Modify ssl_FindSocket() to set error PR_BAD_DESCRIPTOR_ERROR when it

cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
 	prelib.c sslauth.c sslsecur.c sslsock.c
This commit is contained in:
nelsonb%netscape.com 2001-02-09 02:11:31 +00:00
parent 55963742ba
commit ecb09e90e8
4 changed files with 44 additions and 44 deletions

View File

@ -35,7 +35,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: prelib.c,v 1.1 2000/03/31 19:32:58 relyea%netscape.com Exp $
* $Id: prelib.c,v 1.2 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
*/
#include "cert.h"
@ -73,7 +73,6 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
ss = ssl_FindSocket(fd);
if (ss == NULL) {
/* XXX set an error */
return NULL;
}
@ -201,7 +200,6 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
ss = ssl_FindSocket(fd);
if (ss == NULL) {
/* XXX set an error */
return NULL;
}

View File

@ -30,7 +30,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: sslauth.c,v 1.3 2001/02/09 00:32:03 nelsonb%netscape.com Exp $
* $Id: sslauth.c,v 1.4 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
*/
#include "cert.h"
#include "secitem.h"
@ -229,6 +229,9 @@ SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
ss = ssl_FindSocket(fd);
PORT_Assert(ss != NULL);
if (!ss) {
return SECFailure;
}
handle = (CERTCertDBHandle *)arg;

View File

@ -32,7 +32,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: sslsecur.c,v 1.6 2001/02/09 00:32:04 nelsonb%netscape.com Exp $
* $Id: sslsecur.c,v 1.7 2001/02/09 02:11:30 nelsonb%netscape.com Exp $
*/
#include "cert.h"
#include "secitem.h"
@ -264,7 +264,6 @@ SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
return SECFailure;
}
@ -307,7 +306,6 @@ SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
return SECFailure;
}
@ -608,14 +606,17 @@ SECStatus
SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
SECKEYPrivateKey *key, SSL3KEAType kea)
{
int rv;
SECStatus rv;
sslSocket *ss;
sslSecurityInfo *sec;
ss = ssl_FindSocket(fd);
if (!ss) {
return SECFailure;
}
if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
return((SECStatus)rv);
if ((rv = ssl_CreateSecurityInfo(ss)) != SECSuccess) {
return rv;
}
sec = ss->sec;
@ -1186,17 +1187,18 @@ SSL_InvalidateSession(PRFileDesc *fd)
sslSocket * ss = ssl_FindSocket(fd);
SECStatus rv = SECFailure;
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss && ss->sec && ss->sec->ci.sid) {
ss->sec->uncache(ss->sec->ci.sid);
rv = SECSuccess;
if (ss->sec && ss->sec->ci.sid) {
ss->sec->uncache(ss->sec->ci.sid);
rv = SECSuccess;
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return rv;
}
@ -1208,27 +1210,27 @@ SSL_GetSessionID(PRFileDesc *fd)
sslSessionID * sid;
ss = ssl_FindSocket(fd);
if (ss) {
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
ssl_Get1stHandshakeLock(ss);
ssl_GetSSL3HandshakeLock(ss);
if (ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) {
sid = ss->sec->ci.sid;
item = (SECItem *)PORT_Alloc(sizeof(SECItem));
if (sid->version < SSL_LIBRARY_VERSION_3_0) {
item->len = SSL_SESSIONID_BYTES;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
} else {
item->len = sid->u.ssl3.sessionIDLength;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
}
}
if (ss && ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) {
sid = ss->sec->ci.sid;
item = (SECItem *)PORT_Alloc(sizeof(SECItem));
if (sid->version < SSL_LIBRARY_VERSION_3_0) {
item->len = SSL_SESSIONID_BYTES;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
} else {
item->len = sid->u.ssl3.sessionIDLength;
item->data = (unsigned char*)PORT_Alloc(item->len);
PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
}
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return item;
}

View File

@ -34,7 +34,7 @@
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: sslsock.c,v 1.12 2001/02/09 00:32:08 nelsonb%netscape.com Exp $
* $Id: sslsock.c,v 1.13 2001/02/09 02:11:31 nelsonb%netscape.com Exp $
*/
#include "seccomon.h"
#include "cert.h"
@ -174,8 +174,10 @@ ssl_FindSocket(PRFileDesc *fd)
PORT_Assert(ssl_layer_id != 0);
layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
if (layer == NULL)
if (layer == NULL) {
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
return NULL;
}
ss = (sslSocket *)layer->secret;
ss->fd = layer;
@ -426,7 +428,6 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
return SECFailure;
}
@ -550,7 +551,6 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
}
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
*pOn = PR_FALSE;
return SECFailure;
}
@ -810,7 +810,6 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
return SECFailure;
}
if (SSL_IS_SSL2_CIPHER(which)) {
@ -833,7 +832,6 @@ SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
}
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
*enabled = PR_FALSE;
return SECFailure;
}
@ -908,7 +906,6 @@ SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
if (ss == NULL) {
SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
SSL_GETPID(), model));
SET_ERROR_CODE
return NULL;
}
ns = ssl_DupSocket(ss);