1 /* 2 * vtables (and methods that call through them) for the 4 types of 3 * SSLSockets supported. Only one type is still supported. 4 * Various other functions. 5 * 6 * ***** BEGIN LICENSE BLOCK ***** 7 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 8 * 9 * The contents of this file are subject to the Mozilla Public License Version 10 * 1.1 (the "License"); you may not use this file except in compliance with 11 * the License. You may obtain a copy of the License at 12 * http://www.mozilla.org/MPL/ 13 * 14 * Software distributed under the License is distributed on an "AS IS" basis, 15 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 16 * for the specific language governing rights and limitations under the 17 * License. 18 * 19 * The Original Code is the Netscape security libraries. 20 * 21 * The Initial Developer of the Original Code is 22 * Netscape Communications Corporation. 23 * Portions created by the Initial Developer are Copyright (C) 1994-2000 24 * the Initial Developer. All Rights Reserved. 25 * 26 * Contributor(s): 27 * Dr Stephen Henson <stephen.henson (at) gemplus.com> 28 * Dr Vipul Gupta <vipul.gupta (at) sun.com>, Sun Microsystems Laboratories 29 * 30 * Alternatively, the contents of this file may be used under the terms of 31 * either the GNU General Public License Version 2 or later (the "GPL"), or 32 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 33 * in which case the provisions of the GPL or the LGPL are applicable instead 34 * of those above. If you wish to allow use of your version of this file only 35 * under the terms of either the GPL or the LGPL, and not to allow others to 36 * use your version of this file under the terms of the MPL, indicate your 37 * decision by deleting the provisions above and replace them with the notice 38 * and other provisions required by the GPL or the LGPL. If you do not delete 39 * the provisions above, a recipient may use your version of this file under 40 * the terms of any one of the MPL, the GPL or the LGPL. 41 * 42 * ***** END LICENSE BLOCK ***** */ 43 /* $Id: sslsock.c,v 1.60 2009/11/25 05:24:25 wtc%google.com Exp $ */ 44 #include "seccomon.h" 45 #include "cert.h" 46 #include "keyhi.h" 47 #include "ssl.h" 48 #include "sslimpl.h" 49 #include "sslproto.h" 50 #include "nspr.h" 51 #include "private/pprio.h" 52 #include "blapi.h" 53 #include "nss.h" 54 55 #define SET_ERROR_CODE /* reminder */ 56 57 struct cipherPolicyStr { 58 int cipher; 59 unsigned char export; /* policy value for export policy */ 60 unsigned char france; /* policy value for france policy */ 61 }; 62 63 typedef struct cipherPolicyStr cipherPolicy; 64 65 /* This table contains two preconfigured policies: Export and France. 66 ** It is used only by the functions SSL_SetDomesticPolicy, 67 ** SSL_SetExportPolicy, and SSL_SetFrancyPolicy. 68 ** Order of entries is not important. 69 */ 70 static cipherPolicy ssl_ciphers[] = { /* Export France */ 71 { SSL_EN_RC4_128_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 72 { SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED }, 73 { SSL_EN_RC2_128_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 74 { SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED }, 75 { SSL_EN_DES_64_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 76 { SSL_EN_DES_192_EDE3_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 77 { SSL_RSA_WITH_RC4_128_MD5, SSL_RESTRICTED, SSL_NOT_ALLOWED }, 78 { SSL_RSA_WITH_RC4_128_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED }, 79 { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 80 { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED }, 81 { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 82 { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 83 { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, SSL_ALLOWED }, 84 { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, SSL_ALLOWED }, 85 { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 86 { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 87 { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 88 { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 89 { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 90 { SSL_RSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED }, 91 { SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED, SSL_ALLOWED }, 92 { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 93 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 94 { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 95 { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 96 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 97 { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 98 { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 99 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 100 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 101 { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 102 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 103 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 104 { TLS_RSA_WITH_SEED_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 105 { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED }, 106 { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED }, 107 #ifdef NSS_ENABLE_ECC 108 { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED }, 109 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 110 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 111 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 112 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 113 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED }, 114 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 115 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 116 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 117 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 118 { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED }, 119 { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 120 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 121 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 122 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 123 { TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED }, 124 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 125 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 126 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 127 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }, 128 #endif /* NSS_ENABLE_ECC */ 129 { 0, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED } 130 }; 131 132 static const sslSocketOps ssl_default_ops = { /* No SSL. */ 133 ssl_DefConnect, 134 NULL, 135 ssl_DefBind, 136 ssl_DefListen, 137 ssl_DefShutdown, 138 ssl_DefClose, 139 ssl_DefRecv, 140 ssl_DefSend, 141 ssl_DefRead, 142 ssl_DefWrite, 143 ssl_DefGetpeername, 144 ssl_DefGetsockname 145 }; 146 147 static const sslSocketOps ssl_secure_ops = { /* SSL. */ 148 ssl_SecureConnect, 149 NULL, 150 ssl_DefBind, 151 ssl_DefListen, 152 ssl_SecureShutdown, 153 ssl_SecureClose, 154 ssl_SecureRecv, 155 ssl_SecureSend, 156 ssl_SecureRead, 157 ssl_SecureWrite, 158 ssl_DefGetpeername, 159 ssl_DefGetsockname 160 }; 161 162 /* 163 ** default settings for socket enables 164 */ 165 static sslOptions ssl_defaults = { 166 { siBuffer, NULL, 0 }, /* nextProtoNego */ 167 PR_TRUE, /* useSecurity */ 168 PR_FALSE, /* useSocks */ 169 PR_FALSE, /* requestCertificate */ 170 2, /* requireCertificate */ 171 PR_FALSE, /* handshakeAsClient */ 172 PR_FALSE, /* handshakeAsServer */ 173 PR_TRUE, /* enableSSL2 */ 174 PR_TRUE, /* enableSSL3 */ 175 PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */ 176 PR_FALSE, /* noCache */ 177 PR_FALSE, /* fdx */ 178 PR_TRUE, /* v2CompatibleHello */ 179 PR_TRUE, /* detectRollBack */ 180 PR_FALSE, /* noStepDown */ 181 PR_FALSE, /* bypassPKCS11 */ 182 PR_FALSE, /* noLocks */ 183 PR_FALSE, /* enableSessionTickets */ 184 PR_FALSE, /* enableDeflate */ 185 0, /* enableRenegotiation (default: never) */ 186 PR_FALSE, /* requireSafeNegotiation */ 187 }; 188 189 sslSessionIDLookupFunc ssl_sid_lookup; 190 sslSessionIDCacheFunc ssl_sid_cache; 191 sslSessionIDUncacheFunc ssl_sid_uncache; 192 193 static PRBool ssl_inited = PR_FALSE; 194 static PRDescIdentity ssl_layer_id; 195 196 PRBool locksEverDisabled; /* implicitly PR_FALSE */ 197 PRBool ssl_force_locks; /* implicitly PR_FALSE */ 198 int ssl_lock_readers = 1; /* default true. */ 199 char ssl_debug; 200 char ssl_trace; 201 FILE * ssl_trace_iob; 202 char lockStatus[] = "Locks are ENABLED. "; 203 #define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */ 204 205 /* forward declarations. */ 206 static sslSocket *ssl_NewSocket(PRBool makeLocks); 207 static SECStatus ssl_MakeLocks(sslSocket *ss); 208 static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, 209 PRDescIdentity id); 210 211 /************************************************************************/ 212 213 /* 214 ** Lookup a socket structure from a file descriptor. 