/src/mozilla-central/security/nss/lib/ssl/sslreveal.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Accessor functions for SSLSocket private members. |
3 | | * |
4 | | * This Source Code Form is subject to the terms of the Mozilla Public |
5 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | | |
8 | | #include "cert.h" |
9 | | #include "ssl.h" |
10 | | #include "certt.h" |
11 | | #include "sslimpl.h" |
12 | | |
13 | | /* given PRFileDesc, returns a copy of certificate associated with the socket |
14 | | * the caller should delete the cert when done with SSL_DestroyCertificate |
15 | | */ |
16 | | CERTCertificate * |
17 | | SSL_RevealCert(PRFileDesc *fd) |
18 | 0 | { |
19 | 0 | CERTCertificate *cert = NULL; |
20 | 0 | sslSocket *sslsocket = NULL; |
21 | 0 |
|
22 | 0 | sslsocket = ssl_FindSocket(fd); |
23 | 0 |
|
24 | 0 | /* CERT_DupCertificate increases reference count and returns pointer to |
25 | 0 | * the same cert |
26 | 0 | */ |
27 | 0 | if (sslsocket && sslsocket->sec.peerCert) |
28 | 0 | cert = CERT_DupCertificate(sslsocket->sec.peerCert); |
29 | 0 |
|
30 | 0 | return cert; |
31 | 0 | } |
32 | | |
33 | | /* given PRFileDesc, returns a pointer to PinArg associated with the socket |
34 | | */ |
35 | | void * |
36 | | SSL_RevealPinArg(PRFileDesc *fd) |
37 | 0 | { |
38 | 0 | sslSocket *sslsocket = NULL; |
39 | 0 | void *PinArg = NULL; |
40 | 0 |
|
41 | 0 | sslsocket = ssl_FindSocket(fd); |
42 | 0 |
|
43 | 0 | /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */ |
44 | 0 | if (sslsocket) |
45 | 0 | PinArg = sslsocket->pkcs11PinArg; |
46 | 0 |
|
47 | 0 | return PinArg; |
48 | 0 | } |
49 | | |
50 | | /* given PRFileDesc, returns a pointer to the URL associated with the socket |
51 | | * the caller should free url when done |
52 | | */ |
53 | | char * |
54 | | SSL_RevealURL(PRFileDesc *fd) |
55 | 0 | { |
56 | 0 | sslSocket *sslsocket = NULL; |
57 | 0 | char *url = NULL; |
58 | 0 |
|
59 | 0 | sslsocket = ssl_FindSocket(fd); |
60 | 0 |
|
61 | 0 | if (sslsocket && sslsocket->url) |
62 | 0 | url = PL_strdup(sslsocket->url); |
63 | 0 |
|
64 | 0 | return url; |
65 | 0 | } |
66 | | |
67 | | /* given PRFileDesc, returns status information related to extensions |
68 | | * negotiated with peer during the handshake. |
69 | | */ |
70 | | |
71 | | SECStatus |
72 | | SSL_HandshakeNegotiatedExtension(PRFileDesc *socket, |
73 | | SSLExtensionType extId, |
74 | | PRBool *pYes) |
75 | 0 | { |
76 | 0 | /* some decisions derived from SSL_GetChannelInfo */ |
77 | 0 | sslSocket *sslsocket = NULL; |
78 | 0 |
|
79 | 0 | if (!pYes) { |
80 | 0 | PORT_SetError(SEC_ERROR_INVALID_ARGS); |
81 | 0 | return SECFailure; |
82 | 0 | } |
83 | 0 |
|
84 | 0 | sslsocket = ssl_FindSocket(socket); |
85 | 0 | if (!sslsocket) { |
86 | 0 | SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension", |
87 | 0 | SSL_GETPID(), socket)); |
88 | 0 | return SECFailure; |
89 | 0 | } |
90 | 0 | |
91 | 0 | *pYes = PR_FALSE; |
92 | 0 |
|
93 | 0 | /* according to public API SSL_GetChannelInfo, this doesn't need a lock */ |
94 | 0 | if (sslsocket->opt.useSecurity) { |
95 | 0 | /* now we know this socket went through ssl3_InitState() and |
96 | 0 | * ss->xtnData got initialized, which is the only member accessed by |
97 | 0 | * ssl3_ExtensionNegotiated(); |
98 | 0 | * Member xtnData appears to get accessed in functions that handle |
99 | 0 | * the handshake (hello messages and extension sending), |
100 | 0 | * therefore the handshake lock should be sufficient. |
101 | 0 | */ |
102 | 0 | ssl_GetSSL3HandshakeLock(sslsocket); |
103 | 0 | *pYes = ssl3_ExtensionNegotiated(sslsocket, extId); |
104 | 0 | ssl_ReleaseSSL3HandshakeLock(sslsocket); |
105 | 0 | } |
106 | 0 |
|
107 | 0 | return SECSuccess; |
108 | 0 | } |