diff options
author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
---|---|---|
committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
commit | dc1565216a5d20ae0d75872151523252309a1292 (patch) | |
tree | d57454ba9a40386552179eddf60d28bd1e8f3d54 /nss/lib/ssl/sslreveal.c | |
parent | 26c046fbc57d53136b4fb3b5e0d18298318125d4 (diff) | |
download | nss-822b884019ac3b4a984e5d3b33b2cd07bc1518c1.tar.gz |
nss-3.28.1nss-3.28.1
Diffstat (limited to 'nss/lib/ssl/sslreveal.c')
-rw-r--r-- | nss/lib/ssl/sslreveal.c | 146 |
1 files changed, 72 insertions, 74 deletions
diff --git a/nss/lib/ssl/sslreveal.c b/nss/lib/ssl/sslreveal.c index d972998..4c124a1 100644 --- a/nss/lib/ssl/sslreveal.c +++ b/nss/lib/ssl/sslreveal.c @@ -1,4 +1,4 @@ -/* +/* * Accessor functions for SSLSocket private members. * * This Source Code Form is subject to the terms of the Mozilla Public @@ -13,100 +13,98 @@ /* given PRFileDesc, returns a copy of certificate associated with the socket * the caller should delete the cert when done with SSL_DestroyCertificate */ -CERTCertificate * -SSL_RevealCert(PRFileDesc * fd) +CERTCertificate * +SSL_RevealCert(PRFileDesc *fd) { - CERTCertificate * cert = NULL; - sslSocket * sslsocket = NULL; - - sslsocket = ssl_FindSocket(fd); - - /* CERT_DupCertificate increases reference count and returns pointer to - * the same cert - */ - if (sslsocket && sslsocket->sec.peerCert) - cert = CERT_DupCertificate(sslsocket->sec.peerCert); - - return cert; + CERTCertificate *cert = NULL; + sslSocket *sslsocket = NULL; + + sslsocket = ssl_FindSocket(fd); + + /* CERT_DupCertificate increases reference count and returns pointer to + * the same cert + */ + if (sslsocket && sslsocket->sec.peerCert) + cert = CERT_DupCertificate(sslsocket->sec.peerCert); + + return cert; } /* given PRFileDesc, returns a pointer to PinArg associated with the socket */ -void * -SSL_RevealPinArg(PRFileDesc * fd) +void * +SSL_RevealPinArg(PRFileDesc *fd) { - sslSocket * sslsocket = NULL; - void * PinArg = NULL; - - sslsocket = ssl_FindSocket(fd); - - /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ - if (sslsocket) - PinArg = sslsocket->pkcs11PinArg; - - return PinArg; -} + sslSocket *sslsocket = NULL; + void *PinArg = NULL; + + sslsocket = ssl_FindSocket(fd); + /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ + if (sslsocket) + PinArg = sslsocket->pkcs11PinArg; + + return PinArg; +} /* given PRFileDesc, returns a pointer to the URL associated with the socket * the caller should free url when done */ -char * -SSL_RevealURL(PRFileDesc * fd) +char * +SSL_RevealURL(PRFileDesc *fd) { - sslSocket * sslsocket = NULL; - char * url = NULL; - - sslsocket = ssl_FindSocket(fd); - - if (sslsocket && sslsocket->url) - url = PL_strdup(sslsocket->url); - - return url; -} + sslSocket *sslsocket = NULL; + char *url = NULL; + + sslsocket = ssl_FindSocket(fd); + if (sslsocket && sslsocket->url) + url = PL_strdup(sslsocket->url); -/* given PRFileDesc, returns status information related to extensions + return url; +} + +/* given PRFileDesc, returns status information related to extensions * negotiated with peer during the handshake. */ SECStatus -SSL_HandshakeNegotiatedExtension(PRFileDesc * socket, +SSL_HandshakeNegotiatedExtension(PRFileDesc *socket, SSLExtensionType extId, PRBool *pYes) { - /* some decisions derived from SSL_GetChannelInfo */ - sslSocket * sslsocket = NULL; - - if (!pYes) { - PORT_SetError(SEC_ERROR_INVALID_ARGS); - return SECFailure; - } - - sslsocket = ssl_FindSocket(socket); - if (!sslsocket) { - SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", - SSL_GETPID(), socket)); - return SECFailure; - } - - *pYes = PR_FALSE; - - /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ - if (sslsocket->opt.useSecurity) { - if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ - /* now we know this socket went through ssl3_InitState() and - * ss->xtnData got initialized, which is the only member accessed by - * ssl3_ExtensionNegotiated(); - * Member xtnData appears to get accessed in functions that handle - * the handshake (hello messages and extension sending), - * therefore the handshake lock should be sufficient. - */ - ssl_GetSSL3HandshakeLock(sslsocket); - *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); - ssl_ReleaseSSL3HandshakeLock(sslsocket); + /* some decisions derived from SSL_GetChannelInfo */ + sslSocket *sslsocket = NULL; + + if (!pYes) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + sslsocket = ssl_FindSocket(socket); + if (!sslsocket) { + SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", + SSL_GETPID(), socket)); + return SECFailure; + } + + *pYes = PR_FALSE; + + /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ + if (sslsocket->opt.useSecurity) { + if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */ + /* now we know this socket went through ssl3_InitState() and + * ss->xtnData got initialized, which is the only member accessed by + * ssl3_ExtensionNegotiated(); + * Member xtnData appears to get accessed in functions that handle + * the handshake (hello messages and extension sending), + * therefore the handshake lock should be sufficient. + */ + ssl_GetSSL3HandshakeLock(sslsocket); + *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); + ssl_ReleaseSSL3HandshakeLock(sslsocket); + } } - } - return SECSuccess; + return SECSuccess; } |