Skip to content
Snippets Groups Projects
Commit 83d6ece4 authored by Deucе's avatar Deucе :ok_hand_tone4:
Browse files

Use the new TLS PSK flag to control if sock.tls_psk_id is set 

Now both the "regular" certificate, and PSK will be supported on
a TLS socket, and it's up to the client to check which was used.
parent bfbf3f50
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 19 additions and 15 deletions
src/sbbs3/js_socket.c
+ 19
15
View file @ 83d6ece4
...@@ -2408,14 +2408,12 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict ...@@ -2408,14 +2408,12 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
ret = CRYPT_ERROR_NOTAVAIL; ret = CRYPT_ERROR_NOTAVAIL;
} }
else { else {
if (!p->tls_psk) {
ret = add_private_key(scfg, lprintf, p->session); ret = add_private_key(scfg, lprintf, p->session);
if (ret != CRYPT_OK) { if (ret != CRYPT_OK) {
GCES(ret, p, estr, "setting private key"); GCES(ret, p, estr, "setting private key");
} }
} }
} }
}
if (ret == CRYPT_OK) { if (ret == CRYPT_OK) {
if ((ret = do_cryptAttribute(p->session, CRYPT_SESSINFO_ACTIVE, 1)) != CRYPT_OK) { if ((ret = do_cryptAttribute(p->session, CRYPT_SESSINFO_ACTIVE, 1)) != CRYPT_OK) {
GCES(ret, p, estr, "setting session active"); GCES(ret, p, estr, "setting session active");
...@@ -2644,12 +2642,16 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp) ...@@ -2644,12 +2642,16 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
if (p->tls_psk == NULL) if (p->tls_psk == NULL)
*vp = JSVAL_VOID; *vp = JSVAL_VOID;
else { else {
int idlen; int attrval;
if ((cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, NULL, &idlen) == CRYPT_OK) && (idlen > 0)) { if ((cryptGetAttribute(p->session, CRYPT_SESSINFO_TLS_OPTIONS, &attrval) != CRYPT_OK)
char *id = malloc(idlen); || ((attrval & CRYPT_TLSOPTION_USED_PSK) == 0))
*vp = JSVAL_VOID;
else {
if ((cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, NULL, &attrval) == CRYPT_OK) && (attrval > 0)) {
char *id = malloc(attrval);
if (id) { if (id) {
if (cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, id, &idlen) == CRYPT_OK) { if (cryptGetAttributeString(p->session, CRYPT_SESSINFO_USERNAME, id, &attrval) == CRYPT_OK) {
if ((js_str = JS_NewStringCopyN(cx, id, idlen)) == NULL) { if ((js_str = JS_NewStringCopyN(cx, id, attrval)) == NULL) {
free(id); free(id);
return JS_FALSE; return JS_FALSE;
} }
...@@ -2660,6 +2662,7 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp) ...@@ -2660,6 +2662,7 @@ static JSBool js_socket_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
} }
} }
} }
}
JS_RESUMEREQUEST(cx, rc); JS_RESUMEREQUEST(cx, rc);
return TRUE; return TRUE;
...@@ -3687,6 +3690,7 @@ JSObject* js_CreateSocketObjectFromSet(JSContext* cx, JSObject* parent, char *na ...@@ -3687,6 +3690,7 @@ JSObject* js_CreateSocketObjectFromSet(JSContext* cx, JSObject* parent, char *na
if (set->sock_count < 1) if (set->sock_count < 1)
return NULL; return NULL;
len = sizeof(type); len = sizeof(type);
getsockopt(set->socks[0].sock, SOL_SOCKET, SO_TYPE, (void*)&type, &len); getsockopt(set->socks[0].sock, SOL_SOCKET, SO_TYPE, (void*)&type, &len);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment