From ed7132b5a20a4cbcbecb77a6ad548ff24003ba01 Mon Sep 17 00:00:00 2001 From: "jgmyers%netscape.com" Date: Tue, 12 Sep 2000 20:15:44 +0000 Subject: [PATCH] support IPv6 in ssl: bug 48657 r=nelsonb git-svn-id: svn://10.0.0.236/trunk@78892 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/security/nss/lib/ssl/ssl3con.c | 12 ++-- mozilla/security/nss/lib/ssl/sslauth.c | 4 +- mozilla/security/nss/lib/ssl/sslcon.c | 12 ++-- mozilla/security/nss/lib/ssl/sslimpl.h | 12 ++-- mozilla/security/nss/lib/ssl/sslnonce.c | 18 +++--- mozilla/security/nss/lib/ssl/sslsnce.c | 81 +++++++++++++++---------- mozilla/security/nss/lib/ssl/sslsock.c | 22 ++++--- mozilla/security/nss/lib/ssl/sslsocks.c | 12 +++- 8 files changed, 104 insertions(+), 69 deletions(-) diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/ssl/ssl3con.c index 86dd287a419..49a10cdabf8 100644 --- a/mozilla/security/nss/lib/ssl/ssl3con.c +++ b/mozilla/security/nss/lib/ssl/ssl3con.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: ssl3con.c,v 1.7 2000-08-08 22:54:02 nelsonb%netscape.com Exp $ + * $Id: ssl3con.c,v 1.8 2000-09-12 20:15:41 jgmyers%netscape.com Exp $ */ #include "cert.h" @@ -2453,7 +2453,7 @@ ssl3_SendClientHello(sslSocket *ss) * this lookup is duplicative and wasteful. */ sid = (ss->noCache) ? NULL - : ssl_LookupSID(sec->ci.peer, sec->ci.port, ss->peerID, ss->url); + : ssl_LookupSID(&sec->ci.peer, sec->ci.port, ss->peerID, ss->url); /* We can't resume based on a different token. If the sid exists, * make sure the token that holds the master secret still exists ... @@ -4590,9 +4590,11 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) } if (sidBytes.len > 0) { - SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x", - SSL_GETPID(), ss->fd, ci->peer)); - sid = (*ssl_sid_lookup)(ci->peer, sidBytes.data, sidBytes.len, + SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x", + SSL_GETPID(), ss->fd, ci->peer.pr_s6_addr32[0], + ci->peer.pr_s6_addr32[1], ci->peer.pr_s6_addr32[2], + ci->peer.pr_s6_addr32[3])); + sid = (*ssl_sid_lookup)(&ci->peer, sidBytes.data, sidBytes.len, ss->dbHandle); } SECITEM_FreeItem(&sidBytes, PR_FALSE); diff --git a/mozilla/security/nss/lib/ssl/sslauth.c b/mozilla/security/nss/lib/ssl/sslauth.c index 42dc866b3f6..95563fe4896 100644 --- a/mozilla/security/nss/lib/ssl/sslauth.c +++ b/mozilla/security/nss/lib/ssl/sslauth.c @@ -30,7 +30,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslauth.c,v 1.1 2000-03-31 19:33:40 relyea%netscape.com Exp $ + * $Id: sslauth.c,v 1.2 2000-09-12 20:15:42 jgmyers%netscape.com Exp $ */ #include "cert.h" #include "secitem.h" @@ -225,7 +225,7 @@ SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer) CERTCertDBHandle * handle; sslSocket * ss; SECCertUsage certUsage; - char * hostname = NULL; + const char * hostname = NULL; ss = ssl_FindSocket(fd); PORT_Assert(ss != NULL); diff --git a/mozilla/security/nss/lib/ssl/sslcon.c b/mozilla/security/nss/lib/ssl/sslcon.c index db791f861d9..96f3d9d7ceb 100644 --- a/mozilla/security/nss/lib/ssl/sslcon.c +++ b/mozilla/security/nss/lib/ssl/sslcon.