Back to index

lightning-sunbird  0.9+nobinonly
Classes | Defines | Functions | Variables
ssls.h File Reference
#include <prinit.h>
#include <prprf.h>
#include <prsystem.h>
#include <prmem.h>
#include <plstr.h>
#include <prnetdb.h>
#include <prinrval.h>
#include <cert.h>
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  ThreadData

Defines

#define BUFSIZE   3955 /* some arbitrary size not a multiple of 2^x */
#define SSLT_INITIAL_FORCE   1
#define SSLT_FIRST_IO   2
#define SSLT_REDO   4
#define POLICY_DOMESTIC   0
#define POLICY_EXPORT   1
#define DATABUFSIZE   168
#define CLIENTXOR   0xA5
#define BLOCKING   0
#define NON_BLOCKING   1
#define STATE_BEFORE_INITIAL_HANDSHAKE   0
#define STATE_BEFORE_REDO_HANDSHAKE   1
#define STATE_STATUS_COLLECTED   2
#define STATE_DONE_WRITING   3
#define STATE_DONE_READING   4
#define STATE_DONE   5
#define SSLT_CLIENTAUTH_OFF   1
#define SSLT_CLIENTAUTH_REDO   2
#define SSLT_CLIENTAUTH_INITIAL   3

Functions

int VerifyBuffer (char *recvbuf, int bufsize, int done, char xor)
void FillBuffer (char *sendbuf, int bufsize, int offset, char xor)
void HandshakeCallback (PRFileDesc *s, void *td)

Variables

unsigned char data []

Class Documentation

struct ThreadData

Definition at line 290 of file sqliteInt.h.

Collaboration diagram for ThreadData:
Class Members
CERTCertificate * cert
int client
int data_read
int data_sent
int data_tosend
int dummy
PRFileDesc * event
int exit_code
PRFileDesc * fd
int index
PRNetAddr na
struct ThreadData * next
BtShared * pBtree
PRPollDesc pd
struct ThreadData * peer
CERTCertificate * peercert
int peerport
PRFileDesc * r
char recvbuf
PRFileDesc * s
int secerr
int secerr_flag
char sendbuf
int state
char * status_cipher
char * status_issuer
int status_keysize
int status_on
int status_skeysize
char * status_subject
PRThread * subthread
PyThreadState * ts
u8 useSharedData
unsigned char xor_reading
unsigned char xor_writing

Define Documentation

#define BLOCKING   0

Definition at line 114 of file ssls.h.

#define BUFSIZE   3955 /* some arbitrary size not a multiple of 2^x */

Definition at line 55 of file ssls.h.

#define CLIENTXOR   0xA5

Definition at line 112 of file ssls.h.

#define DATABUFSIZE   168

Definition at line 111 of file ssls.h.

Definition at line 115 of file ssls.h.

Definition at line 102 of file ssls.h.

Definition at line 103 of file ssls.h.

Definition at line 126 of file ssls.h.

Definition at line 124 of file ssls.h.

Definition at line 125 of file ssls.h.

Definition at line 89 of file ssls.h.

Definition at line 88 of file ssls.h.

#define SSLT_REDO   4

Definition at line 90 of file ssls.h.

Definition at line 117 of file ssls.h.

Definition at line 118 of file ssls.h.

#define STATE_DONE   5

Definition at line 122 of file ssls.h.

Definition at line 121 of file ssls.h.

Definition at line 120 of file ssls.h.

Definition at line 119 of file ssls.h.


Function Documentation

void FillBuffer ( char *  sendbuf,
int  bufsize,
int  offset,
char  xor 
)

Definition at line 1099 of file sslt.c.

                                                                  {
   int done=0,i,j;
   
   while (done < bufsize) {
    i = offset % DATABUFSIZE;
    for (j = i; j < DATABUFSIZE ; j++) {
      *sendbuf = (data[j] ^ xor);
      sendbuf++;
    }
    done += (DATABUFSIZE - i);
    offset += (DATABUFSIZE - i);
   }
 }

Here is the call graph for this function:

void HandshakeCallback ( PRFileDesc s,
void td 
)

Definition at line 799 of file nsNSSCallbacks.cpp.

