JNIEXPORT jboolean JNICALL Java_org_mozilla_jss_ssl_SSLSocket_getCipherPreference( JNIEnv *env, jobject sockObj, jint cipher) { JSSL_SocketData *sock=NULL; SECStatus status; PRBool enabled; /* get the fd */ if( JSSL_getSockData(env, sockObj, &sock) != PR_SUCCESS) { /* exception was thrown */ goto finish; } status = SSL_CipherPrefGet(sock->fd, cipher, &enabled); if( status != SECSuccess ) { char buf[128]; PR_snprintf(buf, 128, "Failed to get preference for cipher 0x%lx\n", cipher); JSSL_throwSSLSocketException(env, buf); goto finish; } finish: EXCEPTION_CHECK(env, sock); return enabled; }
bool TransportLayerDtls::SetupCipherSuites(PRFileDesc* ssl_fd) const { SECStatus rv; // Set the SRTP ciphers if (!srtp_ciphers_.empty()) { // Note: std::vector is guaranteed to contiguous rv = SSL_SetSRTPCiphers(ssl_fd, &srtp_ciphers_[0], srtp_ciphers_.size()); if (rv != SECSuccess) { MOZ_MTLOG(ML_ERROR, "Couldn't set SRTP cipher suite"); return false; } } for (size_t i = 0; i < PR_ARRAY_SIZE(EnabledCiphers); ++i) { MOZ_MTLOG(ML_INFO, LAYER_INFO << "Enabling: " << EnabledCiphers[i]); rv = SSL_CipherPrefSet(ssl_fd, EnabledCiphers[i], PR_TRUE); if (rv != SECSuccess) { MOZ_MTLOG(ML_ERROR, LAYER_INFO << "Unable to enable suite: " << EnabledCiphers[i]); return false; } } // Don't remove suites; TODO([email protected]) restore; bug 1052610 #if 0 for (size_t i = 0; i < PR_ARRAY_SIZE(DisabledCiphers); ++i) { MOZ_MTLOG(ML_INFO, LAYER_INFO << "Disabling: " << DisabledCiphers[i]); PRBool enabled = false; rv = SSL_CipherPrefGet(ssl_fd, DisabledCiphers[i], &enabled); if (rv != SECSuccess) { MOZ_MTLOG(ML_NOTICE, LAYER_INFO << "Unable to check if suite is enabled: " << DisabledCiphers[i]); return false; } if (enabled) { rv = SSL_CipherPrefSet(ssl_fd, DisabledCiphers[i], PR_FALSE); if (rv != SECSuccess) { MOZ_MTLOG(ML_NOTICE, LAYER_INFO << "Unable to disable suite: " << DisabledCiphers[i]); return false; } } } #endif return true; }