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslcon.c,v 1.3 2000-06-06 20:32:18 nelsonb%netscape.com Exp $ + * $Id: sslcon.c,v 1.4 2000-09-12 20:15:42 jgmyers%netscape.com Exp $ */ #include "cert.h" @@ -2983,7 +2983,7 @@ ssl2_BeginClientHandshake(sslSocket *ss) if (ss->noCache) { sid = NULL; } else { - sid = ssl_LookupSID(ci->peer, ci->port, ss->peerID, ss->url); + sid = ssl_LookupSID(&ci->peer, ci->port, ss->peerID, ss->url); } if (sid) { /* if we're not doing this SID's protocol any more, drop it. */ @@ -3508,9 +3508,11 @@ ssl2_HandleClientHelloMessage(sslSocket *ss) if (ss->noCache) { sid = NULL; } else if (sdLen) { - SSL_TRC(7, ("%d: SSL[%d]: server, lookup client session-id for 0x%08x", - SSL_GETPID(), ss->fd, ci->peer)); - sid = (*ssl_sid_lookup)(ci->peer, sd, sdLen, ss->dbHandle); + SSL_TRC(7, ("%d: SSL[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x", + SSL_GETPID(), ss->fd, ci->peer.pr_s6_addr32[0], + ci->peer.pr_s6_addr32[1], ci->peer.pr_s6_addr32[2], + ci->peer.pr_s6_addr32[3])); + sid = (*ssl_sid_lookup)(&ci->peer, sd, sdLen, ss->dbHandle); } if (sid) { /* Got a good session-id. Short cut! */ diff --git a/mozilla/security/nss/lib/ssl/sslimpl.h b/mozilla/security/nss/lib/ssl/sslimpl.h index 4454ed0a602..11d321089e9 100644 --- a/mozilla/security/nss/lib/ssl/sslimpl.h +++ b/mozilla/security/nss/lib/ssl/sslimpl.h @@ -33,7 +33,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslimpl.h,v 1.3 2000-05-24 03:35:23 nelsonb%netscape.com Exp $ + * $Id: sslimpl.h,v 1.4 2000-09-12 20:15:43 jgmyers%netscape.com Exp $ */ #ifndef __sslimpl_h_ @@ -163,7 +163,7 @@ typedef PRInt32 (*sslSendFunc)(sslSocket *ss, const unsigned char *buf, typedef void (*sslSessionIDCacheFunc) (sslSessionID *sid); typedef void (*sslSessionIDUncacheFunc)(sslSessionID *sid); -typedef sslSessionID *(*sslSessionIDLookupFunc)(PRUint32 addr, +typedef sslSessionID *(*sslSessionIDLookupFunc)(const PRIPv6Addr *addr, unsigned char* sid, unsigned int sidLen, CERTCertDBHandle * dbHandle); @@ -293,7 +293,7 @@ struct sslSocketStr { sslBuffer pendingBuf; /*xmitBufLock*/ /* the following 3 variables are only used with socks or other proxies. */ - long peer; /* Target server IP address */ + PRIPv6Addr peer; /* Target server IP address */ int port; /* Target server port number. */ char * peerID; /* String uniquely identifies target server. */ /* End of socks variables. */ @@ -479,7 +479,7 @@ struct sslConnectInfoStr { /* outgoing handshakes appended to this. */ sslBuffer sendBuf; /*xmitBufLock*/ /* ssl 2 & 3 */ - unsigned long peer; /* ssl 2 & 3 */ + PRIPv6Addr peer; /* ssl 2 & 3 */ unsigned short port; /* ssl 2 & 3 */ sslSessionID *sid; /* ssl 2 & 3 */ @@ -691,7 +691,7 @@ struct sslSessionIDStr { const char * peerID; /* client only */ const char * urlSvrName; /* client only */ - PRUint32 addr; + PRIPv6Addr addr; PRUint16 port; SSL3ProtocolVersion version; @@ -1040,7 +1040,7 @@ extern SECStatus sslBuffer_Grow(sslBuffer *b, unsigned int newLen); extern void ssl2_UseClearSendFunc(sslSocket *ss); extern void ssl_ChooseSessionIDProcs(sslSecurityInfo *sec); -extern sslSessionID *ssl_LookupSID(PRUint32 addr, PRUint16 port, +extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID, const char *urlSvrName); extern void ssl_FreeSID(sslSessionID *sid); diff --git a/mozilla/security/nss/lib/ssl/sslnonce.c b/mozilla/security/nss/lib/ssl/sslnonce.c index 5fac51a59ee..5fc296ce2d1 100644 --- a/mozilla/security/nss/lib/ssl/sslnonce.c +++ b/mozilla/security/nss/lib/ssl/sslnonce.