| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. | 2 * SSL v2 handshake functions, and functions common to SSL2 and SSL3. |
| 3 * | 3 * |
| 4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
| 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 6 * | 6 * |
| 7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
| 8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
| 9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
| 10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
| (...skipping 1231 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1242 */ | 1242 */ |
| 1243 SECStatus | 1243 SECStatus |
| 1244 ssl_GatherRecord1stHandshake(sslSocket *ss) | 1244 ssl_GatherRecord1stHandshake(sslSocket *ss) |
| 1245 { | 1245 { |
| 1246 int rv; | 1246 int rv; |
| 1247 | 1247 |
| 1248 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); | 1248 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); |
| 1249 | 1249 |
| 1250 ssl_GetRecvBufLock(ss); | 1250 ssl_GetRecvBufLock(ss); |
| 1251 | 1251 |
| 1252 if (ss->version >= SSL_LIBRARY_VERSION_3_0) { | 1252 /* The special case DTLS logic is needed here because the |
| 1253 * SSL/TLS version wants to auto-detect SSL2 vs. SSL3 |
| 1254 * on the initial handshake (ss->version == 0) but with DTLS it gets |
| 1255 * confused, so we force the ssl3 version |
| 1256 **/ |
| 1257 if ((ss->version >= SSL_LIBRARY_VERSION_3_0) || IS_DTLS(ss)) { |
| 1253 /* Wait for handshake to complete, or application data to arrive. */ | 1258 /* Wait for handshake to complete, or application data to arrive. */ |
| 1254 rv = ssl3_GatherCompleteHandshake(ss, 0); | 1259 rv = ssl3_GatherCompleteHandshake(ss, 0); |
| 1255 } else { | 1260 } else { |
| 1256 /* See if we have a complete record */ | 1261 /* See if we have a complete record */ |
| 1257 rv = ssl2_GatherRecord(ss, 0); | 1262 rv = ssl2_GatherRecord(ss, 0); |
| 1258 } | 1263 } |
| 1259 SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d", | 1264 SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d", |
| 1260 SSL_GETPID(), ss->fd, rv)); | 1265 SSL_GETPID(), ss->fd, rv)); |
| 1261 | 1266 |
| 1262 ssl_ReleaseRecvBufLock(ss); | 1267 ssl_ReleaseRecvBufLock(ss); |
| (...skipping 1839 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3102 if (ss->peerID != NULL) { | 3107 if (ss->peerID != NULL) { |
| 3103 sid->peerID = PORT_Strdup(ss->peerID); | 3108 sid->peerID = PORT_Strdup(ss->peerID); |
| 3104 } | 3109 } |
| 3105 if (ss->url != NULL) { | 3110 if (ss->url != NULL) { |
| 3106 sid->urlSvrName = PORT_Strdup(ss->url); | 3111 sid->urlSvrName = PORT_Strdup(ss->url); |
| 3107 } | 3112 } |
| 3108 } | 3113 } |
| 3109 ss->sec.ci.sid = sid; | 3114 ss->sec.ci.sid = sid; |
| 3110 | 3115 |
| 3111 PORT_Assert(sid != NULL); | 3116 PORT_Assert(sid != NULL); |
| 3112 | |
| 3113 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello)
&& | 3117 if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->opt.v2CompatibleHello)
&& |
| 3114 !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { | 3118 !SSL3_ALL_VERSIONS_DISABLED(&ss->vrange)) { |
| 3115 ss->gs.state = GS_INIT; | 3119 ss->gs.state = GS_INIT; |
| 3116 ss->handshake = ssl_GatherRecord1stHandshake; | 3120 ss->handshake = ssl_GatherRecord1stHandshake; |
| 3117 | 3121 |
| 3118 /* ssl3_SendClientHello will override this if it succeeds. */ | 3122 /* ssl3_SendClientHello will override this if it succeeds. */ |
| 3119 ss->version = SSL_LIBRARY_VERSION_3_0; | 3123 ss->version = SSL_LIBRARY_VERSION_3_0; |
| 3120 | 3124 |
| 3121 ssl_GetSSL3HandshakeLock(ss); | 3125 ssl_GetSSL3HandshakeLock(ss); |
| 3122 ssl_GetXmitBufLock(ss); | 3126 ssl_GetXmitBufLock(ss); |
| 3123 » rv = ssl3_SendClientHello(ss); | 3127 » rv = ssl3_SendClientHello(ss, PR_FALSE); |
| 3124 ssl_ReleaseXmitBufLock(ss); | 3128 ssl_ReleaseXmitBufLock(ss); |
| 3125 ssl_ReleaseSSL3HandshakeLock(ss); | 3129 ssl_ReleaseSSL3HandshakeLock(ss); |
| 3126 | 3130 |
| 3127 return rv; | 3131 return rv; |
| 3128 } | 3132 } |
| 3129 #if defined(NSS_ENABLE_ECC) && !defined(NSS_ECC_MORE_THAN_SUITE_B) | 3133 #if defined(NSS_ENABLE_ECC) && !defined(NSS_ECC_MORE_THAN_SUITE_B) |
| 3130 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ | 3134 /* ensure we don't neogtiate ECC cipher suites with SSL2 hello */ |
| 3131 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ | 3135 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */ |
| 3132 if (ss->cipherSpecs != NULL) { | 3136 if (ss->cipherSpecs != NULL) { |
| 3133 PORT_Free(ss->cipherSpecs); | 3137 PORT_Free(ss->cipherSpecs); |
| (...skipping 578 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3712 | 3716 |
| 3713 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; | 3717 c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; |
| 3714 return NSS_VersionCheck(importedVersion); | 3718 return NSS_VersionCheck(importedVersion); |
| 3715 } | 3719 } |
| 3716 | 3720 |
| 3717 const char * | 3721 const char * |
| 3718 NSSSSL_GetVersion(void) | 3722 NSSSSL_GetVersion(void) |
| 3719 { | 3723 { |
| 3720 return NSS_VERSION; | 3724 return NSS_VERSION; |
| 3721 } | 3725 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9764001:
Add DTLS support to NSS, contributed by Eric Rescorla. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/