diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c index c5da5f12ade1..795f8cbfa973 100644 --- a/security/nss/lib/ssl/prelib.c +++ b/security/nss/lib/ssl/prelib.c @@ -35,7 +35,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: prelib.c,v 1.1 2000/03/31 19:32:58 relyea%netscape.com Exp $ + * $Id: prelib.c,v 1.2 2001/02/09 02:11:30 nelsonb%netscape.com Exp $ */ #include "cert.h" @@ -73,7 +73,6 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, ss = ssl_FindSocket(fd); if (ss == NULL) { - /* XXX set an error */ return NULL; } @@ -201,7 +200,6 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, ss = ssl_FindSocket(fd); if (ss == NULL) { - /* XXX set an error */ return NULL; } diff --git a/security/nss/lib/ssl/sslauth.c b/security/nss/lib/ssl/sslauth.c index fd9105c9dc83..1899bd919863 100644 --- a/security/nss/lib/ssl/sslauth.c +++ b/security/nss/lib/ssl/sslauth.c @@ -30,7 +30,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslauth.c,v 1.3 2001/02/09 00:32:03 nelsonb%netscape.com Exp $ + * $Id: sslauth.c,v 1.4 2001/02/09 02:11:30 nelsonb%netscape.com Exp $ */ #include "cert.h" #include "secitem.h" @@ -229,6 +229,9 @@ SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer) ss = ssl_FindSocket(fd); PORT_Assert(ss != NULL); + if (!ss) { + return SECFailure; + } handle = (CERTCertDBHandle *)arg; diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c index 45e0e1f2b590..2289336336f7 100644 --- a/security/nss/lib/ssl/sslsecur.c +++ b/security/nss/lib/ssl/sslsecur.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsecur.c,v 1.6 2001/02/09 00:32:04 nelsonb%netscape.com Exp $ + * $Id: sslsecur.c,v 1.7 2001/02/09 02:11:30 nelsonb%netscape.com Exp $ */ #include "cert.h" #include "secitem.h" @@ -264,7 +264,6 @@ SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache) ss = ssl_FindSocket(fd); if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); return SECFailure; } @@ -307,7 +306,6 @@ SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb, if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); return SECFailure; } @@ -608,14 +606,17 @@ SECStatus SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert, SECKEYPrivateKey *key, SSL3KEAType kea) { - int rv; + SECStatus rv; sslSocket *ss; sslSecurityInfo *sec; ss = ssl_FindSocket(fd); + if (!ss) { + return SECFailure; + } - if ((rv = ssl_CreateSecurityInfo(ss)) != 0) { - return((SECStatus)rv); + if ((rv = ssl_CreateSecurityInfo(ss)) != SECSuccess) { + return rv; } sec = ss->sec; @@ -1186,17 +1187,18 @@ SSL_InvalidateSession(PRFileDesc *fd) sslSocket * ss = ssl_FindSocket(fd); SECStatus rv = SECFailure; - ssl_Get1stHandshakeLock(ss); - ssl_GetSSL3HandshakeLock(ss); + if (ss) { + ssl_Get1stHandshakeLock(ss); + ssl_GetSSL3HandshakeLock(ss); - if (ss && ss->sec && ss->sec->ci.sid) { - ss->sec->uncache(ss->sec->ci.sid); - rv = SECSuccess; + if (ss->sec && ss->sec->ci.sid) { + ss->sec->uncache(ss->sec->ci.sid); + rv = SECSuccess; + } + + ssl_ReleaseSSL3HandshakeLock(ss); + ssl_Release1stHandshakeLock(ss); } - - ssl_ReleaseSSL3HandshakeLock(ss); - ssl_Release1stHandshakeLock(ss); - return rv; } @@ -1208,27 +1210,27 @@ SSL_GetSessionID(PRFileDesc *fd) sslSessionID * sid; ss = ssl_FindSocket(fd); + if (ss) { + ssl_Get1stHandshakeLock(ss); + ssl_GetSSL3HandshakeLock(ss); - ssl_Get1stHandshakeLock(ss); - ssl_GetSSL3HandshakeLock(ss); + if (ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) { + sid = ss->sec->ci.sid; + item = (SECItem *)PORT_Alloc(sizeof(SECItem)); + if (sid->version < SSL_LIBRARY_VERSION_3_0) { + item->len = SSL_SESSIONID_BYTES; + item->data = (unsigned char*)PORT_Alloc(item->len); + PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len); + } else { + item->len = sid->u.ssl3.sessionIDLength; + item->data = (unsigned char*)PORT_Alloc(item->len); + PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len); + } + } - if (ss && ss->useSecurity && ss->connected && ss->sec && ss->sec->ci.sid) { - sid = ss->sec->ci.sid; - item = (SECItem *)PORT_Alloc(sizeof(SECItem)); - if (sid->version < SSL_LIBRARY_VERSION_3_0) { - item->len = SSL_SESSIONID_BYTES; - item->data = (unsigned char*)PORT_Alloc(item->len); - PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len); - } else { - item->len = sid->u.ssl3.sessionIDLength; - item->data = (unsigned char*)PORT_Alloc(item->len); - PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len); - } + ssl_ReleaseSSL3HandshakeLock(ss); + ssl_Release1stHandshakeLock(ss); } - - ssl_ReleaseSSL3HandshakeLock(ss); - ssl_Release1stHandshakeLock(ss); - return item; } diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index 66dc71b8b262..7e5b1d3bdb2f 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -34,7 +34,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsock.c,v 1.12 2001/02/09 00:32:08 nelsonb%netscape.com Exp $ + * $Id: sslsock.c,v 1.13 2001/02/09 02:11:31 nelsonb%netscape.com Exp $ */ #include "seccomon.h" #include "cert.h" @@ -174,8 +174,10 @@ ssl_FindSocket(PRFileDesc *fd) PORT_Assert(ssl_layer_id != 0); layer = PR_GetIdentitiesLayer(fd, ssl_layer_id); - if (layer == NULL) + if (layer == NULL) { + PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); return NULL; + } ss = (sslSocket *)layer->secret; ss->fd = layer; @@ -426,7 +428,6 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on) if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); return SECFailure; } @@ -550,7 +551,6 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn) } if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); *pOn = PR_FALSE; return SECFailure; } @@ -810,7 +810,6 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled) if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); return SECFailure; } if (SSL_IS_SSL2_CIPHER(which)) { @@ -833,7 +832,6 @@ SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled) } if (!ss) { SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd)); - PORT_SetError(PR_BAD_DESCRIPTOR_ERROR); *enabled = PR_FALSE; return SECFailure; } @@ -908,7 +906,6 @@ SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd) if (ss == NULL) { SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD", SSL_GETPID(), model)); - SET_ERROR_CODE return NULL; } ns = ssl_DupSocket(ss);