/* For SSLv2, does nothing but return an error.
** For SSLv3, flushes SID cache entry (if requested),
** and then starts new client hello or hello request.
** Acquires and releases HandshakeLock.
*/
SECStatus
SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
{
sslSocket *ss;
SECStatus rv;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
return SECFailure;
}
if (!ss->opt.useSecurity)
return SECSuccess;
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return rv;
}
/* Register an application callback to be called when false start may happen.
** Acquires and releases HandshakeLock.
*/
SECStatus
SSL_SetCanFalseStartCallback(PRFileDesc *fd, SSLCanFalseStartCallback cb,
void *arg)
{
sslSocket *ss;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCanFalseStartCallback",
SSL_GETPID(), fd));
return SECFailure;
}
if (!ss->opt.useSecurity) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
ss->canFalseStartCallback = cb;
ss->canFalseStartCallbackData = arg;
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return SECSuccess;
}
SECItem *
SSL_GetSessionID(PRFileDesc *fd)
{
sslSocket * ss;
SECItem * item = NULL;
ss = ssl_FindSocket(fd);
if (ss) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss->opt.useSecurity && ss->firstHsDone && ss->sec.ci.sid) {
item = (SECItem *)PORT_Alloc(sizeof(SECItem));
if (item) {
sslSessionID * sid = ss->sec.ci.sid;
if (sid->version < SSL_LIBRARY_VERSION_3_0) {
item->len = SSL2_SESSIONID_BYTES;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
} else {
item->len = sid->u.ssl3.sessionIDLength;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
}
}
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
return item;
}
/*
* Allow the application to pass the set of trust anchors
*/
SECStatus
SSL_SetTrustAnchors(PRFileDesc *fd, CERTCertList *certList)
{
sslSocket *ss = ssl_FindSocket(fd);
CERTDistNames *names = NULL;
if (!certList) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetTrustAnchors",
SSL_GETPID(), fd));
return SECFailure;
}
names = CERT_DistNamesFromCertList(certList);
if (names == NULL) {
return SECFailure;
}
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss->ssl3.ca_list) {
CERT_FreeDistNames(ss->ssl3.ca_list);
}
ss->ssl3.ca_list = names;
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return SECSuccess;
}
/*
* Allow the application to pass the url or hostname into the SSL library
* so that we can do some checking on it. It will be used for the value in
* SNI extension of client hello message.
*/
SECStatus
SSL_SetURL(PRFileDesc *fd, const char *url)
{
sslSocket * ss = ssl_FindSocket(fd);
SECStatus rv = SECSuccess;
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
SSL_GETPID(), fd));
return SECFailure;
}
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if ( ss->url ) {
PORT_Free((void *)ss->url); /* CONST */
}
ss->url = (const char *)PORT_Strdup(url);
if ( ss->url == NULL ) {
rv = SECFailure;
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return rv;
}
/* See documentation in ssl.h */
SECStatus
SSL_AuthCertificateComplete(PRFileDesc *fd, PRErrorCode error)
{
SECStatus rv;
sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_AuthCertificateComplete",
SSL_GETPID(), fd));
return SECFailure;
}
ssl_Get1stHandshakeLock(ss);
if (!ss->ssl3.initialized) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
} else if (ss->version < SSL_LIBRARY_VERSION_3_0) {
PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2);
rv = SECFailure;
} else {
rv = ssl3_AuthCertificateComplete(ss, error);
}
ssl_Release1stHandshakeLock(ss);
return rv;
}
/* For SSLv2, does nothing but return an error.
** For SSLv3, flushes SID cache entry (if requested),
** and then starts new client hello or hello request.
** Acquires and releases HandshakeLock.
*/
SECStatus
SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
{
sslSocket *ss;
SECStatus rv;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
return SECFailure;
}
if (!ss->opt.useSecurity)
return SECSuccess;
ssl_Get1stHandshakeLock(ss);
/* SSL v2 protocol does not support subsequent handshakes. */
if (ss->version < SSL_LIBRARY_VERSION_3_0) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
} else {
ssl_GetSSL3HandshakeLock(ss);
rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
ssl_ReleaseSSL3HandshakeLock(ss);
}
ssl_Release1stHandshakeLock(ss);
return rv;
}
SECStatus
SSL_RestartHandshakeAfterChannelIDReq(PRFileDesc * fd,
SECKEYPublicKey * channelIDPub,
SECKEYPrivateKey *channelID)
{
sslSocket * ss = ssl_FindSocket(fd);
SECStatus ret;
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in"
" SSL_RestartHandshakeAfterChannelIDReq",
SSL_GETPID(), fd));
goto loser;
}
ssl_Get1stHandshakeLock(ss);
if (ss->version < SSL_LIBRARY_VERSION_3_0) {
PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2);
ssl_Release1stHandshakeLock(ss);
goto loser;
}
ret = ssl3_RestartHandshakeAfterChannelIDReq(ss, channelIDPub,
channelID);
ssl_Release1stHandshakeLock(ss);
return ret;
loser:
SECKEY_DestroyPublicKey(channelIDPub);
SECKEY_DestroyPrivateKey(channelID);
return SECFailure;
}
/* Acquires and releases HandshakeLock.
*/
SECStatus
SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
{
sslSocket *ss;
SECStatus status;
PRNetAddr addr;
ss = ssl_FindSocket(s);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in ResetHandshake", SSL_GETPID(), s));
return SECFailure;
}
/* Don't waste my time */
if (!ss->opt.useSecurity)
return SECSuccess;
SSL_LOCK_READER(ss);
SSL_LOCK_WRITER(ss);
/* Reset handshake state */
ssl_Get1stHandshakeLock(ss);
ss->firstHsDone = PR_FALSE;
if ( asServer ) {
ss->handshake = ssl2_BeginServerHandshake;
ss->handshaking = sslHandshakingAsServer;
} else {
ss->handshake = ssl2_BeginClientHandshake;
ss->handshaking = sslHandshakingAsClient;
}
ss->nextHandshake = 0;
ss->securityHandshake = 0;
ssl_GetRecvBufLock(ss);
status = ssl_InitGather(&ss->gs);
ssl_ReleaseRecvBufLock(ss);
ssl_GetSSL3HandshakeLock(ss);
/*
** Blow away old security state and get a fresh setup.
*/
ssl_GetXmitBufLock(ss);
ssl_ResetSecurityInfo(&ss->sec, PR_TRUE);
status = ssl_CreateSecurityInfo(ss);
ssl_ReleaseXmitBufLock(ss);
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
if (!ss->TCPconnected)
ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
SSL_UNLOCK_WRITER(ss);
SSL_UNLOCK_READER(ss);
return status;
}
/* Try to make progress on an SSL handshake by attempting to read the
** next handshake from the peer, and sending any responses.
** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
** read the next handshake from the underlying socket.
** For SSLv2, returns when handshake is complete or fatal error occurs.
** For SSLv3, returns when handshake is complete, or application data has
** arrived that must be taken by application before handshake can continue,
** or a fatal error occurs.
** Application should use handshake completion callback to tell which.
*/
SECStatus
SSL_ForceHandshake(PRFileDesc *fd)
{
sslSocket *ss;
SECStatus rv = SECFailure;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in ForceHandshake",
SSL_GETPID(), fd));
return rv;
}
/* Don't waste my time */
if (!ss->opt.useSecurity)
return SECSuccess;
if (!ssl_SocketIsBlocking(ss)) {
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
int sent = ssl_SendSavedWriteData(ss);
if ((sent < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
ssl_ReleaseXmitBufLock(ss);
return SECFailure;
}
}
ssl_ReleaseXmitBufLock(ss);
}
ssl_Get1stHandshakeLock(ss);
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
int gatherResult;
ssl_GetRecvBufLock(ss);
gatherResult = ssl3_GatherCompleteHandshake(ss, 0);
ssl_ReleaseRecvBufLock(ss);
if (gatherResult > 0) {
rv = SECSuccess;
} else if (gatherResult == 0) {
PORT_SetError(PR_END_OF_FILE_ERROR);
} else if (gatherResult == SECWouldBlock) {
PORT_SetError(PR_WOULD_BLOCK_ERROR);
}
} else if (!ss->firstHsDone) {
rv = ssl_Do1stHandshake(ss);
} else {
/* tried to force handshake on an SSL 2 socket that has
** already completed the handshake. */
rv = SECSuccess; /* just pretend we did it. */
}
ssl_Release1stHandshakeLock(ss);
return rv;
}
int
ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
{
int rv = 0;
if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
return PR_FAILURE;
}
if (flags & ~PR_MSG_PEEK) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
return PR_FAILURE;
}
if (!ssl_SocketIsBlocking(ss) && !ss->opt.fdx) {
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
rv = ssl_SendSavedWriteData(ss);
if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
ssl_ReleaseXmitBufLock(ss);
return SECFailure;
}
}
ssl_ReleaseXmitBufLock(ss);
}
rv = 0;
if (!PR_CLIST_IS_EMPTY(&ss->ssl3.hs.bufferedEarlyData)) {
PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
return tls13_Read0RttData(ss, buf, len);
}
/* If any of these is non-zero, the initial handshake is not done. */
if (!ss->firstHsDone) {
ssl_Get1stHandshakeLock(ss);
if (ss->handshake) {
rv = ssl_Do1stHandshake(ss);
}
ssl_Release1stHandshakeLock(ss);
}
if (rv < 0) {
return rv;
}
if (len == 0)
return 0;
rv = DoRecv(ss, (unsigned char *)buf, len, flags);
SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
SSL_GETPID(), ss->fd, rv, PORT_GetError()));
return rv;
}
int
ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
{
sslSecurityInfo *sec;
int rv = 0;
sec = &ss->sec;
if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
return PR_FAILURE;
}
if (flags & ~PR_MSG_PEEK) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
return PR_FAILURE;
}
if (!ssl_SocketIsBlocking(ss) && !ss->opt.fdx) {
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
rv = ssl_SendSavedWriteData(ss);
if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
ssl_ReleaseXmitBufLock(ss);
return SECFailure;
}
/* XXX short write? */
}
ssl_ReleaseXmitBufLock(ss);
}
rv = 0;
/* If any of these is non-zero, the initial handshake is not done. */
if (!ss->firstHsDone) {
ssl_Get1stHandshakeLock(ss);
if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
rv = ssl_Do1stHandshake(ss);
}
ssl_Release1stHandshakeLock(ss);
}
if (rv < 0) {
return rv;
}
if (len == 0) return 0;
rv = DoRecv(ss, (unsigned char*) buf, len, flags);
SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
SSL_GETPID(), ss->fd, rv, PORT_GetError()));
return rv;
}
/* restart an SSL connection that we stopped to run certificate dialogs
** XXX Need to document here how an application marks a cert to show that
** the application has accepted it (overridden CERT_VerifyCert).
*
* XXX This code only works on the initial handshake on a connection, XXX
* It does not work on a subsequent handshake (redo).
*
* Return value: XXX
*/
int
SSL_RestartHandshakeAfterServerCert(sslSocket *ss)
{
int rv = SECSuccess;
ssl_Get1stHandshakeLock(ss);
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
rv = ssl3_RestartHandshakeAfterServerCert(ss);
} else {
rv = ssl2_RestartHandshakeAfterServerCert(ss);
}
ssl_Release1stHandshakeLock(ss);
return rv;
}
SECStatus
SSL_CacheSession(PRFileDesc *fd)
{
sslSocket * ss = ssl_FindSocket(fd);
SECStatus rv = SECFailure;
if (ss) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
ssl3_CacheSessionUnlocked(ss);
rv = SECSuccess;
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
return rv;
}
/*
* attempt to restart the handshake after asynchronously handling
* a request for the client's certificate.
*
* inputs:
* cert Client cert chosen by application.
* Note: ssl takes this reference, and does not bump the
* reference count. The caller should drop its reference
* without calling CERT_DestroyCert after calling this function.
*
* key Private key associated with cert. This function makes a
* copy of the private key, so the caller remains responsible
* for destroying its copy after this function returns.
*
* certChain Chain of signers for cert.
* Note: ssl takes this reference, and does not copy the chain.
* The caller should drop its reference without destroying the
* chain. SSL will free the chain when it is done with it.
*
* Return value: XXX
*
* XXX This code only works on the initial handshake on a connection, XXX
* It does not work on a subsequent handshake (redo).
*/
int
SSL_RestartHandshakeAfterCertReq(sslSocket * ss,
CERTCertificate * cert,
SECKEYPrivateKey * key,
CERTCertificateList *certChain)
{
int ret;
ssl_Get1stHandshakeLock(ss); /************************************/
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
ret = ssl3_RestartHandshakeAfterCertReq(ss, cert, key, certChain);
} else {
ret = ssl2_RestartHandshakeAfterCertReq(ss, cert, key);
}
ssl_Release1stHandshakeLock(ss); /************************************/
return ret;
}
SECStatus
SSL_InvalidateSession(PRFileDesc *fd)
{
sslSocket * ss = ssl_FindSocket(fd);
SECStatus rv = SECFailure;
if (ss) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss->sec.ci.sid && ss->sec.uncache) {
ss->sec.uncache(ss->sec.ci.sid);
rv = SECSuccess;
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
return rv;
}
/*
* attempt to restart the handshake after asynchronously handling
* a request for the client's certificate.
