Lines Matching refs:ss
207 static SECStatus ssl_MakeLocks(sslSocket *ss);
221 sslSocket *ss;
233 ss = (sslSocket *)fd->secret;
234 ss->fd = fd;
235 return ss;
247 sslSocket *ss;
258 ss = (sslSocket *)layer->secret;
259 ss->fd = layer;
260 return ss;
266 sslSocket *ss;
269 ss = ssl_NewSocket((PRBool)(!os->opt.noLocks));
270 if (ss) {
271 ss->opt = os->opt;
272 ss->opt.useSocks = PR_FALSE;
274 ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
275 ss->url = !os->url ? NULL : PORT_Strdup(os->url);
277 ss->ops = os->ops;
278 ss->rTimeout = os->rTimeout;
279 ss->wTimeout = os->wTimeout;
280 ss->cTimeout = os->cTimeout;
281 ss->dbHandle = os->dbHandle;
284 ss->allowedByPolicy = os->allowedByPolicy;
285 ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy;
286 ss->chosenPreference = os->chosenPreference;
287 PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
290 ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
291 if (ss->cipherSpecs)
292 PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs,
294 ss->sizeCipherSpecs = os->sizeCipherSpecs;
295 ss->preferredCipher = os->preferredCipher;
297 ss->cipherSpecs = NULL; /* produced lazily */
298 ss->sizeCipherSpecs = 0;
299 ss->preferredCipher = NULL;
301 if (ss->opt.useSecurity) {
307 sslServerCerts * sc = ss->serverCerts;
325 ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
327 ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL :
333 ss->authCertificate = os->authCertificate;
334 ss->authCertificateArg = os->authCertificateArg;
335 ss->getClientAuthData = os->getClientAuthData;
336 ss->getClientAuthDataArg = os->getClientAuthDataArg;
337 ss->handleBadCert = os->handleBadCert;
338 ss->badCertArg = os->badCertArg;
339 ss->handshakeCallback = os->handshakeCallback;
340 ss->handshakeCallbackData = os->handshakeCallbackData;
341 ss->pkcs11PinArg = os->pkcs11PinArg;
344 rv = ssl_CopySecurityInfo(ss, os);
350 return ss;
353 ssl_FreeSocket(ss);
358 ssl_DestroyLocks(sslSocket *ss)
361 if (ss->firstHandshakeLock) {
362 PZ_DestroyMonitor(ss->firstHandshakeLock);
363 ss->firstHandshakeLock = NULL;
365 if (ss->ssl3HandshakeLock) {
366 PZ_DestroyMonitor(ss->ssl3HandshakeLock);
367 ss->ssl3HandshakeLock = NULL;
369 if (ss->specLock) {
370 NSSRWLock_Destroy(ss->specLock);
371 ss->specLock = NULL;
374 if (ss->recvLock) {
375 PZ_DestroyLock(ss->recvLock);
376 ss->recvLock = NULL;
378 if (ss->sendLock) {
379 PZ_DestroyLock(ss->sendLock);
380 ss->sendLock = NULL;
382 if (ss->xmitBufLock) {
383 PZ_DestroyMonitor(ss->xmitBufLock);
384 ss->xmitBufLock = NULL;
386 if (ss->recvBufLock) {
387 PZ_DestroyMonitor(ss->recvBufLock);
388 ss->recvBufLock = NULL;
394 ssl_DestroySocketContents(sslSocket *ss)
402 ssl_DestroySecurityInfo(&ss->sec);
404 ssl3_DestroySSL3Info(ss);
406 PORT_Free(ss->saveBuf.buf);
407 PORT_Free(ss->pendingBuf.buf);
408 ssl_DestroyGather(&ss->gs);
410 if (ss->peerID != NULL)
411 PORT_Free(ss->peerID);
412 if (ss->url != NULL)
413 PORT_Free((void *)ss->url); /* CONST */
