static int
prldap_getpeername( LDAP *ld, struct sockaddr *addr, char *buffer, int buflen)
{
PRLDAPIOSocketArg *sa;
PRFileDesc *fd;
PRNetAddr iaddr;
int ret;
if (NULL != ld) {
ret = prldap_socket_arg_from_ld( ld, &sa );
if (ret != LDAP_SUCCESS) {
return (-1);
}
ret = PR_GetPeerName(sa->prsock_prfd, &iaddr);
if( ret == PR_FAILURE ) {
return( -1 );
}
*addr = *((struct sockaddr *)&iaddr.raw);
ret = PR_NetAddrToString(&iaddr, buffer, buflen);
if( ret == PR_FAILURE ) {
return( -1 );
}
return (0);
}
return (-1);
}
// Used to return connection info to Dashboard.cpp
void
nsSocketTransportService::AnalyzeConnection(nsTArray<SocketInfo> *data,
struct SocketContext *context, bool aActive)
{
if (context->mHandler->mIsPrivate)
return;
PRFileDesc *aFD = context->mFD;
PRFileDesc *idLayer = PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER);
NS_ENSURE_TRUE_VOID(idLayer);
bool tcp = PR_GetDescType(idLayer) == PR_DESC_SOCKET_TCP;
PRNetAddr peer_addr;
PR_GetPeerName(aFD, &peer_addr);
char host[64] = {0};
PR_NetAddrToString(&peer_addr, host, sizeof(host));
uint16_t port;
if (peer_addr.raw.family == PR_AF_INET)
port = peer_addr.inet.port;
else
port = peer_addr.ipv6.port;
port = PR_ntohs(port);
uint64_t sent = context->mHandler->ByteCountSent();
uint64_t received = context->mHandler->ByteCountReceived();
SocketInfo info = { nsCString(host), sent, received, port, aActive, tcp };
data->AppendElement(info);
}
static void ConnectingThread(void *arg)
{
PRInt32 nbytes;
#ifdef SYMBIAN
char buf[256];
#else
char buf[1024];
#endif
PRFileDesc *sock;
PRNetAddr peer_addr, *addr;
addr = (PRNetAddr*)arg;
sock = PR_NewTCPSocket();
if (sock == NULL)
{
PL_FPrintError(err_out, "PR_NewTCPSocket (client) failed");
PR_ProcessExit(1);
}
if (PR_Connect(sock, addr, PR_INTERVAL_NO_TIMEOUT) == PR_FAILURE)
{
PL_FPrintError(err_out, "PR_Connect (client) failed");
PR_ProcessExit(1);
}
if (PR_GetPeerName(sock, &peer_addr) == PR_FAILURE)
{
PL_FPrintError(err_out, "PR_GetPeerName (client) failed");
PR_ProcessExit(1);
}
/*
** Then wait between the connection coming up and sending the expected
** data. At some point in time, the server should fail due to a timeou
** on the AcceptRead() operation, which according to the document is
** only due to the read() portion.
*/
PR_Sleep(write_dally);
nbytes = PR_Send(sock, GET, sizeof(GET), 0, PR_INTERVAL_NO_TIMEOUT);
if (nbytes == -1) PL_FPrintError(err_out, "PR_Send (client) failed");
nbytes = PR_Recv(sock, buf, sizeof(buf), 0, PR_INTERVAL_NO_TIMEOUT);
if (nbytes == -1) PL_FPrintError(err_out, "PR_Recv (client) failed");
else
{
PR_fprintf(std_out, "PR_Recv (client) succeeded: %d bytes\n", nbytes);
buf[sizeof(buf) - 1] = '\0';
PR_fprintf(std_out, "%s\n", buf);
}
if (PR_FAILURE == PR_Shutdown(sock, PR_SHUTDOWN_BOTH))
PL_FPrintError(err_out, "PR_Shutdown (client) failed");
if (PR_FAILURE == PR_Close(sock))
PL_FPrintError(err_out, "PR_Close (client) failed");
return;
} /* ConnectingThread */
/** Compares the common name specified in the subject DN for a certificate
* with a specified hostname.
*/
SECStatus
CERT_VerifyCertName(const CERTCertificate *cert, const char *hostname)
{
LOG_DEBUG(">> CERT_VerifyCertName: %s", hostname);
static SECStatus (*VerifyCertName)(CERTCertificate *cert,
const char *hostname) = NULL;
if (!VerifyCertName)
VerifyCertName = getfunc("CERT_VerifyCertName", LIBNSS3);
if (!VerifyCertName)
return SECFailure;
SECStatus ret = VerifyCertName(cert, hostname);
LOG_DEBUG(">>> result = %d", ret);
PATROL_init();
if (!cfg.loaded)
PATROL_get_config(&cfg);
PRNetAddr addr;
if (PR_SUCCESS != PR_GetPeerName(nss_fd, &addr))
return ret;
PatrolData *chain = NULL;
size_t chain_len
= PATROL_NSS_convert_chain(CERT_GetCertChainFromCert(cert, PR_Now(),
certUsageSSLCA),
&chain);
PatrolRC pret = PATROL_check(&cfg, chain, chain_len, PATROL_CERT_X509,
ret == SECSuccess ? PATROL_OK : PATROL_ERROR,
hostname, 0, "tcp", // FIXME
PR_ntohs((addr.raw.family == PR_AF_INET6)
? addr.ipv6.port : addr.inet.port));
LOG_DEBUG(">>> patrol result = %d", pret);
free(chain);
PATROL_deinit();
return pret == PATROL_OK ? SECSuccess : SECFailure;
}