*
* inputs:
* cert Client cert chosen by application.
* Note: ssl takes this reference, and does not bump the
* reference count. The caller should drop its reference
* without calling CERT_DestroyCertificate after calling this
* function.
*
* key Private key associated with cert. This function takes
* ownership of the private key, so the caller should drop its
* reference without destroying the private key after this
* function returns.
*
* certChain Chain of signers for cert.
* Note: ssl takes this reference, and does not copy the chain.
* The caller should drop its reference without destroying the
* chain. SSL will free the chain when it is done with it.
*
* Return value: XXX
*
* XXX This code only works on the initial handshake on a connection, XXX
* It does not work on a subsequent handshake (redo).
*/
SECStatus
SSL_RestartHandshakeAfterCertReq(PRFileDesc * fd,
CERTCertificate * cert,
SECKEYPrivateKey * key,
CERTCertificateList *certChain)
{
sslSocket * ss = ssl_FindSocket(fd);
SECStatus ret;
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_RestartHandshakeAfterCertReq",
SSL_GETPID(), fd));
if (cert) {
CERT_DestroyCertificate(cert);
}
if (key) {
SECKEY_DestroyPrivateKey(key);
}
if (certChain) {
CERT_DestroyCertificateList(certChain);
}
return SECFailure;
}
ssl_Get1stHandshakeLock(ss); /************************************/
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
ret = ssl3_RestartHandshakeAfterCertReq(ss, cert, key, certChain);
} else {
if (certChain != NULL) {
CERT_DestroyCertificateList(certChain);
}
PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2);
ret = SECFailure;
}
ssl_Release1stHandshakeLock(ss); /************************************/
return ret;
}
/*
** Returns Negative number on error, zero or greater on success.
** Returns the amount of data immediately available to be read.
*/
int
SSL_DataPending(PRFileDesc *fd)
{
sslSocket *ss;
int rv = 0;
ss = ssl_FindSocket(fd);
if (ss && ss->opt.useSecurity) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
ssl_GetRecvBufLock(ss);
rv = ss->gs.writeOffset - ss->gs.readOffset;
ssl_ReleaseRecvBufLock(ss);
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
return rv;
}
int
ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
{
int rv = 0;
PRBool falseStart = PR_FALSE;
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
SSL_GETPID(), ss->fd, len));
if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
rv = PR_FAILURE;
goto done;
}
if (flags) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
rv = ssl_SendSavedWriteData(ss);
if (rv >= 0 && ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
PORT_SetError(PR_WOULD_BLOCK_ERROR);
rv = SECFailure;
}
}
ssl_ReleaseXmitBufLock(ss);
if (rv < 0) {
goto done;
}
if (len > 0)
ss->writerThread = PR_GetCurrentThread();
if (!ss->firstHsDone) {
ssl_Get1stHandshakeLock(ss);
if (ss->opt.enableFalseStart &&
ss->version >= SSL_LIBRARY_VERSION_3_0) {
ssl_GetSSL3HandshakeLock(ss);
falseStart = ss->ssl3.hs.canFalseStart;
ssl_ReleaseSSL3HandshakeLock(ss);
}
if (!falseStart &&
(ss->handshake || ss->nextHandshake || ss->securityHandshake)) {
rv = ssl_Do1stHandshake(ss);
}
ssl_Release1stHandshakeLock(ss);
}
if (rv < 0) {
ss->writerThread = NULL;
goto done;
}
if (len == 0) {
rv = 0;
goto done;
}
PORT_Assert(buf != NULL);
if (!buf) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
if (!ss->firstHsDone) {
PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_3_0);
#ifdef DEBUG
ssl_GetSSL3HandshakeLock(ss);
PORT_Assert(ss->ssl3.hs.canFalseStart);
ssl_ReleaseSSL3HandshakeLock(ss);
#endif
SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
SSL_GETPID(), ss->fd));
}
ssl_GetXmitBufLock(ss);
rv = (*ss->sec.send)(ss, buf, len, flags);
ssl_ReleaseXmitBufLock(ss);
ss->writerThread = NULL;
done:
if (rv < 0) {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count, error %d",
SSL_GETPID(), ss->fd, rv, PORT_GetError()));
} else {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count",
SSL_GETPID(), ss->fd, rv));
}
return rv;
}
/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
int
ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
{
int rv = 0;
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
SSL_GETPID(), ss->fd, len));
if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
rv = PR_FAILURE;
goto done;
}
if (flags) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
rv = ssl_SendSavedWriteData(ss);
if (rv >= 0 && ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
PORT_SetError(PR_WOULD_BLOCK_ERROR);
rv = SECFailure;
}
}
ssl_ReleaseXmitBufLock(ss);
if (rv < 0) {
goto done;
}
if (len > 0)
ss->writerThread = PR_GetCurrentThread();
/* Check to see if we can write even though we're not finished.