215 ** Only functions called through the PRIOMethods table should use this. 216 ** Other app-callable functions should use ssl_FindSocket. 217 */ 218 static sslSocket * 219 ssl_GetPrivate(PRFileDesc *fd) 220 { 221 sslSocket *ss; 222 223 PORT_Assert(fd != NULL); 224 PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED); 225 PORT_Assert(fd->identity == ssl_layer_id); 226 227 if (fd->methods->file_type != PR_DESC_LAYERED || 228 fd->identity != ssl_layer_id) { 229 PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); 230 return NULL; 231 } 232 233 ss = (sslSocket *)fd->secret; 234 ss->fd = fd; 235 return ss; 236 } 237 238 /* This function tries to find the SSL layer in the stack. 239 * It searches for the first SSL layer at or below the argument fd, 240 * and failing that, it searches for the nearest SSL layer above the 241 * argument fd. It returns the private sslSocket from the found layer. 242 */ 243 sslSocket * 244 ssl_FindSocket(PRFileDesc *fd) 245 { 246 PRFileDesc *layer; 247 sslSocket *ss; 248 249 PORT_Assert(fd != NULL); 250 PORT_Assert(ssl_layer_id != 0); 251 252 layer = PR_GetIdentitiesLayer(fd, ssl_layer_id); 253 if (layer == NULL) { 254 PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); 255 return NULL; 256 } 257 258 ss = (sslSocket *)layer->secret; 259 ss->fd = layer; 260 return ss; 261 } 262 263 sslSocket * 264 ssl_DupSocket(sslSocket *os) 265 { 266 sslSocket *ss; 267 SECStatus rv; 268 269 ss = ssl_NewSocket((PRBool)(!os->opt.noLocks)); 270 if (ss) { 271 ss->opt = os->opt; 272 ss->opt.useSocks = PR_FALSE; 273 274 ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID); 275 ss->url = !os->url ? NULL : PORT_Strdup(os->url); 276 277 ss->ops = os->ops; 278 ss->rTimeout = os->rTimeout; 279 ss->wTimeout = os->wTimeout; 280 ss->cTimeout = os->cTimeout; 281 ss->dbHandle = os->dbHandle; 282 283 /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */ 284 ss->allowedByPolicy = os->allowedByPolicy; 285 ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy; 286 ss->chosenPreference = os->chosenPreference; 287 PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites); 288 289 if (os->cipherSpecs) { 290 ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs); 291 if (ss->cipherSpecs) 292 PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs, 293 os->sizeCipherSpecs); 294 ss->sizeCipherSpecs = os->sizeCipherSpecs; 295 ss->preferredCipher = os->preferredCipher; 296 } else { 297 ss->cipherSpecs = NULL; /* produced lazily */ 298 ss->sizeCipherSpecs = 0; 299 ss->preferredCipher = NULL; 300 } 301 if (ss->opt.useSecurity) { 302 /* This int should be SSLKEAType, but CC on Irix complains, 303 * during the for loop. 304 */ 305 int i; 306 sslServerCerts * oc = os->serverCerts; 307 sslServerCerts * sc = ss->serverCerts; 308 309 for (i=kt_null; i < kt_kea_size; i++, oc++, sc++) { 310 if (oc->serverCert && oc->serverCertChain) { 311 sc->serverCert = CERT_DupCertificate(oc->serverCert); 312 sc->serverCertChain = CERT_DupCertList(oc->serverCertChain); 313 if (!sc->serverCertChain) 314 goto loser; 315 } else { 316 sc->serverCert = NULL; 317 sc->serverCertChain = NULL; 318 } 319 sc->serverKeyPair = oc->serverKeyPair ? 320 ssl3_GetKeyPairRef(oc->serverKeyPair) : NULL; 321 if (oc->serverKeyPair && !sc->serverKeyPair) 322 goto loser; 323 sc->serverKeyBits = oc->serverKeyBits; 324 } 325 ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL : 326 ssl3_GetKeyPairRef(os->stepDownKeyPair); 327 ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL : 328 ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair); 329 /* 330 * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL. 331 * XXX We should detect this, and not just march on with NULL pointers. 332 */ 333 ss->authCertificate = os->authCertificate; 334 ss->authCertificateArg = os->authCertificateArg; 335 ss->getClientAuthData = os->getClientAuthData; 336 ss->getClientAuthDataArg = os->getClientAuthDataArg; 337 ss->handleBadCert = os->handleBadCert; 338 ss->badCertArg = os->badCertArg; 339 ss->handshakeCallback = os->handshakeCallback; 340 ss->handshakeCallbackData = os->handshakeCallbackData; 341 ss->pkcs11PinArg = os->pkcs11PinArg; 342 343 /* Create security data */ 344 rv = ssl_CopySecurityInfo(ss, os); 345 if (rv != SECSuccess) { 346 goto loser; 347 } 348 } 349 } 350 return ss; 351 352 loser: 353 ssl_FreeSocket(ss); 354 return NULL; 355 } 356 357 static void 358 ssl_DestroyLocks(sslSocket *ss) 359 { 360 /* Destroy locks. */ 361 if (ss->firstHandshakeLock) { 362 PZ_DestroyMonitor(ss->firstHandshakeLock); 363 ss->firstHandshakeLock = NULL; 364 } 365 if (ss->ssl3HandshakeLock) { 366 PZ_DestroyMonitor(ss->ssl3HandshakeLock); 367 ss->ssl3HandshakeLock = NULL; 368 } 369 if (ss->specLock) { 370 NSSRWLock_Destroy(ss->specLock); 371 ss->specLock = NULL; 372 } 373 374 if (ss->recvLock) { 375 PZ_DestroyLock(ss->recvLock); 376 ss->recvLock = NULL; 377 } 378 if (ss->sendLock) { 379 PZ_DestroyLock(ss->sendLock); 380 ss->sendLock = NULL; 381 } 382 if (ss->xmitBufLock) { 383 PZ_DestroyMonitor(ss->xmitBufLock); 384 ss->xmitBufLock = NULL; 385 } 386 if (ss->recvBufLock) { 387 PZ_DestroyMonitor(ss->recvBufLock); 388 ss->recvBufLock = NULL; 389 } 390 } 391 392 /* Caller holds any relevant locks */ 393 static void 394 ssl_DestroySocketContents(sslSocket *ss) 395 { 396 /* "i" should be of type SSLKEAType, but CC on IRIX complains during 397 * the for loop. 398 */ 399 int i; 400 401 /* Free up socket */ 402 ssl_DestroySecurityInfo(&ss->sec); 403 404 ssl3_DestroySSL3Info(ss); 405 406 PORT_Free(ss->saveBuf.buf); 407 PORT_Free(ss->pendingBuf.buf); 408 ssl_DestroyGather(&ss->gs); 409 410 if (ss->peerID != NULL) 411 PORT_Free(ss->peerID); 412 if (ss->url != NULL) 413 PORT_Free((void *)ss->url); /* CONST */ 414 if (ss->cipherSpecs) { 415 PORT_Free(ss->cipherSpecs); 416 ss->cipherSpecs = NULL; 417 ss->sizeCipherSpecs = 0; 418 } 419 420 /* Clean up server configuration */ 421 for (i=kt_null; i < kt_kea_size; i++) { 422 sslServerCerts * sc = ss->serverCerts + i; 423 if (sc->serverCert != NULL) 424 CERT_DestroyCertificate(sc->serverCert); 425 if (sc->serverCertChain != NULL) 426 CERT_DestroyCertificateList(sc->serverCertChain); 427 if (sc->serverKeyPair != NULL) 428 ssl3_FreeKeyPair(sc->serverKeyPair); 429 } 430 if (ss->stepDownKeyPair) { 431 ssl3_FreeKeyPair(ss->stepDownKeyPair); 432 ss->stepDownKeyPair = NULL; 433 } 434 if (ss->ephemeralECDHKeyPair) { 435 ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair); 436 ss->ephemeralECDHKeyPair = NULL; 437 } 438 if (ss->opt.nextProtoNego.data) { 439 PORT_Free(ss->opt.nextProtoNego.data); 440 ss->opt.nextProtoNego.data = NULL; 441 } 442 } 443 444 /* 445 * free an sslSocket struct, and all the stuff that hangs off of it 446 */ 447 void 448 ssl_FreeSocket(sslSocket *ss) 449 { 450 #ifdef DEBUG 451 sslSocket *fs; 452 sslSocket lSock; 453 #endif 454 455 /* Get every lock you can imagine! 456 ** Caller already holds these: 457 ** SSL_LOCK_READER(ss); 458 ** SSL_LOCK_WRITER(ss); 459 */ 460 ssl_Get1stHandshakeLock(ss); 461 ssl_GetRecvBufLock(ss); 462 ssl_GetSSL3HandshakeLock(ss); 463 ssl_GetXmitBufLock(ss); 464 ssl_GetSpecWriteLock(ss); 465 466 #ifdef DEBUG 467 fs = &lSock; 468 *fs = *ss; /* Copy the old socket structure, */ 469 PORT_Memset(ss, 0x1f, sizeof *ss); /* then blast the old struct ASAP. */ 470 #else 471 #define fs ss 472 #endif 473 474 ssl_DestroySocketContents(fs); 475 476 /* Release all the locks acquired above. */ 477 SSL_UNLOCK_READER(fs); 478 SSL_UNLOCK_WRITER(fs); 479 ssl_Release1stHandshakeLock(fs); 480 ssl_ReleaseRecvBufLock(fs); 481 ssl_ReleaseSSL3HandshakeLock(fs); 482 ssl_ReleaseXmitBufLock(fs); 483 ssl_ReleaseSpecWriteLock(fs); 484 485 ssl_DestroyLocks(fs); 486 487 PORT_Free(ss); /* free the caller's copy, not ours. */ 488 return; 489 } 490 #undef fs 491 492 /************************************************************************/ 493 SECStatus 494 ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled) 495 { 496 PRFileDesc * osfd = ss->fd->lower; 497 SECStatus rv = SECFailure; 498 PRSocketOptionData opt; 499 500 opt.option = PR_SockOpt_NoDelay; 501 opt.value.no_delay = (PRBool)!enabled; 502 503 if (osfd->methods->setsocketoption) { 504 rv = (SECStatus) osfd->methods->setsocketoption(osfd, &opt); 505 } else { 506 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 507 } 508 509 return rv; 510 } 511 512 static void 513 ssl_ChooseOps(sslSocket *ss) 514 { 515 ss->ops = ss->opt.useSecurity ? &ssl_secure_ops : &ssl_default_ops; 516 } 517 518 /* Called from SSL_Enable (immediately below) */ 519 static SECStatus 520 PrepareSocket(sslSocket *ss) 521 { 522 SECStatus rv = SECSuccess; 523 524 ssl_ChooseOps(ss); 525 return rv; 526 } 527 528 SECStatus 529 SSL_Enable(PRFileDesc *fd, int which, PRBool on) 530 { 531 return SSL_OptionSet(fd, which, on); 532 } 533 534 static const PRCallOnceType pristineCallOnce; 535 static PRCallOnceType setupBypassOnce; 536 537 static SECStatus SSL_BypassShutdown(void* appData, void* nssData) 538 { 539 /* unload freeBL shared library from memory */ 540 BL_Unload(); 541 setupBypassOnce = pristineCallOnce; 542 return SECSuccess; 543 } 544 545 static PRStatus SSL_BypassRegisterShutdown(void) 546 { 547 SECStatus rv = NSS_RegisterShutdown(SSL_BypassShutdown, NULL); 548 PORT_Assert(SECSuccess == rv); 549 return SECSuccess == rv ? PR_SUCCESS : PR_FAILURE; 550 } 551 552 static PRStatus SSL_BypassSetup(void) 553 { 554 return PR_CallOnce(&setupBypassOnce, &SSL_BypassRegisterShutdown); 555 } 556 557 SECStatus 558 SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on) 559 { 560 sslSocket *ss = ssl_FindSocket(fd); 561 SECStatus rv = SECSuccess; 562 PRBool holdingLocks; 563 564 if (!ss) { 565 SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd)); 566 return SECFailure; 567 } 568 569 holdingLocks = (!ss->opt.noLocks); 570 ssl_Get1stHandshakeLock(ss); 571 ssl_GetSSL3HandshakeLock(ss); 572 573 switch (which) { 574 case SSL_SOCKS: 575 ss->opt.useSocks = PR_FALSE; 576 rv = PrepareSocket(ss); 577 if (on) { 578 PORT_SetError(SEC_ERROR_INVALID_ARGS); 579 rv = SECFailure; 580 } 581 break; 582 583 case SSL_SECURITY: 584 ss->opt.useSecurity = on; 585 rv = PrepareSocket(ss); 586 break; 587 588 case SSL_REQUEST_CERTIFICATE: 589 ss->opt.requestCertificate = on; 590 break; 591 592 case SSL_REQUIRE_CERTIFICATE: 593 ss->opt.requireCertificate = on; 594 break; 595 596 case SSL_HANDSHAKE_AS_CLIENT: 597 if ( ss->opt.handshakeAsServer && on ) { 598 PORT_SetError(SEC_ERROR_INVALID_ARGS); 599 rv = SECFailure; 600 break; 601 } 602 ss->opt.handshakeAsClient = on; 603 break; 604 605 case SSL_HANDSHAKE_AS_SERVER: 606 if ( ss->opt.handshakeAsClient && on ) { 607 PORT_SetError(SEC_ERROR_INVALID_ARGS); 608 rv = SECFailure; 609 break; 610 } 611 ss->opt.handshakeAsServer = on; 612 break; 613 614 case SSL_ENABLE_TLS: 615 ss->opt.enableTLS = on; 616 ss->preferredCipher = NULL; 617 if (ss->cipherSpecs) { 618 PORT_Free(ss->cipherSpecs); 619 ss->cipherSpecs = NULL; 620 ss->sizeCipherSpecs = 0; 621 } 622 break; 623 624 case SSL_ENABLE_SSL3: 625 ss->opt.enableSSL3 = on; 626 ss->preferredCipher = NULL; 627 if (ss->cipherSpecs) { 628 PORT_Free(ss->cipherSpecs); 629 ss->cipherSpecs = NULL; 630 ss->sizeCipherSpecs = 0; 631 } 632 break; 633 634 case SSL_ENABLE_SSL2: 635 ss->opt.enableSSL2 = on; 636 if (on) { 637 ss->opt.v2CompatibleHello = on; 638 } 639 ss->preferredCipher = NULL; 640 if (ss->cipherSpecs) { 641 PORT_Free(ss->cipherSpecs); 642 ss->cipherSpecs = NULL; 643 ss->sizeCipherSpecs = 0; 644 } 645 break; 646 647 case SSL_NO_CACHE: 648 ss->opt.noCache = on; 649 break; 650 651 case SSL_ENABLE_FDX: 652 if (on && ss->opt.noLocks) { 653 PORT_SetError(SEC_ERROR_INVALID_ARGS); 654 rv = SECFailure; 655 } 656 ss->opt.fdx = on; 657 break; 658 659 case SSL_V2_COMPATIBLE_HELLO: 660 ss->opt.v2CompatibleHello = on; 661 if (!on) { 662 ss->opt.enableSSL2 = on; 663 } 664 break; 665 666 case SSL_ROLLBACK_DETECTION: 667 ss->opt.detectRollBack = on; 668 break; 669 670 case SSL_NO_STEP_DOWN: 671 ss->opt.noStepDown = on; 672 if (on) 673 SSL_DisableExportCipherSuites(fd); 674 break; 675 676 case SSL_BYPASS_PKCS11: 677 if (ss->handshakeBegun) { 678 PORT_SetError(PR_INVALID_STATE_ERROR); 679 rv = SECFailure; 680 } else { 681 if (PR_FALSE != on) { 682 if (PR_SUCCESS == SSL_BypassSetup() ) { 683 ss->opt.bypassPKCS11 = on; 684 } else { 685 rv = SECFailure; 686 } 687 } else { 688 ss->opt.bypassPKCS11 = PR_FALSE; 689 } 690 } 691 break; 692 693 case SSL_NO_LOCKS: 694 if (on && ss->opt.fdx) { 695 PORT_SetError(SEC_ERROR_INVALID_ARGS); 696 rv = SECFailure; 697 } 698 if (on && ssl_force_locks) 699 on = PR_FALSE; /* silent override */ 700 ss->opt.noLocks = on; 701 if (on) { 702 locksEverDisabled = PR_TRUE; 703 strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED."); 704 } else if (!holdingLocks) { 705 rv = ssl_MakeLocks(ss); 706 if (rv != SECSuccess) { 707 ss->opt.noLocks = PR_TRUE; 708 } 709 } 710 break; 711 712 case SSL_ENABLE_SESSION_TICKETS: 713 ss->opt.enableSessionTickets = on; 714 break; 715 716 case SSL_ENABLE_DEFLATE: 717 ss->opt.enableDeflate = on; 718 break; 719 720 case SSL_ENABLE_RENEGOTIATION: 721 ss->opt.enableRenegotiation = on; 722 break; 723 724 case SSL_REQUIRE_SAFE_NEGOTIATION: 725 ss->opt.requireSafeNegotiation = on; 726 break; 727 728 default: 729 PORT_SetError(SEC_ERROR_INVALID_ARGS); 730 rv = SECFailure; 731 } 732 733 /* We can't use the macros for releasing the locks here, 734 * because ss->opt.noLocks might have changed just above. 735 * We must release these locks (monitors) here, if we aquired them above, 736 * regardless of the current value of ss->opt.noLocks. 737 */ 738 if (holdingLocks) { 739 PZ_ExitMonitor((ss)->ssl3HandshakeLock); 740 PZ_ExitMonitor((ss)->firstHandshakeLock); 741 } 742 743 return rv; 744 } 745 746 SECStatus 747 SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn) 748 { 749 sslSocket *ss = ssl_FindSocket(fd); 750 SECStatus rv = SECSuccess; 751 PRBool on = PR_FALSE; 752 753 if (!pOn) { 754 PORT_SetError(SEC_ERROR_INVALID_ARGS); 755 return SECFailure; 756 } 757 if (!ss) { 758 SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd)); 759 *pOn = PR_FALSE; 760 return SECFailure; 761 } 762 763 ssl_Get1stHandshakeLock(ss); 764 ssl_GetSSL3HandshakeLock(ss); 765 766 switch (which) { 767 case SSL_SOCKS: on = PR_FALSE; break; 768 case SSL_SECURITY: on = ss->opt.useSecurity; break; 769 case SSL_REQUEST_CERTIFICATE: on = ss->opt.requestCertificate; break; 770 case SSL_REQUIRE_CERTIFICATE: on = ss->opt.requireCertificate; break; 771 case SSL_HANDSHAKE_AS_CLIENT: on = ss->opt.handshakeAsClient; break; 772 case SSL_HANDSHAKE_AS_SERVER: on = ss->opt.handshakeAsServer; break; 773 case SSL_ENABLE_TLS: on = ss->opt.enableTLS; break; 774 case SSL_ENABLE_SSL3: on = ss->opt.enableSSL3; break; 775 case SSL_ENABLE_SSL2: on = ss->opt.enableSSL2; break; 776 case SSL_NO_CACHE: on = ss->opt.noCache; break; 777 case SSL_ENABLE_FDX: on = ss->opt.fdx; break; 778 case SSL_V2_COMPATIBLE_HELLO: on = ss->opt.v2CompatibleHello; break; 779 case SSL_ROLLBACK_DETECTION: on = ss->opt.detectRollBack; break; 780 case SSL_NO_STEP_DOWN: on = ss->opt.noStepDown; break; 781 case SSL_BYPASS_PKCS11: on = ss->opt.bypassPKCS11; break; 782 case SSL_NO_LOCKS: on = ss->opt.noLocks; break; 783 case SSL_ENABLE_SESSION_TICKETS: 784 on = ss->opt.enableSessionTickets; 785 break; 786 case SSL_ENABLE_DEFLATE: on = ss->opt.enableDeflate; break; 787 case SSL_ENABLE_RENEGOTIATION: 788 on = ss->opt.enableRenegotiation; break; 789 case SSL_REQUIRE_SAFE_NEGOTIATION: 790 on = ss->opt.requireSafeNegotiation; break; 791 792 default: 793 PORT_SetError(SEC_ERROR_INVALID_ARGS); 794 rv = SECFailure; 795 } 796 797 ssl_ReleaseSSL3HandshakeLock(ss); 798 ssl_Release1stHandshakeLock(ss); 799 800 *pOn = on; 801 return rv; 802 } 803 804 SECStatus 805 SSL_OptionGetDefault(PRInt32 which, PRBool *pOn) 806 { 807 SECStatus rv = SECSuccess; 808 PRBool on = PR_FALSE; 809 810 if (!pOn) { 811 PORT_SetError(SEC_ERROR_INVALID_ARGS); 812 return SECFailure; 813 } 814 815 switch (which) { 816 case SSL_SOCKS: on = PR_FALSE; break; 817 case SSL_SECURITY: on = ssl_defaults.useSecurity; break; 818 case SSL_REQUEST_CERTIFICATE: on = ssl_defaults.requestCertificate; break; 819 case SSL_REQUIRE_CERTIFICATE: on = ssl_defaults.requireCertificate; break; 820 case SSL_HANDSHAKE_AS_CLIENT: on = ssl_defaults.handshakeAsClient; break; 821 case SSL_HANDSHAKE_AS_SERVER: on = ssl_defaults.handshakeAsServer; break; 822 case SSL_ENABLE_TLS: on = ssl_defaults.enableTLS; break; 823 case SSL_ENABLE_SSL3: on = ssl_defaults.enableSSL3; break; 824 case SSL_ENABLE_SSL2: on = ssl_defaults.enableSSL2; break; 825 case SSL_NO_CACHE: on = ssl_defaults.noCache; break; 826 case SSL_ENABLE_FDX: on = ssl_defaults.fdx; break; 827 case SSL_V2_COMPATIBLE_HELLO: on = ssl_defaults.v2CompatibleHello; break; 