michael@0: /* michael@0: * Accessor functions for SSLSocket private members. michael@0: * michael@0: * This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "cert.h" michael@0: #include "ssl.h" michael@0: #include "certt.h" michael@0: #include "sslimpl.h" michael@0: michael@0: /* given PRFileDesc, returns a copy of certificate associated with the socket michael@0: * the caller should delete the cert when done with SSL_DestroyCertificate michael@0: */ michael@0: CERTCertificate * michael@0: SSL_RevealCert(PRFileDesc * fd) michael@0: { michael@0: CERTCertificate * cert = NULL; michael@0: sslSocket * sslsocket = NULL; michael@0: michael@0: sslsocket = ssl_FindSocket(fd); michael@0: michael@0: /* CERT_DupCertificate increases reference count and returns pointer to michael@0: * the same cert michael@0: */ michael@0: if (sslsocket && sslsocket->sec.peerCert) michael@0: cert = CERT_DupCertificate(sslsocket->sec.peerCert); michael@0: michael@0: return cert; michael@0: } michael@0: michael@0: /* given PRFileDesc, returns a pointer to PinArg associated with the socket michael@0: */ michael@0: void * michael@0: SSL_RevealPinArg(PRFileDesc * fd) michael@0: { michael@0: sslSocket * sslsocket = NULL; michael@0: void * PinArg = NULL; michael@0: michael@0: sslsocket = ssl_FindSocket(fd); michael@0: michael@0: /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ michael@0: if (sslsocket) michael@0: PinArg = sslsocket->pkcs11PinArg; michael@0: michael@0: return PinArg; michael@0: } michael@0: michael@0: michael@0: /* given PRFileDesc, returns a pointer to the URL associated with the socket michael@0: * the caller should free url when done michael@0: */ michael@0: char * michael@0: SSL_RevealURL(PRFileDesc * fd) michael@0: { michael@0: sslSocket * sslsocket = NULL; michael@0: char * url = NULL; michael@0: michael@0: sslsocket = ssl_FindSocket(fd); michael@0: michael@0: if (sslsocket && sslsocket->url) michael@0: url = PL_strdup(sslsocket->url); michael@0: michael@0: return url; michael@0: } michael@0: michael@0: michael@0: /* given PRFileDesc, returns status information related to extensions michael@0: * negotiated with peer during the handshake. michael@0: */ michael@0: michael@0: SECStatus michael@0: SSL_HandshakeNegotiatedExtension(PRFileDesc * socket, michael@0: SSLExtensionType extId, michael@0: PRBool *pYes) michael@0: { michael@0: /* some decisions derived from SSL_GetChannelInfo */ michael@0: sslSocket * sslsocket = NULL; michael@0: michael@0: if (!pYes) { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: return SECFailure; michael@0: } michael@0: michael@0: sslsocket = ssl_FindSocket(socket); michael@0: if (!sslsocket) { michael@0: SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", michael@0: SSL_GETPID(), socket)); michael@0: return SECFailure; michael@0: } michael@0: michael@0: *pYes = PR_FALSE; michael@0: michael@0: /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ michael@0: if (sslsocket->opt.useSecurity) { michael@0: if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ michael@0: /* now we know this socket went through ssl3_InitState() and michael@0: * ss->xtnData got initialized, which is the only member accessed by michael@0: * ssl3_ExtensionNegotiated(); michael@0: * Member xtnData appears to get accessed in functions that handle michael@0: * the handshake (hello messages and extension sending), michael@0: * therefore the handshake lock should be sufficient. michael@0: */ michael@0: ssl_GetSSL3HandshakeLock(sslsocket); michael@0: *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); michael@0: ssl_ReleaseSSL3HandshakeLock(sslsocket); michael@0: } michael@0: } michael@0: michael@0: return SECSuccess; michael@0: }