*
* Case 1: False start
* Case 2: TLS 1.3 0-RTT
*/
if (!ss->firstHsDone) {
PRBool falseStart = PR_FALSE;
ssl_Get1stHandshakeLock(ss);
if (ss->opt.enableFalseStart ||
(ss->opt.enable0RttData && !ss->sec.isServer)) {
ssl_GetSSL3HandshakeLock(ss);
/* The client can sometimes send before the handshake is fully
* complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */
falseStart = ss->ssl3.hs.canFalseStart ||
ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted;
ssl_ReleaseSSL3HandshakeLock(ss);
}
if (!falseStart && ss->handshake) {
rv = ssl_Do1stHandshake(ss);
}
ssl_Release1stHandshakeLock(ss);
}
if (rv < 0) {
ss->writerThread = NULL;
goto done;
}
/* Check for zero length writes after we do housekeeping so we make forward
* progress.
*/
if (len == 0) {
rv = 0;
goto done;
}
PORT_Assert(buf != NULL);
if (!buf) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
if (!ss->firstHsDone) {
#ifdef DEBUG
ssl_GetSSL3HandshakeLock(ss);
PORT_Assert(!ss->sec.isServer &&
(ss->ssl3.hs.canFalseStart ||
ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted));
ssl_ReleaseSSL3HandshakeLock(ss);
#endif
SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
SSL_GETPID(), ss->fd));
}
ssl_GetXmitBufLock(ss);
rv = ssl3_SendApplicationData(ss, buf, len, flags);
ssl_ReleaseXmitBufLock(ss);
ss->writerThread = NULL;
done:
if (rv < 0) {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count, error %d",
SSL_GETPID(), ss->fd, rv, PORT_GetError()));
} else {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count",
SSL_GETPID(), ss->fd, rv));
}
return rv;
}
static int
DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
{
int rv;
int amount;
int available;
ssl_Get1stHandshakeLock(ss);
ssl_GetRecvBufLock(ss);
available = ss->gs.writeOffset - ss->gs.readOffset;
if (available == 0) {
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
rv = ssl3_GatherAppDataRecord(ss, 0);
} else {
rv = ssl2_GatherRecord(ss, 0);
}
if (rv <= 0) {
if (rv == 0) {
SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
SSL_GETPID(), ss->fd));
goto done;
}
if ((rv != SECWouldBlock) &&
(PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
goto done;
}
} else {
}
available = ss->gs.writeOffset - ss->gs.readOffset;
if (available == 0) {
PORT_SetError(PR_WOULD_BLOCK_ERROR);
rv = SECFailure;
goto done;
}
SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
SSL_GETPID(), ss->fd, available));
}
amount = PR_MIN(len, available);
PORT_Memcpy(out, ss->gs.buf.buf + ss->gs.readOffset, amount);
if (!(flags & PR_MSG_PEEK)) {
ss->gs.readOffset += amount;
}
PORT_Assert(ss->gs.readOffset <= ss->gs.writeOffset);
rv = amount;
SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
SSL_GETPID(), ss->fd, amount, available));
PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
done:
ssl_ReleaseRecvBufLock(ss);
ssl_Release1stHandshakeLock(ss);
return rv;