                                                                      {
  nsNSSShutDownPreventionLock locker;
  PRInt32 sslStatus;
  char* signer = nsnull;
  char* cipherName = nsnull;
  PRInt32 keyLength;
  nsresult rv;
  PRInt32 encryptBits;

  if (SECSuccess != SSL_SecurityStatus(fd, &sslStatus, &cipherName, &keyLength,
                                       &encryptBits, &signer, nsnull)) {
    return;
  }

  PRInt32 secStatus;
  if (sslStatus == SSL_SECURITY_STATUS_OFF)
    secStatus = nsIWebProgressListener::STATE_IS_BROKEN;
  else if (encryptBits >= 90)
    secStatus = (nsIWebProgressListener::STATE_IS_SECURE |
                 nsIWebProgressListener::STATE_SECURE_HIGH);
  else
    secStatus = (nsIWebProgressListener::STATE_IS_SECURE |
                 nsIWebProgressListener::STATE_SECURE_LOW);

  CERTCertificate *peerCert = SSL_PeerCertificate(fd);
  char* caName = CERT_GetOrgName(&peerCert->issuer);
  CERT_DestroyCertificate(peerCert);
  if (!caName) {
    caName = signer;
  }

  // If the CA name is RSA Data Security, then change the name to the real
  // name of the company i.e. VeriSign, Inc.
  if (nsCRT::strcmp((const char*)caName, "RSA Data Security, Inc.") == 0) {
    // In this case, caName != signer since the logic implies signer
    // would be at minimal "O=RSA Data Security, Inc" because caName
    // is what comes after to O=.  So we're OK just freeing this memory
    // without checking to see if it's equal to signer;
    NS_ASSERTION(caName != signer, "caName was equal to caName when it shouldn't be");
    PR_Free(caName);
    caName = PL_strdup("Verisign, Inc.");
  }

  nsAutoString shortDesc;
  const PRUnichar* formatStrings[1] = { ToNewUnicode(NS_ConvertUTF8toUCS2(caName)) };
  nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
  if (NS_SUCCEEDED(rv)) {
    rv = nssComponent->PIPBundleFormatStringFromName("SignedBy",
                                                   formatStrings, 1,
                                                   shortDesc);

    nsMemory::Free(NS_CONST_CAST(PRUnichar*, formatStrings[0]));

    nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
    infoObject->SetSecurityState(secStatus);
    infoObject->SetShortSecurityDescription(shortDesc.get());

    /* Set the SSL Status information */
    nsCOMPtr<nsSSLStatus> status = new nsSSLStatus();

    CERTCertificate *serverCert = SSL_PeerCertificate(fd);
    if (serverCert) {
      status->mServerCert = new nsNSSCertificate(serverCert);
      CERT_DestroyCertificate(serverCert);
    }

    status->mKeyLength = keyLength;
    status->mSecretKeyLength = encryptBits;
    status->mCipherName.Adopt(cipherName);

    infoObject->SetSSLStatus(status);
  }

  if (caName != signer) {
    PR_Free(caName);
  }
  PR_Free(signer);
}

Here is the call graph for this function:

Here is the caller graph for this function:

int VerifyBuffer ( char *  recvbuf,
int  bufsize,
int  done,
char  xor 
)

Definition at line 1072 of file sslt.c.

                                                                {
  int i,j,k;

  while (bufsize) {
    i = done % DATABUFSIZE;

    k = DATABUFSIZE;
    if (bufsize < k) {
      k = bufsize;
    }
    for (j = i; j < k ; j++) {
      if ((data[j] ^ xor) != (*recvbuf)) {
       return 71;
      }
      
      recvbuf++;
    }
    done += k-i;
    bufsize -= (k - i);
    if (bufsize < 0) return 73;
  }
  return (0);
}

Variable Documentation

unsigned char data[]

Definition at line 130 of file gtkmozembed.h.