO_PKCS11_BYPASS */
1.2878 + ev = getenv("SSLFORCELOCKS");
1.2879 + if (ev && ev[0] == '1') {
1.2880 + ssl_force_locks = PR_TRUE;
1.2881 + ssl_defaults.noLocks = 0;
1.2882 + strcpy(lockStatus + LOCKSTATUS_OFFSET, "FORCED. ");
1.2883 + SSL_TRACE(("SSL: force_locks set to %d", ssl_force_locks));
1.2884 + }
1.2885 + ev = getenv("NSS_SSL_ENABLE_RENEGOTIATION");
1.2886 + if (ev) {
1.2887 + if (ev[0] == '1' || LOWER(ev[0]) == 'u')
1.2888 + ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_UNRESTRICTED;
1.2889 + else if (ev[0] == '0' || LOWER(ev[0]) == 'n')
1.2890 + ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_NEVER;
1.2891 + else if (ev[0] == '2' || LOWER(ev[0]) == 'r')
1.2892 + ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN;
1.2893 + else if (ev[0] == '3' || LOWER(ev[0]) == 't')
1.2894 + ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_TRANSITIONAL;
1.2895 + SSL_TRACE(("SSL: enableRenegotiation set to %d",
1.2896 + ssl_defaults.enableRenegotiation));
1.2897 + }
1.2898 + ev = getenv("NSS_SSL_REQUIRE_SAFE_NEGOTIATION");
1.2899 + if (ev && ev[0] == '1') {
1.2900 + ssl_defaults.requireSafeNegotiation = PR_TRUE;
1.2901 + SSL_TRACE(("SSL: requireSafeNegotiation set to %d",
1.2902 + PR_TRUE));
1.2903 + }
1.2904 + ev = getenv("NSS_SSL_CBC_RANDOM_IV");
1.2905 + if (ev && ev[0] == '0') {
1.2906 + ssl_defaults.cbcRandomIV = PR_FALSE;
1.2907 + SSL_TRACE(("SSL: cbcRandomIV set to 0"));
1.2908 + }
1.2909 + }
1.2910 +#endif /* NSS_HAVE_GETENV */
1.2911 +}
1.2912 +
1.2913 +/*
1.2914 +** Create a newsocket structure for a file descriptor.
1.2915 +*/
1.2916 +static sslSocket *
1.2917 +ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protocolVariant)
1.2918 +{
1.2919 + sslSocket *ss;
1.2920 +
1.2921 + ssl_SetDefaultsFromEnvironment();
1.2922 +
1.2923 + if (ssl_force_locks)
1.2924 + makeLocks = PR_TRUE;
1.2925 +
1.2926 + /* Make a new socket and get it ready */
1.2927 + ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket));
1.2928 + if (ss) {
1.2929 + /* This should be of type SSLKEAType, but CC on IRIX
1.2930 + * complains during the for loop.
1.2931 + */
1.2932 + int i;
1.2933 + SECStatus status;
1.2934 +
1.2935 + ss->opt = ssl_defaults;
1.2936 + ss->opt.useSocks = PR_FALSE;
1.2937 + ss->opt.noLocks = !makeLocks;
1.2938 + ss->vrange = *VERSIONS_DEFAULTS(protocolVariant);
1.2939 + ss->protocolVariant = protocolVariant;
1.2940 +
1.2941 + ss->peerID = NULL;
1.2942 + ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2943 + ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2944 + ss->cTimeout = PR_INTERVAL_NO_TIMEOUT;
1.2945 + ss->cipherSpecs = NULL;
1.2946 + ss->sizeCipherSpecs = 0; /* produced lazily */
1.2947 + ss->preferredCipher = NULL;
1.2948 + ss->url = NULL;
1.2949 +
1.2950 + for (i=kt_null; i < kt_kea_size; i++) {
1.2951 + sslServerCerts * sc = ss->serverCerts + i;
1.2952 + sc->serverCert = NULL;
1.2953 + sc->serverCertChain = NULL;
1.2954 + sc->serverKeyPair = NULL;
1.2955 + sc->serverKeyBits = 0;
1.2956 + ss->certStatusArray[i] = NULL;
1.2957 + }
1.2958 + ss->stepDownKeyPair = NULL;
1.2959 + ss->dbHandle = CERT_GetDefaultCertDB();
1.2960 +
1.2961 + /* Provide default implementation of hooks */
1.2962 + ss->authCertificate = SSL_AuthCertificate;
1.2963 + ss->authCertificateArg = (void *)ss->dbHandle;
1.2964 + ss->sniSocketConfig = NULL;
1.2965 + ss->sniSocketConfigArg = NULL;
1.2966 + ss->getClientAuthData = NULL;
1.2967 + ss->handleBadCert = NULL;
1.2968 + ss->badCertArg = NULL;
1.2969 + ss->pkcs11PinArg = NULL;
1.2970 + ss->ephemeralECDHKeyPair = NULL;
1.2971 +
1.2972 + ssl_ChooseOps(ss);
1.2973 + ssl2_InitSocketPolicy(ss);
1.2974 + ssl3_InitSocketPolicy(ss);
1.2975 + PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight);
1.2976 +
1.2977 + if (makeLocks) {
1.2978 + status = ssl_MakeLocks(ss);
1.2979 + if (status != SECSuccess)
1.2980 + goto loser;
1.2981 + }
1.2982 + status = ssl_CreateSecurityInfo(ss);
1.2983 + if (status != SECSuccess)
1.2984 + goto loser;
1.2985 + status = ssl_InitGather(&ss->gs);
1.2986 + if (status != SECSuccess) {
1.2987 +loser:
1.2988 + ssl_DestroySocketContents(ss);
1.2989 + ssl_DestroyLocks(ss);
1.2990 + PORT_Free(ss);
1.2991 + ss = NULL;
1.2992 + }
1.2993 + }
1.2994 + return ss;
1.2995 +}
