1 /*
2 * Accessor functions for SSLSocket private members.
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7
8 #include "cert.h"
9 #include "ssl.h"
10 #include "certt.h"
11 #include "sslimpl.h"
12
13 /* given PRFileDesc, returns a copy of certificate associated with the socket
14 * the caller should delete the cert when done with SSL_DestroyCertificate
15 */
16 CERTCertificate *
SSL_RevealCert(PRFileDesc * fd)17 SSL_RevealCert(PRFileDesc * fd)
18 {
19 CERTCertificate * cert = NULL;
20 sslSocket * sslsocket = NULL;
21
22 sslsocket = ssl_FindSocket(fd);
23
24 /* CERT_DupCertificate increases reference count and returns pointer to
25 * the same cert
26 */
27 if (sslsocket && sslsocket->sec.peerCert)
28 cert = CERT_DupCertificate(sslsocket->sec.peerCert);
29
30 return cert;
31 }
32
33 /* given PRFileDesc, returns a pointer to PinArg associated with the socket
34 */
35 void *
SSL_RevealPinArg(PRFileDesc * fd)36 SSL_RevealPinArg(PRFileDesc * fd)
37 {
38 sslSocket * sslsocket = NULL;
39 void * PinArg = NULL;
40
41 sslsocket = ssl_FindSocket(fd);
42
43 /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
44 if (sslsocket)
45 PinArg = sslsocket->pkcs11PinArg;
46
47 return PinArg;
48 }
49
50
51 /* given PRFileDesc, returns a pointer to the URL associated with the socket
52 * the caller should free url when done
53 */
54 char *
SSL_RevealURL(PRFileDesc * fd)55 SSL_RevealURL(PRFileDesc * fd)
56 {
57 sslSocket * sslsocket = NULL;
58 char * url = NULL;
59
60 sslsocket = ssl_FindSocket(fd);
61
62 if (sslsocket && sslsocket->url)
63 url = PL_strdup(sslsocket->url);
64
65 return url;
66 }
67
68
69 /* given PRFileDesc, returns status information related to extensions
70 * negotiated with peer during the handshake.
71 */
72
73 SECStatus
SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,SSLExtensionType extId,PRBool * pYes)74 SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
75 SSLExtensionType extId,
76 PRBool *pYes)
77 {
78 /* some decisions derived from SSL_GetChannelInfo */
79 sslSocket * sslsocket = NULL;
80
81 if (!pYes) {
82 PORT_SetError(SEC_ERROR_INVALID_ARGS);
83 return SECFailure;
84 }
85
86 sslsocket = ssl_FindSocket(socket);
87 if (!sslsocket) {
88 SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
89 SSL_GETPID(), socket));
90 return SECFailure;
91 }
92
93 *pYes = PR_FALSE;
94
95 /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
96 if (sslsocket->opt.useSecurity) {
97 if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
98 /* now we know this socket went through ssl3_InitState() and
99 * ss->xtnData got initialized, which is the only member accessed by
100 * ssl3_ExtensionNegotiated();
101 * Member xtnData appears to get accessed in functions that handle
102 * the handshake (hello messages and extension sending),
103 * therefore the handshake lock should be sufficient.
104 */
105 ssl_GetSSL3HandshakeLock(sslsocket);
106 *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
107 ssl_ReleaseSSL3HandshakeLock(sslsocket);
108 }
109 }
110
111 return SECSuccess;
112 }
113