net/third_party/nss/ssl/sslreveal.c

   1 /*
   2  * Accessor functions for SSLSocket private members.
   3  *
   4  * This Source Code Form is subject to the terms of the Mozilla Public
   5  * License, v. 2.0. If a copy of the MPL was not distributed with this
   6  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   7
   8 #include "cert.h"
   9 #include "ssl.h"
  10 #include "certt.h"
  11 #include "sslimpl.h"
  12
  13 /* given PRFileDesc, returns a copy of certificate associated with the socket
  14  * the caller should delete the cert when done with SSL_DestroyCertificate
  15  */
  16 CERTCertificate *
  17 SSL_RevealCert(PRFileDesc * fd)
  18 {
  19   CERTCertificate * cert = NULL;
  20   sslSocket * sslsocket = NULL;
  21
  22   sslsocket = ssl_FindSocket(fd);
  23
  24   /* CERT_DupCertificate increases reference count and returns pointer to
  25    * the same cert
  26    */
  27   if (sslsocket && sslsocket->sec.peerCert)
  28     cert = CERT_DupCertificate(sslsocket->sec.peerCert);
  29
  30   return cert;
  31 }
  32
  33 /* given PRFileDesc, returns a pointer to PinArg associated with the socket
  34  */
  35 void *
  36 SSL_RevealPinArg(PRFileDesc * fd)
  37 {
  38   sslSocket * sslsocket = NULL;
  39   void * PinArg = NULL;
  40
  41   sslsocket = ssl_FindSocket(fd);
  42
  43   /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
  44   if (sslsocket)
  45     PinArg = sslsocket->pkcs11PinArg;
  46
  47   return PinArg;
  48 }
  49
  50
  51 /* given PRFileDesc, returns a pointer to the URL associated with the socket
  52  * the caller should free url when done
  53  */
  54 char *
  55 SSL_RevealURL(PRFileDesc * fd)
  56 {
  57   sslSocket * sslsocket = NULL;
  58   char * url = NULL;
  59
  60   sslsocket = ssl_FindSocket(fd);
  61
  62   if (sslsocket && sslsocket->url)
  63     url = PL_strdup(sslsocket->url);
  64
  65   return url;
  66 }
  67
  68
  69 /* given PRFileDesc, returns status information related to extensions
  70  * negotiated with peer during the handshake.
  71  */
  72
  73 SECStatus
  74 SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
  75                                  SSLExtensionType extId,
  76                                  PRBool *pYes)
  77 {
  78   /* some decisions derived from SSL_GetChannelInfo */
  79   sslSocket * sslsocket = NULL;
  80
  81   if (!pYes) {
  82     PORT_SetError(SEC_ERROR_INVALID_ARGS);
  83     return SECFailure;
  84   }
  85
  86   sslsocket = ssl_FindSocket(socket);
  87   if (!sslsocket) {
  88     SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
  89              SSL_GETPID(), socket));
  90     return SECFailure;
  91   }
  92
  93   *pYes = PR_FALSE;
  94
  95   /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
  96   if (sslsocket->opt.useSecurity) {
  97     if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
  98       /* now we know this socket went through ssl3_InitState() and
  99        * ss->xtnData got initialized, which is the only member accessed by
 100        * ssl3_ExtensionNegotiated();
 101        * Member xtnData appears to get accessed in functions that handle
 102        * the handshake (hello messages and extension sending),
 103        * therefore the handshake lock should be sufficient.
 104        */
 105       ssl_GetSSL3HandshakeLock(sslsocket);
 106       *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
 107       ssl_ReleaseSSL3HandshakeLock(sslsocket);
 108     }
 109   }
 110
 111   return SECSuccess;
 112 }