SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket. On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered. r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c
git-svn-id: svn://10.0.0.236/trunk@194962 18797224-902f-48f8-a5cc-f745e15eee43
Patch by Nelson, r=relyea.
Save the public key when we create the keypair so we can use it later.
git-svn-id: svn://10.0.0.236/trunk@189566 18797224-902f-48f8-a5cc-f745e15eee43
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c. derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
git-svn-id: svn://10.0.0.236/trunk@179892 18797224-902f-48f8-a5cc-f745e15eee43
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
git-svn-id: svn://10.0.0.236/trunk@148060 18797224-902f-48f8-a5cc-f745e15eee43
in favor of a slot specific latency test (already done by pk11wrap code).
git-svn-id: svn://10.0.0.236/trunk@137837 18797224-902f-48f8-a5cc-f745e15eee43
a socket, do not override the error code with PR_WOULD_BLOCK_ERROR.
bug 132899.
git-svn-id: svn://10.0.0.236/trunk@117264 18797224-902f-48f8-a5cc-f745e15eee43
rather than being pointed to by the sslSocket. This reduces the number
of malloc/free calls, and greatly reduces pointer fetches, and null
pointer checks. sslGather and sslSecurityInfo are separately initialized.
2. SSL_ResetHandshake no longer deallocates and reallocates the sslSecurityInfo and all its subcomponents.
3. Many places that formerly did not check for memory allocation failures
now do check, and do the right thing when allocation failed.
git-svn-id: svn://10.0.0.236/trunk@115407 18797224-902f-48f8-a5cc-f745e15eee43
1. New SSL server session cache implementation that uses finer grained
locking to reduce lock contention, and does 128-way associative caching.
2. rename symbol SSL_SESSIONID_BYTES to SSL2_SESSIONID_BYTES.
3. Work around compiler bug on Solaris i386.
Modified Files:
manifest.mn sslcon.c sslimpl.h sslsecur.c sslsnce.c
git-svn-id: svn://10.0.0.236/trunk@96768 18797224-902f-48f8-a5cc-f745e15eee43
cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
prelib.c sslauth.c sslsecur.c sslsock.c
git-svn-id: svn://10.0.0.236/trunk@86651 18797224-902f-48f8-a5cc-f745e15eee43
record of application data into a single write, when possible, to avoid
TCP's "Nagle" delays. Fixes bug 67898. r&a: wtc. Modified Files:
ssl3con.c sslimpl.h sslsecur.c sslsock.c
git-svn-id: svn://10.0.0.236/trunk@86398 18797224-902f-48f8-a5cc-f745e15eee43
The same values that the compiler would assign are assigned, with only
one exception (cmmfNoPKIStatus in cmmft.h). This is patch id=22555,
reviewed by Nelson Bolyard.
git-svn-id: svn://10.0.0.236/trunk@85087 18797224-902f-48f8-a5cc-f745e15eee43
