mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-13 01:55:44 +00:00
Modify ssl_FindSocket() to set error PR_BAD_DESCRIPTOR_ERROR when it
cannot find the SSL layer on the specified PRFileDesc. Ensure all callers detect when ssl_FindSocket returns NULL and handle it properly. Bug 68241. Reviewed by jgmyers and relyea. Modified Files: prelib.c sslauth.c sslsecur.c sslsock.c
This commit is contained in:
parent
55963742ba
commit
ecb09e90e8
@ -35,7 +35,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: prelib.c,v 1.1 2000/03/31 19:32:58 relyea%netscape.com Exp $
|
||||
* $Id: prelib.c,v 1.2 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "cert.h"
|
||||
@ -73,7 +73,6 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
|
||||
|
||||
ss = ssl_FindSocket(fd);
|
||||
if (ss == NULL) {
|
||||
/* XXX set an error */
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -201,7 +200,6 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
|
||||
|
||||
ss = ssl_FindSocket(fd);
|
||||
if (ss == NULL) {
|
||||
/* XXX set an error */
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -30,7 +30,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: sslauth.c,v 1.3 2001/02/09 00:32:03 nelsonb%netscape.com Exp $
|
||||
* $Id: sslauth.c,v 1.4 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
#include "cert.h"
|
||||
#include "secitem.h"
|
||||
@ -229,6 +229,9 @@ SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
|
||||
|
||||
ss = ssl_FindSocket(fd);
|
||||
PORT_Assert(ss != NULL);
|
||||
if (!ss) {
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
handle = (CERTCertDBHandle *)arg;
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: sslsecur.c,v 1.6 2001/02/09 00:32:04 nelsonb%netscape.com Exp $
|
||||
* $Id: sslsecur.c,v 1.7 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
#include "cert.h"
|
||||
#include "secitem.h"
|
||||
@ -264,7 +264,6 @@ SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
|
||||
ss = ssl_FindSocket(fd);
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
@ -307,7 +306,6 @@ SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
|
||||
SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
@ -608,14 +606,17 @@ SECStatus
|
||||
SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
|
||||
SECKEYPrivateKey *key, SSL3KEAType kea)
|
||||
{
|
||||
int rv;
|
||||
SECStatus rv;
|
||||
sslSocket *ss;
|
||||
sslSecurityInfo *sec;
|
||||
|
||||
ss = ssl_FindSocket(fd);
|
||||
if (!ss) {
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
|
||||
return((SECStatus)rv);
|
||||
if ((rv = ssl_CreateSecurityInfo(ss)) != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
sec = ss->sec;
|
||||
@ -1186,17 +1187,18 @@ SSL_InvalidateSession(PRFileDesc *fd)
|
||||
sslSocket * ss = ssl_FindSocket(fd);
|
||||
SECStatus rv = SECFailure;
|
||||
|
||||
ssl_Get1stHandshakeLock(ss);
|
||||
ssl_GetSSL3HandshakeLock(ss);
|
||||
if (ss) {
|
||||
ssl_Get1stHandshakeLock(ss);
|
||||
ssl_GetSSL3HandshakeLock(ss);
|
||||
|
||||
if (ss && ss->sec && ss->sec->ci.sid) {
|
||||
ss->sec->uncache(ss->sec->ci.sid);
|
||||
rv = SECSuccess;
|
||||
if (ss->sec && ss->sec->ci.sid) {
|
||||
ss->sec->uncache(ss->sec->ci.sid);
|
||||
rv = SECSuccess;
|
||||
}
|
||||
|
||||
ssl_ReleaseSSL3HandshakeLock(ss);
|
||||
ssl_Release1stHandshakeLock(ss);
|
||||
}
|
||||
|
||||
ssl_ReleaseSSL3HandshakeLock(ss);
|
||||
ssl_Release1stHandshakeLock(ss);
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
@ -1208,27 +1210,27 @@ SSL_GetSessionID(PRFileDesc *fd)
|
||||
sslSessionID * sid;
|
||||
|
||||
ss = ssl_FindSocket(fd);
|
||||
if (ss) {
|
||||
ssl_Get1stHandshakeLock(ss);
|
||||
ssl_GetSSL3HandshakeLock(ss);
|
||||
|
||||
ssl_Get1stHandshakeLock(ss);
|
||||
ssl_GetSSL3HandshakeLock(ss);
|
||||
if (ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) {
|
||||
sid = ss->sec->ci.sid;
|
||||
item = (SECItem *)PORT_Alloc(sizeof(SECItem));
|
||||
if (sid->version < SSL_LIBRARY_VERSION_3_0) {
|
||||
item->len = SSL_SESSIONID_BYTES;
|
||||
item->data = (unsigned char*)PORT_Alloc(item->len);
|
||||
PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
|
||||
} else {
|
||||
item->len = sid->u.ssl3.sessionIDLength;
|
||||
item->data = (unsigned char*)PORT_Alloc(item->len);
|
||||
PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
|
||||
}
|
||||
}
|
||||
|
||||
if (ss && ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) {
|
||||
sid = ss->sec->ci.sid;
|
||||
item = (SECItem *)PORT_Alloc(sizeof(SECItem));
|
||||
if (sid->version < SSL_LIBRARY_VERSION_3_0) {
|
||||
item->len = SSL_SESSIONID_BYTES;
|
||||
item->data = (unsigned char*)PORT_Alloc(item->len);
|
||||
PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
|
||||
} else {
|
||||
item->len = sid->u.ssl3.sessionIDLength;
|
||||
item->data = (unsigned char*)PORT_Alloc(item->len);
|
||||
PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
|
||||
}
|
||||
ssl_ReleaseSSL3HandshakeLock(ss);
|
||||
ssl_Release1stHandshakeLock(ss);
|
||||
}
|
||||
|
||||
ssl_ReleaseSSL3HandshakeLock(ss);
|
||||
ssl_Release1stHandshakeLock(ss);
|
||||
|
||||
return item;
|
||||
}
|
||||
|
||||
|
@ -34,7 +34,7 @@
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*
|
||||
* $Id: sslsock.c,v 1.12 2001/02/09 00:32:08 nelsonb%netscape.com Exp $
|
||||
* $Id: sslsock.c,v 1.13 2001/02/09 02:11:31 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
#include "seccomon.h"
|
||||
#include "cert.h"
|
||||
@ -174,8 +174,10 @@ ssl_FindSocket(PRFileDesc *fd)
|
||||
PORT_Assert(ssl_layer_id != 0);
|
||||
|
||||
layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
|
||||
if (layer == NULL)
|
||||
if (layer == NULL) {
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ss = (sslSocket *)layer->secret;
|
||||
ss->fd = layer;
|
||||
@ -426,7 +428,6 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
|
||||
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
@ -550,7 +551,6 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
|
||||
}
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
*pOn = PR_FALSE;
|
||||
return SECFailure;
|
||||
}
|
||||
@ -810,7 +810,6 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
|
||||
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
return SECFailure;
|
||||
}
|
||||
if (SSL_IS_SSL2_CIPHER(which)) {
|
||||
@ -833,7 +832,6 @@ SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
|
||||
}
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
|
||||
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
|
||||
*enabled = PR_FALSE;
|
||||
return SECFailure;
|
||||
}
|
||||
@ -908,7 +906,6 @@ SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
|
||||
if (ss == NULL) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
|
||||
SSL_GETPID(), model));
|
||||
SET_ERROR_CODE
|
||||
return NULL;
|
||||
}
|
||||
ns = ssl_DupSocket(ss);
|
||||
|
Loading…
Reference in New Issue
Block a user