414 if (ss->cipherSpecs) {
415 PORT_Free(ss->cipherSpecs);
416 ss->cipherSpecs = NULL;
417 ss->sizeCipherSpecs = 0;
422 sslServerCerts * sc = ss->serverCerts + i;
430 if (ss->stepDownKeyPair) {
431 ssl3_FreeKeyPair(ss->stepDownKeyPair);
432 ss->stepDownKeyPair = NULL;
434 if (ss->ephemeralECDHKeyPair) {
435 ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
436 ss->ephemeralECDHKeyPair = NULL;
438 if (ss->opt.nextProtoNego.data) {
439 PORT_Free(ss->opt.nextProtoNego.data);
440 ss->opt.nextProtoNego.data = NULL;
448 ssl_FreeSocket(sslSocket *ss)
457 ** SSL_LOCK_READER(ss);
458 ** SSL_LOCK_WRITER(ss);
460 ssl_Get1stHandshakeLock(ss);
461 ssl_GetRecvBufLock(ss);
462 ssl_GetSSL3HandshakeLock(ss);
463 ssl_GetXmitBufLock(ss);
464 ssl_GetSpecWriteLock(ss);
468 *fs = *ss; /* Copy the old socket structure, */
469 PORT_Memset(ss, 0x1f, sizeof *ss); /* then blast the old struct ASAP. */
471 #define fs ss
487 PORT_Free(ss); /* free the caller's copy, not ours. */
494 ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
496 PRFileDesc * osfd = ss->fd->lower;
513 ssl_ChooseOps(sslSocket *ss)
515 ss->ops = ss->opt.useSecurity ? &ssl_secure_ops : &ssl_default_ops;
520 PrepareSocket(sslSocket *ss)
524 ssl_ChooseOps(ss);
560 sslSocket *ss = ssl_FindSocket(fd);
564 if (!ss) {
569 holdingLocks = (!ss->opt.noLocks);
570 ssl_Get1stHandshakeLock(ss);
571 ssl_GetSSL3HandshakeLock(ss);
575 ss->opt.useSocks = PR_FALSE;
576 rv = PrepareSocket(ss);
584 ss->opt.useSecurity = on;
585 rv = PrepareSocket(ss);
589 ss->opt.requestCertificate = on;
593 ss->opt.requireCertificate = on;
597 if ( ss->opt.handshakeAsServer && on ) {
602 ss->opt.handshakeAsClient = on;
606 if ( ss->opt.handshakeAsClient && on ) {
611 ss->opt.handshakeAsServer = on;
615 ss->opt.enableTLS = on;
616 ss->preferredCipher = NULL;
617 if (ss->cipherSpecs) {
618 PORT_Free(ss->cipherSpecs);
619 ss->cipherSpecs = NULL;
620 ss->sizeCipherSpecs = 0;
625 ss->opt.enableSSL3 = on;
626 ss->preferredCipher = NULL;
627 if (ss->cipherSpecs) {
628 PORT_Free(ss->cipherSpecs);
629 ss->cipherSpecs = NULL;
630 ss->sizeCipherSpecs = 0;
635 ss->opt.enableSSL2 = on;
637 ss->opt.v2CompatibleHello = on;
639 ss->preferredCipher = NULL;
640 if (ss->cipherSpecs) {
641 PORT_Free(ss->cipherSpecs);
642 ss->cipherSpecs = NULL;
643 ss->sizeCipherSpecs = 0;
648 ss->opt.noCache = on;
652 if (on && ss->opt.noLocks) {
656 ss->opt.fdx = on;
660 ss->opt.v2CompatibleHello = on;
662 ss->opt.enableSSL2 = on;
667 ss->opt.detectRollBack = on;
671 ss->opt.noStepDown = on;
677 if (ss->handshakeBegun) {
683 ss->opt.bypassPKCS11 = on;
688 ss->opt.bypassPKCS11 = PR_FALSE;
694 if (on && ss->opt.fdx) {
700 ss->opt.noLocks = on;
705 rv = ssl_MakeLocks(ss);
707 ss->opt.noLocks = PR_TRUE;
713 ss->opt.enableSessionTickets = on;
717 ss->opt.enableDeflate = on;
721 ss->opt.enableRenegotiation = on;
725 ss->opt.requireSafeNegotiation = on;
734 * because ss->opt.noLocks might have changed just above.
736 * regardless of the current value of ss->opt.noLocks.
739 PZ_ExitMonitor((ss)->ssl3HandshakeLock);
740 PZ_ExitMonitor((ss)->firstHandshakeLock);
749 sslSocket *ss = ssl_FindSocket(fd);
757 if (!ss) {
763 ssl_Get1stHandshakeLock(ss);
764 ssl_GetSSL3HandshakeLock(ss);
768 case SSL_SECURITY: on = ss->opt.useSecurity; break;
769 case SSL_REQUEST_CERTIFICATE: on = ss->opt.requestCertificate; break;
770 case SSL_REQUIRE_CERTIFICATE: on = ss->opt.requireCertificate; break;
771 case SSL_HANDSHAKE_AS_CLIENT: on = ss->opt.handshakeAsClient; break;
772 case SSL_HANDSHAKE_AS_SERVER: on = ss->opt.handshakeAsServer; break;
773 case SSL_ENABLE_TLS: on = ss->opt.enableTLS; break;
774 case SSL_ENABLE_SSL3: on = ss->opt.enableSSL3; break;
775 case SSL_ENABLE_SSL2: on = ss->opt.enableSSL2; break;
776 case SSL_NO_CACHE: on = ss->opt.noCache; break;
777 case SSL_ENABLE_FDX: on = ss->opt.fdx; break;
778 case SSL_V2_COMPATIBLE_HELLO: on = ss->opt.v2CompatibleHello; break;
779 case SSL_ROLLBACK_DETECTION: on = ss->opt.detectRollBack; break;
780 case SSL_NO_STEP_DOWN: on = ss->opt.noStepDown; break;
781 case SSL_BYPASS_PKCS11: on = ss->opt.bypassPKCS11; break;
782 case SSL_NO_LOCKS: on = ss->opt.noLocks; break;
784 on = ss->opt.enableSessionTickets;
786 case SSL_ENABLE_DEFLATE: on = ss->opt.enableDeflate; break;
788 on = ss->opt.enableRenegotiation; break;
790 on = ss->opt.requireSafeNegotiation; break;
797 ssl_ReleaseSSL3HandshakeLock(ss);
798 ssl_Release1stHandshakeLock(ss);
1122 sslSocket *ss = ssl_FindSocket(fd);
1124 if (!ss) {
1130 if (enabled && ss->opt.noStepDown && SSL_IsExportCipherSuite(which)) {
1135 rv = ssl2_CipherPrefSet(ss, which, enabled);
1137 rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
1146 sslSocket *ss = ssl_FindSocket(fd);
1152 if (!ss) {
1161 rv = ssl2_CipherPrefGet(ss, which, enabled);
1163 rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
1228 sslSocket * ss = ssl_FindSocket(model);
1229 if (ss == NULL) {
1234 ns = ssl_DupSocket(ss);
1261 sslSocket *ss = ssl_FindSocket(fd);
1263 if (!ss) {
1272 ssl_GetSSL3HandshakeLock(ss);
1273 if (ss->opt.nextProtoNego.data)
1274 PORT_Free(ss->opt.nextProtoNego.data);
1275 ss->opt.nextProtoNego.data = PORT_Alloc(length);
1276 if (!ss->opt.nextProtoNego.data) {
1277 ssl_ReleaseSSL3HandshakeLock(ss);
1280 memcpy(ss->opt.nextProtoNego.data, data, length);
1281 ss->opt.nextProtoNego.len = length;
1282 ss->opt.nextProtoNego.type = siBuffer;
1283 ssl_ReleaseSSL3HandshakeLock(ss);
1301 sslSocket *ss = ssl_FindSocket(fd);
1303 if (!ss) {
1309 *state = ss->ssl3.nextProtoState;
1311 if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
1312 ss->ssl3.nextProto.data) {
1313 *length = ss->ssl3.nextProto.len;
1316 PORT_Memcpy(buf, ss->ssl3.nextProto.data, *length);
1332 sslSocket *ss;
1338 ss = ssl_GetPrivate(fd);
1339 if (!ss) {
1345 SSL_LOCK_READER(ss);
1346 SSL_LOCK_WRITER(ss);
1347 ssl_Get1stHandshakeLock(ss);
1348 ssl_GetSSL3HandshakeLock(ss);
1350 ss->cTimeout = timeout;