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslnonce.c,v 1.2 2000-05-24 19:28:27 nelsonb%netscape.com Exp $ + * $Id: sslnonce.c,v 1.3 2000-09-12 20:15:43 jgmyers%netscape.com Exp $ */ #include "cert.h" @@ -141,7 +141,7 @@ ssl_FreeSID(sslSessionID *sid) */ sslSessionID * -ssl_LookupSID(PRUint32 addr, PRUint16 port, const char *peerID, +ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID, const char * urlSvrName) { sslSessionID **sidp; @@ -174,7 +174,7 @@ ssl_LookupSID(PRUint32 addr, PRUint16 port, const char *peerID, else ssl_FreeLockedSID(sid); /* drop ref count, free. */ - } else if ((sid->addr == addr) && /* server IP addr matches */ + } else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */ (sid->port == port) && /* server port matches */ /* proxy (peerID) matches */ (((peerID == NULL) && (sid->peerID == NULL)) || @@ -208,9 +208,11 @@ static void CacheSID(sslSessionID *sid) { PRUint32 expirationPeriod; - SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x port=0x%04x " + SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x " "time=%x cached=%d", - sid, sid->cached, sid->addr, sid->port, sid->time, + sid, sid->cached, sid->addr.pr_s6_addr32[0], + sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2], + sid->addr.pr_s6_addr32[3], sid->port, sid->time, sid->cached)); if (sid->cached == in_client_cache) @@ -262,9 +264,11 @@ UncacheSID(sslSessionID *zap) return; } - SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x port=0x%04x " + SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x " "time=%x cipher=%d", - zap, zap->cached, zap->addr, zap->port, zap->time, + zap, zap->cached, zap->addr.pr_s6_addr32[0], + zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2], + zap->addr.pr_s6_addr32[3], zap->port, zap->time, zap->u.ssl2.cipherType)); if (zap->version < SSL_LIBRARY_VERSION_3_0) { PRINT_BUF(8, (0, "sessionID:", diff --git a/mozilla/security/nss/lib/ssl/sslsnce.c b/mozilla/security/nss/lib/ssl/sslsnce.c index 587003bd0e1..a10be935f0e 100644 --- a/mozilla/security/nss/lib/ssl/sslsnce.c +++ b/mozilla/security/nss/lib/ssl/sslsnce.c @@ -32,7 +32,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsnce.c,v 1.3 2000-09-07 03:35:31 nelsonb%netscape.com Exp $ + * $Id: sslsnce.c,v 1.4 2000-09-12 20:15:43 jgmyers%netscape.com Exp $ */ /* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server @@ -135,7 +135,7 @@ static PRUint32 certCacheFileSize; */ typedef struct SIDCacheEntryStr SIDCacheEntry; struct SIDCacheEntryStr { - PRUint32 addr; + PRIPv6Addr addr; PRUint32 time; union { @@ -181,7 +181,7 @@ struct SIDCacheEntryStr { * so, force the struct size up to the next power of two. */ struct { - unsigned char filler[248]; /* 248 + 4 + 4 == 256 */ + unsigned char filler[256 - sizeof(PRIPv6Addr) - sizeof(PRUint32)]; } force256; } u; }; @@ -199,9 +199,8 @@ struct CertCacheEntryStr { static void IOError(int rv, char *type); -static PRUint32 Offset(PRUint32 addr, unsigned char *s, unsigned nl); +static PRUint32 Offset(const PRIPv6Addr *addr, unsigned char *s, unsigned nl); static void Invalidate(SIDCacheEntry *sce); - /************************************************************************/ static const char envVarName[] = { SSL_ENV_VAR_NAME }; @@ -221,7 +220,6 @@ struct winInheritanceStr { HANDLE certCacheFDMAP; HANDLE svrCacheSem; }; - typedef struct winInheritanceStr winInheritance; static HANDLE svrCacheSem = INVALID_HANDLE_VALUE; @@ -748,9 +746,11 @@ ConvertFromSID(SIDCacheEntry *to, sslSessionID *from) sizeof(to->u.ssl2.cipherArg) - from->u.ssl2.cipherArg.len); #endif