}
/*
** Receive some application data on a socket. Reads SSL records from the input
** stream, decrypts them and then copies them to the output buffer.
** Called from ssl_SecureRecv() below.
**
** Caller does NOT hold 1stHandshakeLock because that handshake is over.
** Caller doesn't call this until initial handshake is complete.
** For SSLv2, there is no subsequent handshake.
** For SSLv3, the call to ssl3_GatherAppDataRecord may encounter handshake
** messages from a subsequent handshake.
**
** This code is similar to, and easily confused with,
** ssl_GatherRecord1stHandshake() in sslcon.c
*/
static int
DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
{
int rv;
int amount;
int available;
/* ssl3_GatherAppDataRecord may call ssl_FinishHandshake, which needs the
* 1stHandshakeLock. */
ssl_Get1stHandshakeLock(ss);
ssl_GetRecvBufLock(ss);
available = ss->gs.writeOffset - ss->gs.readOffset;
if (available == 0) {
/* Get some more data */
if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
/* Wait for application data to arrive. */
rv = ssl3_GatherAppDataRecord(ss, 0);
} else {
/* See if we have a complete record */
rv = ssl2_GatherRecord(ss, 0);
}
if (rv <= 0) {
if (rv == 0) {
/* EOF */
SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
SSL_GETPID(), ss->fd));
goto done;
}
if ((rv != SECWouldBlock) &&
(PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
/* Some random error */
goto done;
}
/*
** Gather record is blocked waiting for more record data to
** arrive. Try to process what we have already received
*/
} else {
/* Gather record has finished getting a complete record */
}
/* See if any clear data is now available */
available = ss->gs.writeOffset - ss->gs.readOffset;
if (available == 0) {
/*
** No partial data is available. Force error code to
** EWOULDBLOCK so that caller will try again later. Note
** that the error code is probably EWOULDBLOCK already,
** but if it isn't (for example, if we received a zero
** length record) then this will force it to be correct.
*/
PORT_SetError(PR_WOULD_BLOCK_ERROR);
rv = SECFailure;
goto done;
}
SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
SSL_GETPID(), ss->fd, available));
}
/* Dole out clear data to reader */
amount = PR_MIN(len, available);
PORT_Memcpy(out, ss->gs.buf.buf + ss->gs.readOffset, amount);
if (!(flags & PR_MSG_PEEK)) {
ss->gs.readOffset += amount;
}
PORT_Assert(ss->gs.readOffset <= ss->gs.writeOffset);
rv = amount;
SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
SSL_GETPID(), ss->fd, amount, available));
PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
done:
ssl_ReleaseRecvBufLock(ss);
ssl_Release1stHandshakeLock(ss);
return rv;
}
/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
int
ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
{
int rv = 0;
PRBool falseStart = PR_FALSE;
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
SSL_GETPID(), ss->fd, len));
if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
rv = PR_FAILURE;
goto done;
}
if (flags) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
ssl_GetXmitBufLock(ss);
if (ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
rv = ssl_SendSavedWriteData(ss);
if (rv >= 0 && ss->pendingBuf.len != 0) {
PORT_Assert(ss->pendingBuf.len > 0);
PORT_SetError(PR_WOULD_BLOCK_ERROR);
rv = SECFailure;
}
}
ssl_ReleaseXmitBufLock(ss);
if (rv < 0) {
goto done;
}
if (len > 0)
ss->writerThread = PR_GetCurrentThread();
/* If any of these is non-zero, the initial handshake is not done. */
if (!ss->firstHsDone) {
ssl_Get1stHandshakeLock(ss);
if (ss->opt.enableFalseStart &&
ss->version >= SSL_LIBRARY_VERSION_3_0) {
ssl_GetSSL3HandshakeLock(ss);
falseStart = ss->ssl3.hs.canFalseStart;
ssl_ReleaseSSL3HandshakeLock(ss);
}
if (!falseStart &&
(ss->handshake || ss->nextHandshake || ss->securityHandshake)) {
rv = ssl_Do1stHandshake(ss);
}
ssl_Release1stHandshakeLock(ss);
}
if (rv < 0) {
ss->writerThread = NULL;
goto done;
}
/* Check for zero length writes after we do housekeeping so we make forward
* progress.
*/
if (len == 0) {
rv = 0;
goto done;
}
PORT_Assert(buf != NULL);
if (!buf) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
rv = PR_FAILURE;
goto done;
}
if (!ss->firstHsDone) {
PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_3_0);
#ifdef DEBUG
ssl_GetSSL3HandshakeLock(ss);
PORT_Assert(ss->ssl3.hs.canFalseStart);
ssl_ReleaseSSL3HandshakeLock(ss);
#endif
SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
SSL_GETPID(), ss->fd));
}
/* Send out the data using one of these functions:
* ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock,
* ssl3_SendApplicationData
*/
ssl_GetXmitBufLock(ss);
rv = (*ss->sec.send)(ss, buf, len, flags);
ssl_ReleaseXmitBufLock(ss);
ss->writerThread = NULL;
done:
if (rv < 0) {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count, error %d",
SSL_GETPID(), ss->fd, rv, PORT_GetError()));
} else {
SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count",
SSL_GETPID(), ss->fd, rv));
}
return rv;
}