828 case SSL_ROLLBACK_DETECTION: on = ssl_defaults.detectRollBack; break; 829 case SSL_NO_STEP_DOWN: on = ssl_defaults.noStepDown; break; 830 case SSL_BYPASS_PKCS11: on = ssl_defaults.bypassPKCS11; break; 831 case SSL_NO_LOCKS: on = ssl_defaults.noLocks; break; 832 case SSL_ENABLE_SESSION_TICKETS: 833 on = ssl_defaults.enableSessionTickets; 834 break; 835 case SSL_ENABLE_DEFLATE: on = ssl_defaults.enableDeflate; break; 836 case SSL_ENABLE_RENEGOTIATION: 837 on = ssl_defaults.enableRenegotiation; break; 838 case SSL_REQUIRE_SAFE_NEGOTIATION: 839 on = ssl_defaults.requireSafeNegotiation; 840 break; 841 842 default: 843 PORT_SetError(SEC_ERROR_INVALID_ARGS); 844 rv = SECFailure; 845 } 846 847 *pOn = on; 848 return rv; 849 } 850 851 /* XXX Use Global Lock to protect this stuff. */ 852 SECStatus 853 SSL_EnableDefault(int which, PRBool on) 854 { 855 return SSL_OptionSetDefault(which, on); 856 } 857 858 SECStatus 859 SSL_OptionSetDefault(PRInt32 which, PRBool on) 860 { 861 switch (which) { 862 case SSL_SOCKS: 863 ssl_defaults.useSocks = PR_FALSE; 864 if (on) { 865 PORT_SetError(SEC_ERROR_INVALID_ARGS); 866 return SECFailure; 867 } 868 break; 869 870 case SSL_SECURITY: 871 ssl_defaults.useSecurity = on; 872 break; 873 874 case SSL_REQUEST_CERTIFICATE: 875 ssl_defaults.requestCertificate = on; 876 break; 877 878 case SSL_REQUIRE_CERTIFICATE: 879 ssl_defaults.requireCertificate = on; 880 break; 881 882 case SSL_HANDSHAKE_AS_CLIENT: 883 if ( ssl_defaults.handshakeAsServer && on ) { 884 PORT_SetError(SEC_ERROR_INVALID_ARGS); 885 return SECFailure; 886 } 887 ssl_defaults.handshakeAsClient = on; 888 break; 889 890 case SSL_HANDSHAKE_AS_SERVER: 891 if ( ssl_defaults.handshakeAsClient && on ) { 892 PORT_SetError(SEC_ERROR_INVALID_ARGS); 893 return SECFailure; 894 } 895 ssl_defaults.handshakeAsServer = on; 896 break; 897 898 case SSL_ENABLE_TLS: 899 ssl_defaults.enableTLS = on; 900 break; 901 902 case SSL_ENABLE_SSL3: 903 ssl_defaults.enableSSL3 = on; 904 break; 905 906 case SSL_ENABLE_SSL2: 907 ssl_defaults.enableSSL2 = on; 908 if (on) { 909 ssl_defaults.v2CompatibleHello = on; 910 } 911 break; 912 913 case SSL_NO_CACHE: 914 ssl_defaults.noCache = on; 915 break; 916 917 case SSL_ENABLE_FDX: 918 if (on && ssl_defaults.noLocks) { 919 PORT_SetError(SEC_ERROR_INVALID_ARGS); 920 return SECFailure; 921 } 922 ssl_defaults.fdx = on; 923 break; 924 925 case SSL_V2_COMPATIBLE_HELLO: 926 ssl_defaults.v2CompatibleHello = on; 927 if (!on) { 928 ssl_defaults.enableSSL2 = on; 929 } 930 break; 931 932 case SSL_ROLLBACK_DETECTION: 933 ssl_defaults.detectRollBack = on; 934 break; 935 936 case SSL_NO_STEP_DOWN: 937 ssl_defaults.noStepDown = on; 938 if (on) 939 SSL_DisableDefaultExportCipherSuites(); 940 break; 941 942 case SSL_BYPASS_PKCS11: 943 if (PR_FALSE != on) { 944 if (PR_SUCCESS == SSL_BypassSetup()) { 945 ssl_defaults.bypassPKCS11 = on; 946 } else { 947 return SECFailure; 948 } 949 } else { 950 ssl_defaults.bypassPKCS11 = PR_FALSE; 951 } 952 break; 953 954 case SSL_NO_LOCKS: 955 if (on && ssl_defaults.fdx) { 956 PORT_SetError(SEC_ERROR_INVALID_ARGS); 957 return SECFailure; 958 } 959 if (on && ssl_force_locks) 960 on = PR_FALSE; /* silent override */ 961 ssl_defaults.noLocks = on; 962 if (on) { 963 locksEverDisabled = PR_TRUE; 964 strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED."); 965 } 966 break; 967 968 case SSL_ENABLE_SESSION_TICKETS: 969 ssl_defaults.enableSessionTickets = on; 970 break; 971 972 case SSL_ENABLE_DEFLATE: 973 ssl_defaults.enableDeflate = on; 974 break; 975 976 case SSL_ENABLE_RENEGOTIATION: 977 ssl_defaults.enableRenegotiation = on; 978 break; 979 980 case SSL_REQUIRE_SAFE_NEGOTIATION: 981 ssl_defaults.requireSafeNegotiation = on; 982 break; 983 984 default: 985 PORT_SetError(SEC_ERROR_INVALID_ARGS); 986 return SECFailure; 987 } 988 return SECSuccess; 989 } 990 991 /* function tells us if the cipher suite is one that we no longer support. */ 992 static PRBool 993 ssl_IsRemovedCipherSuite(PRInt32 suite) 994 { 995 switch (suite) { 996 case SSL_FORTEZZA_DMS_WITH_NULL_SHA: 997 case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: 998 case SSL_FORTEZZA_DMS_WITH_RC4_128_SHA: 999 return PR_TRUE; 1000 default: 1001 return PR_FALSE; 1002 } 1003 } 1004 1005 /* Part of the public NSS API. 1006 * Since this is a global (not per-socket) setting, we cannot use the 1007 * HandshakeLock to protect this. Probably want a global lock. 1008 */ 1009 SECStatus 1010 SSL_SetPolicy(long which, int policy) 1011 { 1012 if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) { 1013 /* one of the two old FIPS ciphers */ 1014 if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) 1015 which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA; 1016 else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA) 1017 which = SSL_RSA_FIPS_WITH_DES_CBC_SHA; 1018 } 1019 if (ssl_IsRemovedCipherSuite(which)) 1020 return SECSuccess; 1021 return SSL_CipherPolicySet(which, policy); 1022 } 1023 1024 SECStatus 1025 SSL_CipherPolicySet(PRInt32 which, PRInt32 policy) 1026 { 1027 SECStatus rv; 1028 1029 if (ssl_IsRemovedCipherSuite(which)) { 1030 rv = SECSuccess; 1031 } else if (SSL_IS_SSL2_CIPHER(which)) { 1032 rv = ssl2_SetPolicy(which, policy); 1033 } else { 1034 rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy); 1035 } 1036 return rv; 1037 } 1038 1039 SECStatus 1040 SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy) 1041 { 1042 SECStatus rv; 1043 1044 if (!oPolicy) { 1045 PORT_SetError(SEC_ERROR_INVALID_ARGS); 1046 return SECFailure; 1047 } 1048 if (ssl_IsRemovedCipherSuite(which)) { 1049 *oPolicy = SSL_NOT_ALLOWED; 1050 rv = SECSuccess; 1051 } else if (SSL_IS_SSL2_CIPHER(which)) { 1052 rv = ssl2_GetPolicy(which, oPolicy); 1053 } else { 1054 rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy); 1055 } 1056 return rv; 1057 } 1058 1059 /* Part of the public NSS API. 1060 * Since this is a global (not per-socket) setting, we cannot use the 1061 * HandshakeLock to protect this. Probably want a global lock. 1062 * These changes have no effect on any sslSockets already created. 1063 */ 1064 SECStatus 1065 SSL_EnableCipher(long which, PRBool enabled) 1066 { 1067 if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) { 1068 /* one of the two old FIPS ciphers */ 1069 if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) 1070 which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA; 1071 else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA) 1072 which = SSL_RSA_FIPS_WITH_DES_CBC_SHA; 1073 } 1074 if (ssl_IsRemovedCipherSuite(which)) 1075 return SECSuccess; 1076 return SSL_CipherPrefSetDefault(which, enabled); 1077 } 1078 1079 SECStatus 1080 SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled) 1081 { 1082 SECStatus rv; 1083 1084 if (ssl_IsRemovedCipherSuite(which)) 1085 return SECSuccess; 1086 if (enabled && ssl_defaults.noStepDown && SSL_IsExportCipherSuite(which)) { 1087 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); 1088 return SECFailure; 1089 } 1090 if (SSL_IS_SSL2_CIPHER(which)) { 1091 rv = ssl2_CipherPrefSetDefault(which, enabled); 1092 } else { 1093 rv = ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled); 1094 } 1095 return rv; 1096 } 1097 1098 SECStatus 1099 SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled) 1100 { 1101 SECStatus rv; 1102 1103 if (!enabled) { 1104 PORT_SetError(SEC_ERROR_INVALID_ARGS); 1105 return SECFailure; 1106 } 1107 if (ssl_IsRemovedCipherSuite(which)) { 1108 *enabled = PR_FALSE; 1109 rv = SECSuccess; 1110 } else if (SSL_IS_SSL2_CIPHER(which)) { 1111 rv = ssl2_CipherPrefGetDefault(which, enabled); 1112 } else { 1113 rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled); 1114 } 1115 return rv; 1116 } 1117 1118 SECStatus 1119 SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled) 1120 { 1121 SECStatus rv; 1122 sslSocket *ss = ssl_FindSocket(fd); 1123 1124 if (!ss) { 1125 SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd)); 1126 return SECFailure; 1127 } 1128 if (ssl_IsRemovedCipherSuite(which)) 1129 return SECSuccess; 1130 if (enabled && ss->opt.noStepDown && SSL_IsExportCipherSuite(which)) { 1131 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); 1132 return SECFailure; 1133 } 1134 if (SSL_IS_SSL2_CIPHER(which)) { 1135 rv = ssl2_CipherPrefSet(ss, which, enabled); 1136 } else { 1137 rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled); 1138 } 1139 return rv; 1140 } 1141 1142 SECStatus 1143 SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled) 1144 { 1145 SECStatus rv; 1146 sslSocket *ss = ssl_FindSocket(fd); 1147 1148 if (!enabled) { 1149 PORT_SetError(SEC_ERROR_INVALID_ARGS); 1150 return SECFailure; 1151 } 1152 if (!ss) { 1153 SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd)); 1154 *enabled = PR_FALSE; 1155 return SECFailure; 1156 } 1157 if (ssl_IsRemovedCipherSuite(which)) { 1158 *enabled = PR_FALSE; 1159 rv = SECSuccess; 1160 } else if (SSL_IS_SSL2_CIPHER(which)) { 1161 rv = ssl2_CipherPrefGet(ss, which, enabled); 1162 } else { 1163 rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled); 1164 } 1165 return rv; 1166 } 1167 1168 SECStatus 1169 NSS_SetDomesticPolicy(void) 1170 { 1171 #ifndef EXPORT_VERSION 1172 SECStatus status = SECSuccess; 1173 cipherPolicy * policy; 1174 1175 for (policy = ssl_ciphers; policy->cipher != 0; ++policy) { 1176 status = SSL_SetPolicy(policy->cipher, SSL_ALLOWED); 1177 if (status != SECSuccess) 1178 break; 1179 } 1180 return status; 1181 #else 1182 return NSS_SetExportPolicy(); 1183 #endif 1184 } 1185 1186 SECStatus 1187 NSS_SetExportPolicy(void) 1188 { 1189 SECStatus status = SECSuccess; 1190 cipherPolicy * policy; 1191 1192 for (policy = ssl_ciphers; policy->cipher != 0; ++policy) { 1193 status = SSL_SetPolicy(policy->cipher, policy->export); 1194 if (status != SECSuccess) 1195 break; 1196 } 1197 return status; 1198 } 1199 1200 SECStatus 1201 NSS_SetFrancePolicy(void) 1202 { 1203 SECStatus status = SECSuccess; 1204 cipherPolicy * policy; 1205 1206 for (policy = ssl_ciphers; policy->cipher != 0; ++policy) { 1207 status = SSL_SetPolicy(policy->cipher, policy->france); 1208 if (status != SECSuccess) 1209 break; 1210 } 1211 return status; 1212 } 1213 1214 1215 1216 /* LOCKS ??? XXX */ 1217 PRFileDesc * 1218 SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd) 1219 { 1220 sslSocket * ns = NULL; 1221 PRStatus rv; 1222 PRNetAddr addr; 1223 1224 if (model == NULL) { 1225 /* Just create a default socket if we're given NULL for the model */ 1226 ns = ssl_NewSocket((PRBool)(!ssl_defaults.noLocks)); 1227 } else { 1228 sslSocket * ss = ssl_FindSocket(model); 1229 if (ss == NULL) { 1230 SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD", 1231 SSL_GETPID(), model)); 1232 return NULL; 1233 } 1234 ns = ssl_DupSocket(ss); 1235 } 1236 if (ns == NULL) 1237 return NULL; 1238 1239 rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER); 1240 if (rv != PR_SUCCESS) { 1241 ssl_FreeSocket(ns); 1242 SET_ERROR_CODE 1243 return NULL; 1244 } 1245 #ifdef _WIN32 1246 PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */ 1247 #endif 1248 ns = ssl_FindSocket(fd); 1249 PORT_Assert(ns); 1250 if (ns) 1251 ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr)); 1252 return fd; 1253 } 1254 1255 /* SSL_SetNextProtoNego sets the list of supported protocols for the given 1256 * socket. The list is a series of 8-bit, length prefixed strings. */ 1257 SECStatus 1258 SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data, 1259 unsigned short length) 1260 { 1261 sslSocket *ss = ssl_FindSocket(fd); 1262 1263 if (!ss) { 1264 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoNego", SSL_GETPID(), 1265 fd)); 1266 return SECFailure; 1267 } 1268 1269 if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess) 1270 return SECFailure; 1271 1272 ssl_GetSSL3HandshakeLock(ss); 1273 if (ss->opt.nextProtoNego.data) 1274 PORT_Free(ss->opt.nextProtoNego.data); 1275 ss->opt.nextProtoNego.data = PORT_Alloc(length); 1276 if (!ss->opt.nextProtoNego.data) { 1277 ssl_ReleaseSSL3HandshakeLock(ss); 1278 return SECFailure; 1279 } 1280 memcpy(ss->opt.nextProtoNego.data, data, length); 1281 ss->opt.nextProtoNego.len = length; 1282 ss->opt.nextProtoNego.type = siBuffer; 1283 ssl_ReleaseSSL3HandshakeLock(ss); 1284 1285 return SECSuccess; 1286 } 1287 1288 /* SSL_GetNextProto reads the resulting Next Protocol Negotiation result for 1289 * the given socket. It's only valid to call this once the handshake has 1290 * completed. 1291 * 1292 * state is set to one of the SSL_NEXT_PROTO_* constants. The negotiated 1293 * protocol, if any, is written into buf, which must be at least buf_len 1294 * bytes long. If the negotiated protocol is longer than this, it is truncated. 1295 * The number of bytes copied is written into length. 1296 */ 1297 SECStatus 1298 SSL_GetNextProto(PRFileDesc *fd, int *state, unsigned char *buf, 1299 unsigned int *length, unsigned int buf_len) 1300 { 1301 sslSocket *ss = ssl_FindSocket(fd); 1302 1303 if (!ss) { 1304 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNextProto", SSL_GETPID(), 1305 fd)); 1306 return SECFailure; 1307 } 1308 1309 *state = ss->ssl3.nextProtoState; 1310 1311 if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT && 1312 ss->ssl3.nextProto.data) { 1313 *length = ss->ssl3.nextProto.len; 1314 if (*length > buf_len) 1315 *length = buf_len; 1316 PORT_Memcpy(buf, ss->ssl3.nextProto.data, *length); 1317 } else { 1318 *length = 0; 1319 } 1320 1321 return SECSuccess; 1322 } 1323 1324 /************************************************************************/ 1325 /* The following functions are the TOP LEVEL SSL functions. 1326 ** They all get called through the NSPRIOMethods table below. 1327 */ 1328 1329 static PRFileDesc * PR_CALLBACK 1330 ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout) 1331 { 1332 sslSocket *ss; 1333 sslSocket *ns = NULL; 1334 PRFileDesc *newfd = NULL; 1335 PRFileDesc *osfd; 1336 PRStatus status; 1337 1338 ss = ssl_GetPrivate(fd); 1339 if (!ss) { 1340 SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd)); 1341 return NULL; 1342 } 1343 1344 /* IF this is a listen socket, there shouldn't be any I/O going on */ 1345 SSL_LOCK_READER(ss); 1346 SSL_LOCK_WRITER(ss); 1347 ssl_Get1stHandshakeLock(ss); 1348 ssl_GetSSL3HandshakeLock(ss); 1349 1350 ss->cTimeout = timeout; 1351 1352 osfd = ss->fd->lower; 1353 1354 /* First accept connection */ 1355 newfd = osfd->methods->accept(osfd, sockaddr, timeout); 1356 if (newfd == NULL) { 1357 SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d", 1358 SSL_GETPID(), ss->fd, PORT_GetError())); 1359 } else { 1360 /* Create ssl module */ 1361 ns = ssl_DupSocket(ss); 1362 } 1363 1364 ssl_ReleaseSSL3HandshakeLock(ss); 1365 ssl_Release1stHandshakeLock(ss); 1366 SSL_UNLOCK_WRITER(ss); 1367 SSL_UNLOCK_READER(ss); /* ss isn't used below here. */ 1368 1369 if (ns == NULL) 1370 goto loser; 1371 1372 /* push ssl module onto the new socket */ 1373 status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER); 1374 if (status != PR_SUCCESS) 1375 goto loser; 1376 1377 /* Now start server connection handshake with client. 1378 ** Don't need locks here because nobody else has a reference to ns yet. 1379 */ 1380 if ( ns->opt.useSecurity ) { 1381 if ( ns->opt.handshakeAsClient ) { 1382 ns->handshake = ssl2_BeginClientHandshake; 1383 ss->handshaking = sslHandshakingAsClient; 1384 } else { 1385 ns->handshake = ssl2_BeginServerHandshake; 1386 ss->handshaking = sslHandshakingAsServer; 1387 } 1388 } 1389 ns->TCPconnected = 1; 1390 return newfd; 1391 1392 loser: 1393 if (ns != NULL) 1394 ssl_FreeSocket(ns); 1395 if (newfd != NULL) 1396 PR_Close(newfd); 1397 return NULL; 1398 } 1399 1400 static PRStatus PR_CALLBACK 1401 ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout) 1402 { 1403 sslSocket *ss; 1404 PRStatus rv; 1405 1406 ss = ssl_GetPrivate(fd); 1407 if (!ss) { 1408 SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd)); 1409 return PR_FAILURE; 1410 } 1411 1412 /* IF this is a listen socket, there shouldn't be any I/O going on */ 1413 SSL_LOCK_READER(ss); 1414 SSL_LOCK_WRITER(ss); 1415 1416 ss->cTimeout = timeout; 1417 rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr); 1418 #ifdef _WIN32 1419 PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */ 1420 #endif 1421 1422 SSL_UNLOCK_WRITER(ss); 1423 SSL_UNLOCK_READER(ss); 1424 1425 return rv; 1426 } 1427 1428 static PRStatus PR_CALLBACK 1429 ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr) 1430 { 1431 sslSocket * ss = ssl_GetPrivate(fd); 1432 PRStatus rv; 1433 1434 if (!ss) { 1435 SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd)); 1436 return PR_FAILURE; 1437 } 1438 SSL_LOCK_READER(ss); 1439 SSL_LOCK_WRITER(ss); 1440 1441 rv = (PRStatus)(*ss->ops->bind)(ss, addr); 1442 1443 SSL_UNLOCK_WRITER(ss); 1444 SSL_UNLOCK_READER(ss); 1445 return rv; 1446 } 1447 1448 static PRStatus PR_CALLBACK 1449 ssl_Listen(PRFileDesc *fd, PRIntn backlog) 1450 { 1451 sslSocket * ss = ssl_GetPrivate(fd); 1452 PRStatus rv; 1453 1454 if (!ss) { 1455 SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd)); 1456 return PR_FAILURE; 1457 } 1458 SSL_LOCK_READER(ss); 1459 SSL_LOCK_WRITER(ss); 1460 1461 rv = (PRStatus)(*ss->ops->listen)(ss, backlog); 1462 1463 SSL_UNLOCK_WRITER(ss); 1464 SSL_UNLOCK_READER(ss); 1465 return rv; 1466 } 1467 1468 static PRStatus PR_CALLBACK 1469 ssl_Shutdown(PRFileDesc *fd, PRIntn how) 1470 { 1471 sslSocket * ss = ssl_GetPrivate(fd); 1472 PRStatus rv; 1473 1474 if (!ss) { 1475 SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd)); 1476 return PR_FAILURE; 1477 } 1478 if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) { 1479 SSL_LOCK_READER(ss); 1480 } 1481 if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) { 1482 SSL_LOCK_WRITER(ss); 1483 } 1484 1485 rv = (PRStatus)(*ss->ops->shutdown)(ss, how); 1486 1487 if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) { 1488 SSL_UNLOCK_WRITER(ss); 1489 } 1490 if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) { 1491 SSL_UNLOCK_READER(ss); 1492 } 1493 return rv; 1494 } 1495 1496 static PRStatus PR_CALLBACK 1497 ssl_Close(PRFileDesc *fd) 1498 { 1499 sslSocket *ss; 1500 PRStatus rv; 1501 1502 ss = ssl_GetPrivate(fd); 1503 if (!ss) { 1504 SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd)); 1505 return PR_FAILURE; 1506 } 1507 1508 /* There must not be any I/O going on */ 1509 SSL_LOCK_READER(ss); 1510 SSL_LOCK_WRITER(ss); 1511 1512 /* By the time this function returns, 1513 ** ss is an invalid pointer, and the locks to which it points have 1514 ** been unlocked and freed. So, this is the ONE PLACE in all of SSL 1515 ** where the LOCK calls and the corresponding UNLOCK calls are not in 1516 ** the same function scope. The unlock calls are in ssl_FreeSocket(). 1517 */ 1518 rv = (PRStatus)(*ss->ops->close)(ss); 1519 1520 return rv; 1521 } 1522 1523 static int PR_CALLBACK 1524 ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags, 1525 PRIntervalTime timeout) 1526 { 1527 sslSocket *ss; 1528 int rv; 1529 1530 ss = ssl_GetPrivate(fd); 1531 if (!ss) { 1532 SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd)); 1533 return SECFailure; 1534 } 1535 SSL_LOCK_READER(ss); 1536 ss->rTimeout = timeout; 1537 if (!ss->opt.fdx) 1538 ss->wTimeout = timeout; 1539 rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags); 1540 SSL_UNLOCK_READER(ss); 1541 return rv; 1542 } 1543 1544 static int PR_CALLBACK 1545 ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags, 1546 PRIntervalTime timeout) 1547 { 1548 sslSocket *ss; 1549 int rv; 1550 1551 ss = ssl_GetPrivate(fd); 1552 if (!ss) { 1553 SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd)); 1554 return SECFailure; 1555 } 1556 SSL_LOCK_WRITER(ss); 1557 ss->wTimeout = timeout; 1558 if (!ss->opt.fdx) 1559 ss->rTimeout = timeout; 1560 rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags); 1561 SSL_UNLOCK_WRITER(ss); 1562 return rv; 1563 } 1564 1565 static int PR_CALLBACK 1566 ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len) 1567 { 1568 sslSocket *ss; 1569 int rv; 1570 1571 ss = ssl_GetPrivate(fd); 1572 if (!ss) { 1573 SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd)); 1574 return SECFailure; 1575 } 1576 SSL_LOCK_READER(ss); 1577 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT; 1578 if (!ss->opt.fdx) 1579 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT; 1580 rv = (*ss->ops->read)(ss, (unsigned char*)buf, len); 1581 SSL_UNLOCK_READER(ss); 1582 return rv; 1583 } 1584 1585 static int PR_CALLBACK 1586 ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len) 1587 { 1588 sslSocket *ss; 1589 int rv; 1590 1591 ss = ssl_GetPrivate(fd); 1592 if (!ss) { 1593 SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd)); 1594 return SECFailure; 1595 } 1596 SSL_LOCK_WRITER(ss); 1597 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT; 1598 if (!ss->opt.fdx) 1599 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT; 1600 rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len); 1601 SSL_UNLOCK_WRITER(ss); 1602 return rv; 1603 } 1604 1605 static PRStatus PR_CALLBACK 1606 ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr) 1607 { 1608 sslSocket *ss; 1609 1610 ss = ssl_GetPrivate(fd); 1611 if (!ss) { 1612 SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd)); 1613 return PR_FAILURE; 1614 } 1615 return (PRStatus)(*ss->ops->getpeername)(ss, addr); 1616 } 1617 1618 /* 1619 */ 1620 SECStatus 1621 ssl_GetPeerInfo(sslSocket *ss) 1622 { 1623 PRFileDesc * osfd; 1624 int rv; 1625 PRNetAddr sin; 1626 1627 osfd = ss->fd->lower; 1628 1629 PORT_Memset(&sin, 0, sizeof(sin)); 1630 rv = osfd->methods->getpeername(osfd, &sin); 1631 if (rv < 0) { 1632 return SECFailure; 1633 } 1634 ss->TCPconnected = 1; 1635 if (sin.inet.family == PR_AF_INET) { 1636 PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer); 1637 ss->sec.ci.port = sin.inet.port; 1638 } else if (sin.ipv6.family == PR_AF_INET6) { 1639 ss->sec.ci.peer = sin.ipv6.ip; 1640 ss->sec.ci.port = sin.ipv6.port; 1641 } else { 1642 PORT_SetError(PR_ADDRESS_NOT_SUPPORTED_ERROR); 1643 return SECFailure; 1644 } 1645 return SECSuccess; 1646 } 1647 1648 static PRStatus PR_CALLBACK 1649 ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name) 1650 { 1651 sslSocket *ss; 1652 1653 ss = ssl_GetPrivate(fd); 1654 if (!ss) { 1655 SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd)); 1656 return PR_FAILURE; 1657 } 1658 return (PRStatus)(*ss->ops->getsockname)(ss, name); 1659 } 1660 1661 SECStatus 1662 SSL_SetSockPeerID(PRFileDesc *fd, const char *peerID) 1663 { 1664 sslSocket *ss; 1665 1666 ss = ssl_FindSocket(fd); 1667 if (!ss) { 1668 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCacheIndex", 1669 SSL_GETPID(), fd)); 1670 return SECFailure; 1671 } 1672 1673 if (ss->peerID) { 1674 PORT_Free(ss->peerID); 1675 ss->peerID = NULL; 1676 } 1677 if (peerID) 1678 ss->peerID = PORT_Strdup(peerID); 1679 return (ss->peerID || !peerID) ? SECSuccess : SECFailure; 1680 } 1681 1682 #define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ) 1683 1684 static PRInt16 PR_CALLBACK 1685 ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags) 1686 { 1687 sslSocket *ss; 1688 PRInt16 new_flags = how_flags; /* should select on these flags. */ 1689 PRNetAddr addr; 1690 1691 *p_out_flags = 0; 1692 ss = ssl_GetPrivate(fd); 1693 if (!ss) { 1694 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll", 1695 SSL_GETPID(), fd)); 1696 return 0; /* don't poll on this socket */ 1697 } 1698 1699 if (ss->opt.useSecurity && 1700 ss->handshaking != sslHandshakingUndetermined && 1701 !ss->firstHsDone && 1702 (how_flags & PR_POLL_RW)) { 1703 if (!ss->TCPconnected) { 1704 ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr)); 1705 } 1706 /* If it's not connected, then presumably the application is polling 1707 ** on read or write appropriately, so don't change it. 1708 */ 1709 if (ss->TCPconnected) { 1710 if (!ss->handshakeBegun) { 1711 /* If the handshake has not begun, poll on read or write 1712 ** based on the local application's role in the handshake, 1713 ** not based on what the application requested. 1714 */ 1715 new_flags &= ~PR_POLL_RW; 1716 if (ss->handshaking == sslHandshakingAsClient) { 1717 new_flags |= PR_POLL_WRITE; 1718 } else { /* handshaking as server */ 1719 new_flags |= PR_POLL_READ; 1720 } 1721 } else 1722 /* First handshake is in progress */ 1723 if (ss->lastWriteBlocked) { 1724 if (new_flags & PR_POLL_READ) { 1725 /* The caller is waiting for data to be received, 1726 ** but the initial handshake is blocked on write, or the 1727 ** client's first handshake record has not been written. 1728 ** The code should select on write, not read. 1729 */ 1730 new_flags ^= PR_POLL_READ; /* don't select on read. */ 1731 new_flags |= PR_POLL_WRITE; /* do select on write. */ 1732 } 1733 } else if (new_flags & PR_POLL_WRITE) { 1734 /* The caller is trying to write, but the handshake is 1735 ** blocked waiting for data to read, and the first 1736 ** handshake has been sent. so do NOT to poll on write. 