SSL_TRC(8, ("%d: SSL: ConvertSID: masterKeyLen=%d cipherArgLen=%d " - "time=%d addr=0x%x cipherType=%d", myPid, + "time=%d addr=0x%08x%08x%08x%08x cipherType=%d", myPid, to->u.ssl2.masterKeyLen, to->u.ssl2.cipherArgLen, - to->time, to->addr, to->u.ssl2.cipherType)); + to->time, to->addr.pr_s6_addr32[0], + to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2], + to->addr.pr_s6_addr32[3], to->u.ssl2.cipherType)); } else { /* This is an SSL v3 session */ @@ -767,8 +767,10 @@ ConvertFromSID(SIDCacheEntry *to, sslSessionID *from) from->u.ssl3.sessionID, from->u.ssl3.sessionIDLength); - SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%x cipherSuite=%d", - myPid, to->time, to->addr, to->u.ssl3.cipherSuite)); + SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x cipherSuite=%d", + myPid, to->time, to->addr.pr_s6_addr32[0], + to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2], + to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite)); } } @@ -816,9 +818,11 @@ ConvertToSID(SIDCacheEntry *from, CERTCertDBHandle * dbHandle) from->u.ssl2.masterKeyLen); SSL_TRC(8, ("%d: SSL: ConvertToSID: masterKeyLen=%d cipherArgLen=%d " - "time=%d addr=0x%x cipherType=%d", + "time=%d addr=0x%08x%08x%08x%08x cipherType=%d", myPid, to->u.ssl2.masterKey.len, - to->u.ssl2.cipherArg.len, to->time, to->addr, + to->u.ssl2.cipherArg.len, to->time, + to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1], + to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3], to->u.ssl2.cipherType)); } else { /* This is an SSL v3 session */ @@ -902,10 +906,10 @@ Invalidate(SIDCacheEntry *sce) if (sce == NULL) return; if (sce->u.ssl2.version < SSL_LIBRARY_VERSION_3_0) { - offset = Offset(sce->addr, sce->u.ssl2.sessionID, + offset = Offset(&sce->addr, sce->u.ssl2.sessionID, sizeof sce->u.ssl2.sessionID); } else { - offset = Offset(sce->addr, sce->u.ssl3.sessionID, + offset = Offset(&sce->addr, sce->u.ssl3.sessionID, sce->u.ssl3.sessionIDLength); } @@ -972,11 +976,11 @@ unlock_cache(void) ** compute a hash value. */ static PRUint32 -Offset(PRUint32 addr, unsigned char *s, unsigned nl) +Offset(const PRIPv6Addr *addr, unsigned char *s, unsigned nl) { PRUint32 rv; - rv = addr ^ (((PRUint32)s[0] << 24) | ((PRUint32)s[1] << 16) + rv = addr->pr_s6_addr32[3] ^ (((PRUint32)s[0] << 24) | ((PRUint32)s[1] << 16) | (s[2] << 8) | s[nl-1]); return (rv % numSIDCacheEntries) * sizeof(SIDCacheEntry); } @@ -989,7 +993,7 @@ Offset(PRUint32 addr, unsigned char *s, unsigned nl) ** Returns PR_TRUE if found a valid match. PR_FALSE otherwise. */ static PRBool -FindSID(PRUint32 addr, unsigned char *sessionID, +FindSID(const PRIPv6Addr *addr, unsigned char *sessionID, unsigned sessionIDLength, SIDCacheEntry *sce) { PRUint32 offset; @@ -1043,8 +1047,11 @@ FindSID(PRUint32 addr, unsigned char *sessionID, ((sce->u.ssl2.version >= SSL_LIBRARY_VERSION_3_0) && (now > sce->time + ssl3_sid_timeout))) { /* SessionID has timed out. Invalidate the entry. */ - SSL_TRC(7, ("%d: timed out sid entry addr=%08x now=%x time+=%x", - myPid, sce->addr, now, sce->time + ssl_sid_timeout)); + SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x time+=%x", + myPid, sce->addr.pr_s6_addr32[0], + sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2], + sce->addr.pr_s6_addr32[3], now, + sce->time + ssl_sid_timeout)); sce->u.ssl2.valid = 0; GET_SERVER_CACHE_WRITE_LOCK(SIDCacheFD, offset, sizeof *sce); @@ -1081,7 +1088,7 @@ FindSID(PRUint32 addr, unsigned char *sessionID, ** Finally, examine specific session-id/addr data to see if the cache ** entry matches our addr+session-id value */ - if ((sce->addr == addr) && + if (!memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) && (PORT_Memcmp(sce->u.ssl2.sessionID, sessionID, sessionIDLength) == 0)) { /* Found it */ return PR_TRUE; @@ -1097,7 +1104,7 @@ FindSID(PRUint32 addr, unsigned char *sessionID, * pointer ssl_sid_lookup. */ static sslSessionID * -ServerSessionIDLookup( PRUint32 addr, +ServerSessionIDLookup( const PRIPv6Addr *addr, unsigned char *sessionID, unsigned int sessionIDLength, CERTCertDBHandle * dbHandle) @@ -1142,8 +1149,10 @@ ServerSessionIDCache(sslSessionID *sid) sid->time = ssl_Time(); if (version < SSL_LIBRARY_VERSION_3_0) { - SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x time=%x " - "cipher=%d", myPid, sid->cached, sid->addr, + SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x " + "cipher=%d", myPid, sid->cached, + sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1], + sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3], sid->time, sid->u.ssl2.cipherType)); PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID))); @@ -1153,16 +1162,18 @@ ServerSessionIDCache(sslSessionID *sid) sid->u.ssl2.cipherArg.len)); /* Write out new cache entry */ - offset = Offset(sid->addr, sid->u.ssl2.sessionID, + offset = Offset(&sid->addr, sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)); } else { - SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x time=%x " - "cipherSuite=%d", myPid, sid->cached, sid->addr, + SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x " + "cipherSuite=%d", myPid, sid->cached, + sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1], + sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3], sid->time, sid->u.ssl3.cipherSuite)); PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); - offset = Offset(sid->addr, sid->u.ssl3.sessionID, + offset = Offset(&sid->addr, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength); } @@ -1225,8 +1236,10 @@ ServerSessionIDUncache(sslSessionID *sid) err = PR_GetError(); lock_cache(); if (sid->version < SSL_LIBRARY_VERSION_3_0) { - SSL_TRC(8, ("%d: SSL: UncacheMT: valid=%d addr=0x%08x time=%x " - "cipher=%d", myPid, sid->cached, sid->addr, + SSL_TRC(8, ("%d: SSL: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x " + "cipher=%d", myPid, sid->cached, + sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1], + sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3], sid->time, sid->u.ssl2.cipherType)); PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID))); @@ -1234,15 +1247,17 @@ ServerSessionIDUncache(sslSessionID *sid) sid->u.ssl2.masterKey.len)); PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len)); - rv = FindSID(sid->addr, sid->u.ssl2.sessionID, + rv = FindSID(&sid->addr, sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID), &sce); } else { - SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x time=%x " - "cipherSuite=%d", myPid, sid->cached, sid->addr, + SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x " + "cipherSuite=%d", myPid, sid->cached, + sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1], + sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3], sid->time, sid->u.ssl3.cipherSuite)); PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); - rv = FindSID(sid->addr, sid->u.ssl3.sessionID, + rv = FindSID(&sid->addr, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, &sce); } diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c index 1866cd96c6a..1403a647236 100644 --- a/mozilla/security/nss/lib/ssl/sslsock.c +++ b/mozilla/security/nss/lib/ssl/sslsock.c @@ -34,7 +34,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsock.c,v 1.4 2000-09-11 22:37:12 nelsonb%netscape.com Exp $ + * $Id: sslsock.c,v 1.5 2000-09-12 20:15:43 jgmyers%netscape.com Exp $ */ #include "seccomon.h" #include "cert.h" @@ -165,7 +165,7 @@ sslSessionIDLookupFunc ssl_sid_lookup; sslSessionIDCacheFunc ssl_sid_cache; sslSessionIDUncacheFunc ssl_sid_uncache; -static ssl_inited = PR_FALSE; +static PRBool ssl_inited = PR_FALSE; static PRDescIdentity ssl_layer_id; int ssl_lock_readers = 1; /* default true. */ @@ -997,7 +997,6 @@ ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout) sslSocket *ss; sslSocket *ns = NULL; PRFileDesc *newfd = NULL; - PRFileDesc *layer = NULL; PRFileDesc *osfd; PRStatus status; @@ -1289,7 +1288,9 @@ ssl_GetPeerInfo(sslSocket *ss) /* If ssl_SocksConnect() has previously recorded the peer's IP & port, * use that. */ - if ((ss->peer != 0) && (ss->port != 0)) { + if ((ss->port != 0) && + ((ss->peer.pr_s6_addr32[0] != 0) || (ss->peer.pr_s6_addr32[1] != 0) || + (ss->peer.pr_s6_addr32[2] != 0) || (ss->peer.pr_s6_addr32[3] != 0))) { /* SOCKS code has already recorded the peer's IP addr and port. * (NOT the proxy's addr and port) in ss->peer & port. */ @@ -1304,9 +1305,14 @@ ssl_GetPeerInfo(sslSocket *ss) return SECFailure; } /* we have to mask off the high byte because AIX is lame */ - PORT_Assert((sin.inet.family & 0xff) == PR_AF_INET); - ci->peer = sin.inet.ip; - ci->port = sin.inet.port; + if ((sin.inet.family & 0xff) == PR_AF_INET) { + PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ci->peer); + ci->port = sin.inet.port; + } else { + PORT_Assert(sin.ipv6.family == PR_AF_INET6); + ci->peer = sin.ipv6.ip; + ci->port = sin.ipv6.port; + } return SECSuccess; } @@ -1802,7 +1808,7 @@ ssl_NewSocket(void) ss->fdx = ssl_defaults.fdx; ss->v2CompatibleHello = ssl_defaults.v2CompatibleHello; ss->detectRollBack = ssl_defaults.detectRollBack; - ss->peer = 0; + memset(&ss->peer, 0, sizeof(ss->peer)); ss->port = 0; ss->noCache = ssl_defaults.noCache; ss->peerID = NULL; diff --git a/mozilla/security/nss/lib/ssl/sslsocks.c b/mozilla/security/nss/lib/ssl/sslsocks.c index be4f17c5b4d..7b5a2e57359 100644 --- a/mozilla/security/nss/lib/ssl/sslsocks.c +++ b/mozilla/security/nss/lib/ssl/sslsocks.c @@ -34,7 +34,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: sslsocks.c,v 1.1 2000-03-31 19:37:15 relyea%netscape.com Exp $ + * $Id: sslsocks.c,v 1.2 2000-09-12 20:15:44 jgmyers%netscape.com Exp $ */ #include "prtypes.h" #include "prnetdb.h" @@ -810,8 +810,14 @@ ssl_SocksConnect(sslSocket *ss, const PRNetAddr *sa) ss->nextHandshake = 0; /* save up who we're really talking to so we can index the cache */ - ss->peer = sa->inet.ip; - ss->port = sa->inet.port; + if ((sa->inet.family & 0xff) == PR_AF_INET) { + PR_ConvertIPv4AddrToIPv6(sa->inet.ip, &ss->peer); + ss->port = sa->inet.port; + } else { + PORT_Assert(sa->ipv6.family == PR_AF_INET6); + ss->peer = sa->ipv6.ip; + ss->port = sa->ipv6.port; + } } return 0; }