1352 osfd = ss->fd->lower;
1358 SSL_GETPID(), ss->fd, PORT_GetError()));
1361 ns = ssl_DupSocket(ss);
1364 ssl_ReleaseSSL3HandshakeLock(ss);
1365 ssl_Release1stHandshakeLock(ss);
1366 SSL_UNLOCK_WRITER(ss);
1367 SSL_UNLOCK_READER(ss); /* ss isn't used below here. */
1383 ss->handshaking = sslHandshakingAsClient;
1386 ss->handshaking = sslHandshakingAsServer;
1403 sslSocket *ss;
1406 ss = ssl_GetPrivate(fd);
1407 if (!ss) {
1413 SSL_LOCK_READER(ss);
1414 SSL_LOCK_WRITER(ss);
1416 ss->cTimeout = timeout;
1417 rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
1422 SSL_UNLOCK_WRITER(ss);
1423 SSL_UNLOCK_READER(ss);
1431 sslSocket * ss = ssl_GetPrivate(fd);
1434 if (!ss) {
1438 SSL_LOCK_READER(ss);
1439 SSL_LOCK_WRITER(ss);
1441 rv = (PRStatus)(*ss->ops->bind)(ss, addr);
1443 SSL_UNLOCK_WRITER(ss);
1444 SSL_UNLOCK_READER(ss);
1451 sslSocket * ss = ssl_GetPrivate(fd);
1454 if (!ss) {
1458 SSL_LOCK_READER(ss);
1459 SSL_LOCK_WRITER(ss);
1461 rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
1463 SSL_UNLOCK_WRITER(ss);
1464 SSL_UNLOCK_READER(ss);
1471 sslSocket * ss = ssl_GetPrivate(fd);
1474 if (!ss) {
1479 SSL_LOCK_READER(ss);
1482 SSL_LOCK_WRITER(ss);
1485 rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
1488 SSL_UNLOCK_WRITER(ss);
1491 SSL_UNLOCK_READER(ss);
1499 sslSocket *ss;
1502 ss = ssl_GetPrivate(fd);
1503 if (!ss) {
1509 SSL_LOCK_READER(ss);
1510 SSL_LOCK_WRITER(ss);
1513 ** ss is an invalid pointer, and the locks to which it points have
1518 rv = (PRStatus)(*ss->ops->close)(ss);
1527 sslSocket *ss;
1530 ss = ssl_GetPrivate(fd);
1531 if (!ss) {
1535 SSL_LOCK_READER(ss);
1536 ss->rTimeout = timeout;
1537 if (!ss->opt.fdx)
1538 ss->wTimeout = timeout;
1539 rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags);
1540 SSL_UNLOCK_READER(ss);
1548 sslSocket *ss;
1551 ss = ssl_GetPrivate(fd);
1552 if (!ss) {
1556 SSL_LOCK_WRITER(ss);
1557 ss->wTimeout = timeout;
1558 if (!ss->opt.fdx)
1559 ss->rTimeout = timeout;
1560 rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags);
1561 SSL_UNLOCK_WRITER(ss);
1568 sslSocket *ss;
1571 ss = ssl_GetPrivate(fd);
1572 if (!ss) {
1576 SSL_LOCK_READER(ss);
1577 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
1578 if (!ss->opt.fdx)
1579 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
1580 rv = (*ss->ops->read)(ss, (unsigned char*)buf, len);
1581 SSL_UNLOCK_READER(ss);
1588 sslSocket *ss;
1591 ss = ssl_GetPrivate(fd);
1592 if (!ss) {
1596 SSL_LOCK_WRITER(ss);
1597 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
1598 if (!ss->opt.fdx)
1599 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
1600 rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len);
1601 SSL_UNLOCK_WRITER(ss);
1608 sslSocket *ss;
1610 ss = ssl_GetPrivate(fd);
1611 if (!ss) {
1615 return (PRStatus)(*ss->ops->getpeername)(ss, addr);
1621 ssl_GetPeerInfo(sslSocket *ss)
1627 osfd = ss->fd->lower;
1634 ss->TCPconnected = 1;
1636 PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer);
