Skip to content
Snippets Groups Projects
Commit 83d6ece4 authored by Deucе's avatar Deucе :ok_hand_tone4:
Browse files

Use the new TLS PSK flag to control if sock.tls_psk_id is set 

Now both the "regular" certificate, and PSK will be supported on
a TLS socket, and it's up to the client to check which was used.
parent bfbf3f50
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 19 additions and 15 deletions
src/sbbs3/js_socket.c
+ 19
15
View file @ 83d6ece4
...@@ -2408,11 +2408,9 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict ...@@ -2408,11 +2408,9 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
ret = CRYPT_ERROR_NOTAVAIL; ret = CRYPT_ERROR_NOTAVAIL;
} }
else { else {
if (!p->tls_psk) { ret = add_private_key(scfg, lprintf, p->session);
ret = add_private_key(scfg, lprintf, p->session); if (ret != CRYPT_OK) {
if (ret != CRYPT_OK) { GCES(ret, p, estr, "setting private key");
GCES(ret, p, estr, "setting private key");
}
} }
} }
} }
...@@ -2644,18 +2642,23 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp) ...@@ -2644,18 +2642,23 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
if (p->tls_psk == NULL) if (p->tls_psk == NULL)
*vp = JSVAL_VOID; *vp = JSVAL_VOID;
else { else {
int idlen; int attrval;
if ((cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, NULL, &idlen) == CRYPT_OK) && (idlen > 0)) { if ((cryptGetAttribute(p->session, CRYPT_SESSINFO_TLS_OPTIONS, &attrval) != CRYPT_OK)
char *id = malloc(idlen); || ((attrval & CRYPT_TLSOPTION_USED_PSK) == 0))
if (id) { *vp = JSVAL_VOID;
if (cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, id, &idlen) == CRYPT_OK) { else {
if ((js_str = JS_NewStringCopyN(cx, id, idlen)) == NULL) { if ((cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, NULL, &attrval) == CRYPT_OK) && (attrval > 0)) {
free(id); char *id = malloc(attrval);
return JS_FALSE; if (id) {
if (cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, id, &attrval) == CRYPT_OK) {
if ((js_str = JS_NewStringCopyN(cx, id, attrval)) == NULL) {
free(id);
return JS_FALSE;
}
*vp = STRING_TO_JSVAL(js_str);
} }
*vp = STRING_TO_JSVAL(js_str); free(id);
} }
free(id);
} }
} }
} }
...@@ -3686,6 +3689,7 @@ JSObject* js_CreateSocketObjectFromSet(JSContext* cx, JSObject* parent, char *na ...@@ -3686,6 +3689,7 @@ JSObject* js_CreateSocketObjectFromSet(JSContext* cx, JSObject* parent, char *na
if (set->sock_count < 1) if (set->sock_count < 1)
return NULL; return NULL;
len = sizeof(type); len = sizeof(type);
getsockopt(set->socks[0].sock, SOL_SOCKET, SO_TYPE, (void*)&type, &len); getsockopt(set->socks[0].sock, SOL_SOCKET, SO_TYPE, (void*)&type, &len);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment