net/third_party/nss/ssl/sslreveal.c

   1 /*
   2  * Accessor functions for SSLSocket private members.
   3  *
   4  * This Source Code Form is subject to the terms of the Mozilla Public
   5  * License, v. 2.0. If a copy of the MPL was not distributed with this
   6  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   7 /* $Id: sslreveal.c,v 1.9 2012/04/25 14:50:12 gerv%gerv.net Exp $ */
   8
   9 #include "cert.h"
  10 #include "ssl.h"
  11 #include "certt.h"
  12 #include "sslimpl.h"
  13
  14 /* given PRFileDesc, returns a copy of certificate associated with the socket
  15  * the caller should delete the cert when done with SSL_DestroyCertificate
  16  */
  17 CERTCertificate *
  18 SSL_RevealCert(PRFileDesc * fd)
  19 {
  20   CERTCertificate * cert = NULL;
  21   sslSocket * sslsocket = NULL;
  22
  23   sslsocket = ssl_FindSocket(fd);
  24
  25   /* CERT_DupCertificate increases reference count and returns pointer to
  26    * the same cert
  27    */
  28   if (sslsocket && sslsocket->sec.peerCert)
  29     cert = CERT_DupCertificate(sslsocket->sec.peerCert);
  30
  31   return cert;
  32 }
  33
  34 /* given PRFileDesc, returns a pointer to PinArg associated with the socket
  35  */
  36 void *
  37 SSL_RevealPinArg(PRFileDesc * fd)
  38 {
  39   sslSocket * sslsocket = NULL;
  40   void * PinArg = NULL;
  41
  42   sslsocket = ssl_FindSocket(fd);
  43
  44   /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
  45   if (sslsocket)
  46     PinArg = sslsocket->pkcs11PinArg;
  47
  48   return PinArg;
  49 }
  50
  51
  52 /* given PRFileDesc, returns a pointer to the URL associated with the socket
  53  * the caller should free url when done
  54  */
  55 char *
  56 SSL_RevealURL(PRFileDesc * fd)
  57 {
  58   sslSocket * sslsocket = NULL;
  59   char * url = NULL;
  60
  61   sslsocket = ssl_FindSocket(fd);
  62
  63   if (sslsocket && sslsocket->url)
  64     url = PL_strdup(sslsocket->url);
  65
  66   return url;
  67 }
  68
  69
  70 /* given PRFileDesc, returns status information related to extensions
  71  * negotiated with peer during the handshake.
  72  */
  73
  74 SECStatus
  75 SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
  76                                  SSLExtensionType extId,
  77                                  PRBool *pYes)
  78 {
  79   /* some decisions derived from SSL_GetChannelInfo */
  80   sslSocket * sslsocket = NULL;
  81   SECStatus rv = SECFailure;
  82
  83   if (!pYes)
  84     return rv;
  85
  86   sslsocket = ssl_FindSocket(socket);
  87   if (!sslsocket) {
  88     SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
  89              SSL_GETPID(), socket));
  90     return rv;
  91   }
  92
  93   /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
  94   if (sslsocket->opt.useSecurity) {
  95     if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
  96       /* now we know this socket went through ssl3_InitState() and
  97        * ss->xtnData got initialized, which is the only member accessed by
  98        * ssl3_ExtensionNegotiated();
  99        * Member xtnData appears to get accessed in functions that handle
 100        * the handshake (hello messages and extension sending),
 101        * therefore the handshake lock should be sufficient.
 102        */
 103       ssl_GetSSL3HandshakeLock(sslsocket);
 104       *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
 105       ssl_ReleaseSSL3HandshakeLock(sslsocket);
 106       rv = SECSuccess;
 107     }
 108   }
 109
 110   return rv;
 111 }