gboolean handshaken;
NiceSocket *base_socket;
GQueue send_queue;
+ NicePseudoSSLSocketCompatibility compatibility;
} PseudoSSLPriv;
};
-static const gchar SSL_SERVER_HANDSHAKE[] = {
+static const gchar SSL_SERVER_GOOGLE_HANDSHAKE[] = {
0x16, 0x03, 0x01, 0x00, 0x4a, 0x02, 0x00, 0x00,
0x46, 0x03, 0x01, 0x42, 0x85, 0x45, 0xa7, 0x27,
0xa9, 0x5d, 0xa0, 0xb3, 0xc5, 0xe7, 0x53, 0xda,
0x30, 0x32, 0x6e, 0x38, 0x4d, 0xa2, 0x75, 0x57,
0x41, 0x6c, 0x34, 0x5c, 0x00, 0x04, 0x00};
-static const gchar SSL_CLIENT_HANDSHAKE[] = {
+static const gchar SSL_CLIENT_GOOGLE_HANDSHAKE[] = {
0x80, 0x46, 0x01, 0x03, 0x01, 0x00, 0x2d, 0x00,
0x00, 0x00, 0x10, 0x01, 0x00, 0x80, 0x03, 0x00,
0x80, 0x07, 0x00, 0xc0, 0x06, 0x00, 0x40, 0x02,
0x1f, 0x17, 0x0c, 0xa6, 0x2f, 0x00, 0x78, 0xfc,
0x46, 0x55, 0x2e, 0xb1, 0x83, 0x39, 0xf1, 0xea};
+static const gchar SSL_SERVER_MSOC_HANDSHAKE[] = {
+ 0x16, 0x03, 0x01, 0x00, 0x4e, 0x02, 0x00, 0x00,
+ 0x46, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x0e,
+ 0x00, 0x00, 0x00};
+
+static const gchar SSL_CLIENT_MSOC_HANDSHAKE[] = {
+ 0x16, 0x03, 0x01, 0x00, 0x2d, 0x01, 0x00, 0x00,
+ 0x29, 0x03, 0x01, 0xc1, 0xfc, 0xd5, 0xa3, 0x6d,
+ 0x93, 0xdd, 0x7e, 0x0b, 0x45, 0x67, 0x3f, 0xec,
+ 0x79, 0x85, 0xfb, 0xbc, 0x3f, 0xd6, 0x60, 0xc2,
+ 0xce, 0x84, 0x85, 0x08, 0x1b, 0x81, 0x21, 0xbc,
+ 0xaa, 0x10, 0xfb, 0x00, 0x00, 0x02, 0x00, 0x18,
+ 0x01, 0x00};
static void socket_close (NiceSocket *sock);
static gint socket_recv_messages (NiceSocket *sock,
NiceSocket *
-nice_pseudossl_socket_new (NiceSocket *base_socket)
+nice_pseudossl_socket_new (NiceSocket *base_socket,
+ NicePseudoSSLSocketCompatibility compatibility)
{
PseudoSSLPriv *priv;
- NiceSocket *sock = g_slice_new0 (NiceSocket);
+ NiceSocket *sock;
+ const gchar *buf;
+ guint len;
+
+ if (compatibility == NICE_PSEUDOSSL_SOCKET_COMPATIBILITY_MSOC) {
+ buf = SSL_CLIENT_MSOC_HANDSHAKE;
+ len = sizeof(SSL_CLIENT_MSOC_HANDSHAKE);
+ } else if (compatibility == NICE_PSEUDOSSL_SOCKET_COMPATIBILITY_GOOGLE) {
+ buf = SSL_CLIENT_GOOGLE_HANDSHAKE;
+ len = sizeof(SSL_CLIENT_GOOGLE_HANDSHAKE);
+ } else {
+ return NULL;
+ }
+
+ sock = g_slice_new0 (NiceSocket);
sock->priv = priv = g_slice_new0 (PseudoSSLPriv);
priv->handshaken = FALSE;
priv->base_socket = base_socket;
+ priv->compatibility = compatibility;
sock->type = NICE_SOCKET_TYPE_PSEUDOSSL;
sock->fileno = priv->base_socket->fileno;
/* We send 'to' NULL because it will always be to an already connected
* TCP base socket, which ignores the destination */
- nice_socket_send_reliable (priv->base_socket, NULL,
- sizeof(SSL_CLIENT_HANDSHAKE), SSL_CLIENT_HANDSHAKE);
+ nice_socket_send_reliable (priv->base_socket, NULL, len, buf);
return sock;
}
g_slice_free(PseudoSSLPriv, sock->priv);
}
+static gboolean
+server_handshake_valid(NiceSocket *sock, GInputVector *data)
+{
+ PseudoSSLPriv *priv = sock->priv;
+
+ if (priv->compatibility == NICE_PSEUDOSSL_SOCKET_COMPATIBILITY_MSOC) {
+ if (data->size == sizeof(SSL_SERVER_MSOC_HANDSHAKE)) {
+ guint8 *buf = data->buffer;
+
+ memset(buf + 11, 0, 32);
+ memset(buf + 44, 0, 32);
+ return memcmp(SSL_SERVER_MSOC_HANDSHAKE, data->buffer,
+ sizeof(SSL_SERVER_MSOC_HANDSHAKE)) == 0;
+ }
+ return FALSE;
+ } else {
+ return data->size == sizeof(SSL_SERVER_GOOGLE_HANDSHAKE) &&
+ memcmp(SSL_SERVER_GOOGLE_HANDSHAKE, data->buffer,
+ sizeof(SSL_SERVER_GOOGLE_HANDSHAKE)) == 0;
+ }
+}
static gint
socket_recv_messages (NiceSocket *sock,
recv_messages, n_recv_messages);
}
} else {
- guint8 data[sizeof(SSL_SERVER_HANDSHAKE)];
+ guint8 data[MAX(sizeof(SSL_SERVER_GOOGLE_HANDSHAKE),
+ sizeof(SSL_SERVER_MSOC_HANDSHAKE))];
gint ret = -1;
- GInputVector local_recv_buf = { data, sizeof (data) };
+ GInputVector local_recv_buf = { data, sizeof(data) };
NiceInputMessage local_recv_message = { &local_recv_buf, 1, NULL, 0 };
+
+ if (priv->compatibility == NICE_PSEUDOSSL_SOCKET_COMPATIBILITY_MSOC) {
+ local_recv_buf.size = sizeof(SSL_SERVER_MSOC_HANDSHAKE);
+ } else {
+ local_recv_buf.size = sizeof(SSL_SERVER_GOOGLE_HANDSHAKE);
+ }
if (priv->base_socket) {
ret = nice_socket_recv_messages (priv->base_socket,
&local_recv_message, 1);
if (ret <= 0) {
return ret;
- } else if (ret == 1 &&
- local_recv_buf.size == sizeof (SSL_SERVER_HANDSHAKE) &&
- memcmp(SSL_SERVER_HANDSHAKE, data, sizeof(SSL_SERVER_HANDSHAKE)) == 0) {
+ } else if (ret == 1 && server_handshake_valid(sock, &local_recv_buf)) {
struct to_be_sent *tbs = NULL;
priv->handshaken = TRUE;
while ((tbs = g_queue_pop_head (&priv->send_queue))) {