1737 */ 1738 new_flags ^= PR_POLL_WRITE; /* don't select on write. */ 1739 new_flags |= PR_POLL_READ; /* do select on read. */ 1740 } 1741 } 1742 } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) { 1743 *p_out_flags = PR_POLL_READ; /* it's ready already. */ 1744 return new_flags; 1745 } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) && 1746 (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */ 1747 new_flags |= PR_POLL_WRITE; /* also select on write. */ 1748 } 1749 if (new_flags && (fd->lower->methods->poll != NULL)) { 1750 PRInt16 lower_out_flags = 0; 1751 PRInt16 lower_new_flags; 1752 lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags, 1753 &lower_out_flags); 1754 if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) { 1755 PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW; 1756 if (lower_out_flags & PR_POLL_READ) 1757 out_flags |= PR_POLL_WRITE; 1758 if (lower_out_flags & PR_POLL_WRITE) 1759 out_flags |= PR_POLL_READ; 1760 *p_out_flags = out_flags; 1761 new_flags = how_flags; 1762 } else { 1763 *p_out_flags = lower_out_flags; 1764 new_flags = lower_new_flags; 1765 } 1766 } 1767 1768 return new_flags; 1769 } 1770 1771 static PRInt32 PR_CALLBACK 1772 ssl_TransmitFile(PRFileDesc *sd, PRFileDesc *fd, 1773 const void *headers, PRInt32 hlen, 1774 PRTransmitFileFlags flags, PRIntervalTime timeout) 1775 { 1776 PRSendFileData sfd; 1777 1778 sfd.fd = fd; 1779 sfd.file_offset = 0; 1780 sfd.file_nbytes = 0; 1781 sfd.header = headers; 1782 sfd.hlen = hlen; 1783 sfd.trailer = NULL; 1784 sfd.tlen = 0; 1785 1786 return sd->methods->sendfile(sd, &sfd, flags, timeout); 1787 } 1788 1789 1790 PRBool 1791 ssl_FdIsBlocking(PRFileDesc *fd) 1792 { 1793 PRSocketOptionData opt; 1794 PRStatus status; 1795 1796 opt.option = PR_SockOpt_Nonblocking; 1797 opt.value.non_blocking = PR_FALSE; 1798 status = PR_GetSocketOption(fd, &opt); 1799 if (status != PR_SUCCESS) 1800 return PR_FALSE; 1801 return (PRBool)!opt.value.non_blocking; 1802 } 1803 1804 PRBool 1805 ssl_SocketIsBlocking(sslSocket *ss) 1806 { 1807 return ssl_FdIsBlocking(ss->fd); 1808 } 1809 1810 PRInt32 sslFirstBufSize = 8 * 1024; 1811 PRInt32 sslCopyLimit = 1024; 1812 1813 static PRInt32 PR_CALLBACK 1814 ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors, 1815 PRIntervalTime timeout) 1816 { 1817 PRInt32 bufLen; 1818 PRInt32 left; 1819 PRInt32 rv; 1820 PRInt32 sent = 0; 1821 const PRInt32 first_len = sslFirstBufSize; 1822 const PRInt32 limit = sslCopyLimit; 1823 PRBool blocking; 1824 PRIOVec myIov = { 0, 0 }; 1825 char buf[MAX_FRAGMENT_LENGTH]; 1826 1827 if (vectors > PR_MAX_IOVECTOR_SIZE) { 1828 PORT_SetError(PR_BUFFER_OVERFLOW_ERROR); 1829 return -1; 1830 } 1831 blocking = ssl_FdIsBlocking(fd); 1832 1833 #define K16 sizeof(buf) 1834 #define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; } 1835 #define GET_VECTOR do { myIov = *iov++; --vectors; KILL_VECTORS } while (0) 1836 #define HANDLE_ERR(rv, len) \ 1837 if (rv != len) { \ 1838 if (rv < 0) { \ 1839 if (!blocking \ 1840 && (PR_GetError() == PR_WOULD_BLOCK_ERROR) \ 1841 && (sent > 0)) { \ 1842 return sent; \ 1843 } else { \ 1844 return -1; \ 1845 } \ 1846 } \ 1847 /* Only a nonblocking socket can have partial sends */ \ 1848 PR_ASSERT(!blocking); \ 1849 return sent + rv; \ 1850 } 1851 #define SEND(bfr, len) \ 1852 do { \ 1853 rv = ssl_Send(fd, bfr, len, 0, timeout); \ 1854 HANDLE_ERR(rv, len) \ 1855 sent += len; \ 1856 } while (0) 1857 1858 /* Make sure the first write is at least 8 KB, if possible. */ 1859 KILL_VECTORS 1860 if (!vectors) 1861 return ssl_Send(fd, 0, 0, 0, timeout); 1862 GET_VECTOR; 1863 if (!vectors) { 1864 return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout); 1865 } 1866 if (myIov.iov_len < first_len) { 1867 PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len); 1868 bufLen = myIov.iov_len; 1869 left = first_len - bufLen; 1870 while (vectors && left) { 1871 int toCopy; 1872 GET_VECTOR; 1873 toCopy = PR_MIN(left, myIov.iov_len); 1874 PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy); 1875 bufLen += toCopy; 1876 left -= toCopy; 1877 myIov.iov_base += toCopy; 1878 myIov.iov_len -= toCopy; 1879 } 1880 SEND( buf, bufLen ); 1881 } 1882 1883 while (vectors || myIov.iov_len) { 1884 PRInt32 addLen; 1885 if (!myIov.iov_len) { 1886 GET_VECTOR; 1887 } 1888 while (myIov.iov_len >= K16) { 1889 SEND(myIov.iov_base, K16); 1890 myIov.iov_base += K16; 1891 myIov.iov_len -= K16; 1892 } 1893 if (!myIov.iov_len) 1894 continue; 1895 1896 if (!vectors || myIov.iov_len > limit) { 1897 addLen = 0; 1898 } else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) { 1899 /* Addlen is already computed. */; 1900 } else if (vectors > 1 && 1901 iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) { 1902 addLen = limit - myIov.iov_len; 1903 } else 1904 addLen = 0; 1905 1906 if (!addLen) { 1907 SEND( myIov.iov_base, myIov.iov_len ); 1908 myIov.iov_len = 0; 1909 continue; 1910 } 1911 PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len); 1912 bufLen = myIov.iov_len; 1913 do { 1914 GET_VECTOR; 1915 PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen); 1916 myIov.iov_base += addLen; 1917 myIov.iov_len -= addLen; 1918 bufLen += addLen; 1919 1920 left = PR_MIN( limit, K16 - bufLen); 1921 if (!vectors /* no more left */ 1922 || myIov.iov_len > 0 /* we didn't use that one all up */ 1923 || bufLen >= K16 /* it's full. */ 1924 ) { 1925 addLen = 0; 1926 } else if ((addLen = iov->iov_len % K16) <= left) { 1927 /* Addlen is already computed. */; 1928 } else if (vectors > 1 && 1929 iov[1].iov_len % K16 + addLen <= left + limit) { 1930 addLen = left; 1931 } else 1932 addLen = 0; 1933 1934 } while (addLen); 1935 SEND( buf, bufLen ); 1936 } 1937 return sent; 1938 } 1939 1940 /* 1941 * These functions aren't implemented. 1942 */ 1943 1944 static PRInt32 PR_CALLBACK 1945 ssl_Available(PRFileDesc *fd) 1946 { 1947 PORT_Assert(0); 1948 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1949 return SECFailure; 1950 } 1951 1952 static PRInt64 PR_CALLBACK 1953 ssl_Available64(PRFileDesc *fd) 1954 { 1955 PRInt64 res; 1956 1957 PORT_Assert(0); 1958 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1959 LL_I2L(res, -1L); 1960 return res; 1961 } 1962 1963 static PRStatus PR_CALLBACK 1964 ssl_FSync(PRFileDesc *fd) 1965 { 1966 PORT_Assert(0); 1967 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1968 return PR_FAILURE; 1969 } 1970 1971 static PRInt32 PR_CALLBACK 1972 ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how) { 1973 PORT_Assert(0); 1974 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1975 return SECFailure; 1976 } 1977 1978 static PRInt64 PR_CALLBACK 1979 ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how) { 1980 PRInt64 res; 1981 1982 PORT_Assert(0); 1983 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1984 LL_I2L(res, -1L); 1985 return res; 1986 } 1987 1988 static PRStatus PR_CALLBACK 1989 ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info) 1990 { 1991 PORT_Assert(0); 1992 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 1993 return PR_FAILURE; 1994 } 1995 1996 static PRStatus PR_CALLBACK 1997 ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info) 1998 { 1999 PORT_Assert(0); 2000 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 2001 return PR_FAILURE; 2002 } 2003 2004 static PRInt32 PR_CALLBACK 2005 ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags, 2006 PRNetAddr *addr, PRIntervalTime timeout) 2007 { 2008 PORT_Assert(0); 2009 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 2010 return SECFailure; 2011 } 2012 2013 static PRInt32 PR_CALLBACK 2014 ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags, 2015 const PRNetAddr *addr, PRIntervalTime timeout) 2016 { 2017 PORT_Assert(0); 2018 PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0); 2019 return SECFailure; 2020 } 2021 2022 static const PRIOMethods ssl_methods = { 2023 PR_DESC_LAYERED, 2024 ssl_Close, /* close */ 2025 ssl_Read, /* read */ 2026 ssl_Write, /* write */ 2027 ssl_Available, /* available */ 2028 ssl_Available64, /* available64 */ 2029 ssl_FSync, /* fsync */ 2030 ssl_Seek, /* seek */ 2031 ssl_Seek64, /* seek64 */ 2032 ssl_FileInfo, /* fileInfo */ 2033 ssl_FileInfo64, /* fileInfo64 */ 2034 ssl_WriteV, /* writev */ 2035 ssl_Connect, /* connect */ 2036 ssl_Accept, /* accept */ 2037 ssl_Bind, /* bind */ 2038 ssl_Listen, /* listen */ 2039 ssl_Shutdown, /* shutdown */ 2040 ssl_Recv, /* recv */ 2041 ssl_Send, /* send */ 2042 ssl_RecvFrom, /* recvfrom */ 2043 ssl_SendTo, /* sendto */ 2044 ssl_Poll, /* poll */ 2045 PR_EmulateAcceptRead, /* acceptread */ 2046 ssl_TransmitFile, /* transmitfile */ 2047 ssl_GetSockName, /* getsockname */ 2048 ssl_GetPeerName, /* getpeername */ 2049 NULL, /* getsockopt OBSOLETE */ 2050 NULL, /* setsockopt OBSOLETE */ 2051 NULL, /* getsocketoption */ 2052 NULL, /* setsocketoption */ 2053 PR_EmulateSendFile, /* Send a (partial) file with header/trailer*/ 2054 NULL, /* reserved for future use */ 2055 NULL, /* reserved for future use */ 2056 NULL, /* reserved for future use */ 2057 NULL, /* reserved for future use */ 2058 NULL /* reserved for future use */ 2059 }; 2060 2061 2062 static PRIOMethods combined_methods; 2063 2064 static void 2065 ssl_SetupIOMethods(void) 2066 { 2067 PRIOMethods *new_methods = &combined_methods; 2068 const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods(); 