1637 ss->sec.ci.port = sin.inet.port;
1639 ss->sec.ci.peer = sin.ipv6.ip;
1640 ss->sec.ci.port = sin.ipv6.port;
1651 sslSocket *ss;
1653 ss = ssl_GetPrivate(fd);
1654 if (!ss) {
1658 return (PRStatus)(*ss->ops->getsockname)(ss, name);
1664 sslSocket *ss;
1666 ss = ssl_FindSocket(fd);
1667 if (!ss) {
1673 if (ss->peerID) {
1674 PORT_Free(ss->peerID);
1675 ss->peerID = NULL;
1678 ss->peerID = PORT_Strdup(peerID);
1679 return (ss->peerID || !peerID) ? SECSuccess : SECFailure;
1687 sslSocket *ss;
1692 ss = ssl_GetPrivate(fd);
1693 if (!ss) {
1699 if (ss->opt.useSecurity &&
1700 ss->handshaking != sslHandshakingUndetermined &&
1701 !ss->firstHsDone &&
1703 if (!ss->TCPconnected) {
1704 ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
1709 if (ss->TCPconnected) {
1710 if (!ss->handshakeBegun) {
1716 if (ss->handshaking == sslHandshakingAsClient) {
1723 if (ss->lastWriteBlocked) {
1745 } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
1746 (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
1805 ssl_SocketIsBlocking(sslSocket *ss)
1807 return ssl_FdIsBlocking(ss->fd);
2161 ssl_MakeLocks(sslSocket *ss)
2163 ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
2164 if (!ss->firstHandshakeLock)
2166 ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL);
2167 if (!ss->ssl3HandshakeLock)
2169 ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
2170 if (!ss->specLock)
2172 ss->recvBufLock = PZ_NewMonitor(nssILockSSL);
2173 if (!ss->recvBufLock)
2175 ss->xmitBufLock = PZ_NewMonitor(nssILockSSL);
2176 if (!ss->xmitBufLock)
2178 ss->writerThread = NULL;
2180 ss->recvLock = PZ_NewLock(nssILockSSL);
2181 if (!ss->recvLock)
2183 ss->sendLock = PZ_NewLock(nssILockSSL);
2184 if (!ss->sendLock)
2189 ssl_DestroyLocks(ss);
2205 sslSocket *ss;
2278 ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket));
2279 if (ss) {
2286 ss->opt = ssl_defaults;
2287 ss->opt.useSocks = PR_FALSE;
2288 ss->opt.noLocks = !makeLocks;
2290 ss->peerID = NULL;
2291 ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
2292 ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
2293 ss->cTimeout = PR_INTERVAL_NO_TIMEOUT;
2294 ss->cipherSpecs = NULL;
2295 ss->sizeCipherSpecs = 0; /* produced lazily */
2296 ss->preferredCipher = NULL;
2297 ss->url = NULL;
2300 sslServerCerts * sc = ss->serverCerts + i;
2306 ss->stepDownKeyPair = NULL;
2307 ss->dbHandle = CERT_GetDefaultCertDB();
2310 ss->authCertificate = SSL_AuthCertificate;
2311 ss->authCertificateArg = (void *)ss->dbHandle;
2312 ss->getClientAuthData = NULL;
2313 ss->handleBadCert = NULL;
2314 ss->badCertArg = NULL;
2315 ss->pkcs11PinArg = NULL;
2317 ssl_ChooseOps(ss);
2318 ssl2_InitSocketPolicy(ss);
2319 ssl3_InitSocketPolicy(ss);
2322 status = ssl_MakeLocks(ss);
2326 status = ssl_CreateSecurityInfo(ss);
2329 status = ssl_InitGather(&ss->gs);
2332 ssl_DestroySocketContents(ss);
2333 ssl_DestroyLocks(ss);
2334 PORT_Free(ss);
2335 ss = NULL;
2338 return ss;