2069 const PRIOMethods *my_methods = &ssl_methods; 2070 2071 *new_methods = *nspr_methods; 2072 2073 new_methods->file_type = my_methods->file_type; 2074 new_methods->close = my_methods->close; 2075 new_methods->read = my_methods->read; 2076 new_methods->write = my_methods->write; 2077 new_methods->available = my_methods->available; 2078 new_methods->available64 = my_methods->available64; 2079 new_methods->fsync = my_methods->fsync; 2080 new_methods->seek = my_methods->seek; 2081 new_methods->seek64 = my_methods->seek64; 2082 new_methods->fileInfo = my_methods->fileInfo; 2083 new_methods->fileInfo64 = my_methods->fileInfo64; 2084 new_methods->writev = my_methods->writev; 2085 new_methods->connect = my_methods->connect; 2086 new_methods->accept = my_methods->accept; 2087 new_methods->bind = my_methods->bind; 2088 new_methods->listen = my_methods->listen; 2089 new_methods->shutdown = my_methods->shutdown; 2090 new_methods->recv = my_methods->recv; 2091 new_methods->send = my_methods->send; 2092 new_methods->recvfrom = my_methods->recvfrom; 2093 new_methods->sendto = my_methods->sendto; 2094 new_methods->poll = my_methods->poll; 2095 new_methods->acceptread = my_methods->acceptread; 2096 new_methods->transmitfile = my_methods->transmitfile; 2097 new_methods->getsockname = my_methods->getsockname; 2098 new_methods->getpeername = my_methods->getpeername; 2099 /* new_methods->getsocketoption = my_methods->getsocketoption; */ 2100 /* new_methods->setsocketoption = my_methods->setsocketoption; */ 2101 new_methods->sendfile = my_methods->sendfile; 2102 2103 } 2104 2105 static PRCallOnceType initIoLayerOnce; 2106 2107 static PRStatus 2108 ssl_InitIOLayer(void) 2109 { 2110 ssl_layer_id = PR_GetUniqueIdentity("SSL"); 2111 ssl_SetupIOMethods(); 2112 ssl_inited = PR_TRUE; 2113 return PR_SUCCESS; 2114 } 2115 2116 static PRStatus 2117 ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id) 2118 { 2119 PRFileDesc *layer = NULL; 2120 PRStatus status; 2121 2122 if (!ssl_inited) { 2123 PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer); 2124 } 2125 2126 if (ns == NULL) 2127 goto loser; 2128 2129 layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods); 2130 if (layer == NULL) 2131 goto loser; 2132 layer->secret = (PRFilePrivate *)ns; 2133 2134 /* Here, "stack" points to the PRFileDesc on the top of the stack. 2135 ** "layer" points to a new FD that is to be inserted into the stack. 2136 ** If layer is being pushed onto the top of the stack, then 2137 ** PR_PushIOLayer switches the contents of stack and layer, and then 2138 ** puts stack on top of layer, so that after it is done, the top of 2139 ** stack is the same "stack" as it was before, and layer is now the 2140 ** FD for the former top of stack. 2141 ** After this call, stack always points to the top PRFD on the stack. 2142 ** If this function fails, the contents of stack and layer are as 2143 ** they were before the call. 2144 */ 2145 status = PR_PushIOLayer(stack, id, layer); 2146 if (status != PR_SUCCESS) 2147 goto loser; 2148 2149 ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer; 2150 return PR_SUCCESS; 2151 2152 loser: 2153 if (layer) { 2154 layer->dtor(layer); /* free layer */ 2155 } 2156 return PR_FAILURE; 2157 } 2158 2159 /* if this fails, caller must destroy socket. */ 2160 static SECStatus 2161 ssl_MakeLocks(sslSocket *ss) 2162 { 2163 ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL); 2164 if (!ss->firstHandshakeLock) 2165 goto loser; 2166 ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL); 2167 if (!ss->ssl3HandshakeLock) 2168 goto loser; 2169 ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL); 2170 if (!ss->specLock) 2171 goto loser; 2172 ss->recvBufLock = PZ_NewMonitor(nssILockSSL); 2173 if (!ss->recvBufLock) 2174 goto loser; 2175 ss->xmitBufLock = PZ_NewMonitor(nssILockSSL); 2176 if (!ss->xmitBufLock) 2177 goto loser; 2178 ss->writerThread = NULL; 2179 if (ssl_lock_readers) { 2180 ss->recvLock = PZ_NewLock(nssILockSSL); 2181 if (!ss->recvLock) 2182 goto loser; 2183 ss->sendLock = PZ_NewLock(nssILockSSL); 2184 if (!ss->sendLock) 2185 goto loser; 2186 } 2187 return SECSuccess; 2188 loser: 2189 ssl_DestroyLocks(ss); 2190 return SECFailure; 2191 } 2192 2193 #if (defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS)) && !defined(_WIN32_WCE) 2194 #define NSS_HAVE_GETENV 1 2195 #endif 2196 2197 #define LOWER(x) (x | 0x20) /* cheap ToLower function ignores LOCALE */ 2198 2199 /* 2200 ** Create a newsocket structure for a file descriptor. 2201 */ 2202 static sslSocket * 2203 ssl_NewSocket(PRBool makeLocks) 2204 { 2205 sslSocket *ss; 2206 #if defined( NSS_HAVE_GETENV ) 2207 static int firsttime = 1; 2208 2209 if (firsttime) { 2210 char * ev; 2211 firsttime = 0; 2212 #ifdef DEBUG 2213 ev = getenv("SSLDEBUGFILE"); 2214 if (ev && ev[0]) { 2215 ssl_trace_iob = fopen(ev, "w"); 2216 } 2217 if (!ssl_trace_iob) { 2218 ssl_trace_iob = stderr; 2219 } 2220 #ifdef TRACE 2221 ev = getenv("SSLTRACE"); 2222 if (ev && ev[0]) { 2223 ssl_trace = atoi(ev); 2224 SSL_TRACE(("SSL: tracing set to %d", ssl_trace)); 2225 } 2226 #endif /* TRACE */ 2227 ev = getenv("SSLDEBUG"); 2228 if (ev && ev[0]) { 2229 ssl_debug = atoi(ev); 2230 SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); 2231 } 2232 #endif /* DEBUG */ 2233 ev = getenv("SSLBYPASS"); 2234 if (ev && ev[0]) { 2235 ssl_defaults.bypassPKCS11 = (ev[0] == '1'); 2236 SSL_TRACE(("SSL: bypass default set to %d", \ 2237 ssl_defaults.bypassPKCS11)); 2238 } 2239 ev = getenv("SSLFORCELOCKS"); 2240 if (ev && ev[0] == '1') { 2241 ssl_force_locks = PR_TRUE; 2242 ssl_defaults.noLocks = 0; 2243 strcpy(lockStatus + LOCKSTATUS_OFFSET, "FORCED. "); 2244 SSL_TRACE(("SSL: force_locks set to %d", ssl_force_locks)); 2245 } 2246 ev = getenv("NSS_SSL_ENABLE_RENEGOTIATION"); 2247 if (ev) { 2248 if (ev[0] == '1' || LOWER(ev[0]) == 'u') 2249 ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_UNRESTRICTED; 2250 #ifdef LATER 2251 /* When SSL_RENEGOTIATE_REQUIRES_XTN is implemented, it will be 2252 * the default. Until then, NEVER will be the default. 2253 */ 2254 else if (ev[0] == '0' || LOWER(ev[0]) == 'n') 2255 ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_NEVER; 2256 else 2257 ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN; 2258 #else 2259 else 2260 ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_NEVER; 2261 #endif 2262 2263 SSL_TRACE(("SSL: enableRenegotiation set to %d", 2264 ssl_defaults.enableRenegotiation)); 2265 } 2266 ev = getenv("NSS_SSL_REQUIRE_SAFE_NEGOTIATION"); 2267 if (ev && ev[0] == '1') { 2268 ssl_defaults.requireSafeNegotiation = PR_TRUE; 2269 SSL_TRACE(("SSL: requireSafeNegotiation set to %d", 2270 PR_TRUE)); 2271 } 2272 } 2273 #endif /* NSS_HAVE_GETENV */ 2274 if (ssl_force_locks) 2275 makeLocks = PR_TRUE; 2276 2277 /* Make a new socket and get it ready */ 2278 ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket)); 2279 if (ss) { 2280 /* This should be of type SSLKEAType, but CC on IRIX 2281 * complains during the for loop. 2282 */ 2283 int i; 2284 SECStatus status; 2285 2286 ss->opt = ssl_defaults; 2287 ss->opt.useSocks = PR_FALSE; 2288 ss->opt.noLocks = !makeLocks; 2289 2290 ss->peerID = NULL; 2291 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT; 2292 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT; 2293 ss->cTimeout = PR_INTERVAL_NO_TIMEOUT; 2294 ss->cipherSpecs = NULL; 2295 ss->sizeCipherSpecs = 0; /* produced lazily */ 2296 ss->preferredCipher = NULL; 2297 ss->url = NULL; 2298 2299 for (i=kt_null; i < kt_kea_size; i++) { 2300 sslServerCerts * sc = ss->serverCerts + i; 2301 sc->serverCert = NULL; 2302 sc->serverCertChain = NULL; 2303 sc->serverKeyPair = NULL; 2304 sc->serverKeyBits = 0; 2305 } 2306 ss->stepDownKeyPair = NULL; 2307 ss->dbHandle = CERT_GetDefaultCertDB(); 2308 2309 /* Provide default implementation of hooks */ 2310 ss->authCertificate = SSL_AuthCertificate; 2311 ss->authCertificateArg = (void *)ss->dbHandle; 2312 ss->getClientAuthData = NULL; 2313 ss->handleBadCert = NULL; 2314 ss->badCertArg = NULL; 2315 ss->pkcs11PinArg = NULL; 2316 2317 ssl_ChooseOps(ss); 2318 ssl2_InitSocketPolicy(ss); 2319 ssl3_InitSocketPolicy(ss); 2320 2321 if (makeLocks) { 2322 status = ssl_MakeLocks(ss); 2323 if (status != SECSuccess) 2324 goto loser; 2325 } 2326 status = ssl_CreateSecurityInfo(ss); 2327 if (status != SECSuccess) 2328 goto loser; 2329 status = ssl_InitGather(&ss->gs); 2330 if (status != SECSuccess) { 2331 loser: 2332 ssl_DestroySocketContents(ss); 2333 ssl_DestroyLocks(ss); 2334 PORT_Free(ss); 2335 ss = NULL; 2336 } 2337 } 2338 return ss; 2339 } 2340 2341