1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/socket/ssl_server_socket_nss.h"
11 #if defined(USE_SYSTEM_SSL)
14 #if defined(OS_MACOSX)
15 #include <Security/Security.h>
32 #include "base/lazy_instance.h"
33 #include "base/memory/ref_counted.h"
34 #include "crypto/rsa_private_key.h"
35 #include "crypto/nss_util_internal.h"
36 #include "net/base/io_buffer.h"
37 #include "net/base/net_errors.h"
38 #include "net/base/net_log.h"
39 #include "net/socket/nss_ssl_util.h"
40 #include "net/socket/ssl_error_params.h"
42 // SSL plaintext fragments are shorter than 16KB. Although the record layer
43 // overhead is allowed to be 2K + 5 bytes, in practice the overhead is much
44 // smaller than 1KB. So a 17KB buffer should be large enough to hold an
46 static const int kRecvBufferSize = 17 * 1024;
47 static const int kSendBufferSize = 17 * 1024;
49 #define GotoState(s) next_handshake_state_ = s
55 bool g_nss_server_sockets_init = false;
57 class NSSSSLServerInitSingleton {
59 NSSSSLServerInitSingleton() {
62 SSL_ConfigServerSessionIDCache(1024, 5, 5, NULL);
63 g_nss_server_sockets_init = true;
66 ~NSSSSLServerInitSingleton() {
67 SSL_ShutdownServerSessionIDCache();
68 g_nss_server_sockets_init = false;
72 static base::LazyInstance<NSSSSLServerInitSingleton>
73 g_nss_ssl_server_init_singleton = LAZY_INSTANCE_INITIALIZER;
77 void EnableSSLServerSockets() {
78 g_nss_ssl_server_init_singleton.Get();
81 scoped_ptr<SSLServerSocket> CreateSSLServerSocket(
82 scoped_ptr<StreamSocket> socket,
83 X509Certificate* cert,
84 crypto::RSAPrivateKey* key,
85 const SSLConfig& ssl_config) {
86 DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been"
89 return scoped_ptr<SSLServerSocket>(
90 new SSLServerSocketNSS(socket.Pass(), cert, key, ssl_config));
93 SSLServerSocketNSS::SSLServerSocketNSS(
94 scoped_ptr<StreamSocket> transport_socket,
95 scoped_refptr<X509Certificate> cert,
96 crypto::RSAPrivateKey* key,
97 const SSLConfig& ssl_config)
98 : transport_send_busy_(false),
99 transport_recv_busy_(false),
100 user_read_buf_len_(0),
101 user_write_buf_len_(0),
104 transport_socket_(transport_socket.Pass()),
105 ssl_config_(ssl_config),
107 next_handshake_state_(STATE_NONE),
108 completed_handshake_(false) {
109 // TODO(hclam): Need a better way to clone a key.
110 std::vector<uint8> key_bytes;
111 CHECK(key->ExportPrivateKey(&key_bytes));
112 key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes));
116 SSLServerSocketNSS::~SSLServerSocketNSS() {
117 if (nss_fd_ != NULL) {
123 int SSLServerSocketNSS::Handshake(const CompletionCallback& callback) {
124 net_log_.BeginEvent(NetLog::TYPE_SSL_SERVER_HANDSHAKE);
128 LOG(ERROR) << "Failed to initialize NSS";
129 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
133 rv = InitializeSSLOptions();
135 LOG(ERROR) << "Failed to initialize SSL options";
136 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
140 // Set peer address. TODO(hclam): This should be in a separate method.
142 memset(&peername, 0, sizeof(peername));
143 peername.raw.family = AF_INET;
144 memio_SetPeerName(nss_fd_, &peername);
146 GotoState(STATE_HANDSHAKE);
147 rv = DoHandshakeLoop(OK);
148 if (rv == ERR_IO_PENDING) {
149 user_handshake_callback_ = callback;
151 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
154 return rv > OK ? OK : rv;
157 int SSLServerSocketNSS::ExportKeyingMaterial(const base::StringPiece& label,
159 const base::StringPiece& context,
161 unsigned int outlen) {
163 return ERR_SOCKET_NOT_CONNECTED;
164 SECStatus result = SSL_ExportKeyingMaterial(
165 nss_fd_, label.data(), label.size(), has_context,
166 reinterpret_cast<const unsigned char*>(context.data()),
167 context.length(), out, outlen);
168 if (result != SECSuccess) {
169 LogFailedNSSFunction(net_log_, "SSL_ExportKeyingMaterial", "");
170 return MapNSSError(PORT_GetError());
175 int SSLServerSocketNSS::GetTLSUniqueChannelBinding(std::string* out) {
177 return ERR_SOCKET_NOT_CONNECTED;
178 unsigned char buf[64];
180 SECStatus result = SSL_GetChannelBinding(nss_fd_,
181 SSL_CHANNEL_BINDING_TLS_UNIQUE,
182 buf, &len, arraysize(buf));
183 if (result != SECSuccess) {
184 LogFailedNSSFunction(net_log_, "SSL_GetChannelBinding", "");
185 return MapNSSError(PORT_GetError());
187 out->assign(reinterpret_cast<char*>(buf), len);
191 int SSLServerSocketNSS::Connect(const CompletionCallback& callback) {
193 return ERR_NOT_IMPLEMENTED;
196 int SSLServerSocketNSS::Read(IOBuffer* buf, int buf_len,
197 const CompletionCallback& callback) {
198 DCHECK(user_read_callback_.is_null());
199 DCHECK(user_handshake_callback_.is_null());
200 DCHECK(!user_read_buf_.get());
202 DCHECK(!callback.is_null());
204 user_read_buf_ = buf;
205 user_read_buf_len_ = buf_len;
207 DCHECK(completed_handshake_);
209 int rv = DoReadLoop(OK);
211 if (rv == ERR_IO_PENDING) {
212 user_read_callback_ = callback;
214 user_read_buf_ = NULL;
215 user_read_buf_len_ = 0;
220 int SSLServerSocketNSS::Write(IOBuffer* buf, int buf_len,
221 const CompletionCallback& callback) {
222 DCHECK(user_write_callback_.is_null());
223 DCHECK(!user_write_buf_.get());
225 DCHECK(!callback.is_null());
227 user_write_buf_ = buf;
228 user_write_buf_len_ = buf_len;
230 int rv = DoWriteLoop(OK);
232 if (rv == ERR_IO_PENDING) {
233 user_write_callback_ = callback;
235 user_write_buf_ = NULL;
236 user_write_buf_len_ = 0;
241 bool SSLServerSocketNSS::SetReceiveBufferSize(int32 size) {
242 return transport_socket_->SetReceiveBufferSize(size);
245 bool SSLServerSocketNSS::SetSendBufferSize(int32 size) {
246 return transport_socket_->SetSendBufferSize(size);
249 bool SSLServerSocketNSS::IsConnected() const {
250 return completed_handshake_;
253 void SSLServerSocketNSS::Disconnect() {
254 transport_socket_->Disconnect();
257 bool SSLServerSocketNSS::IsConnectedAndIdle() const {
258 return completed_handshake_ && transport_socket_->IsConnectedAndIdle();
261 int SSLServerSocketNSS::GetPeerAddress(IPEndPoint* address) const {
263 return ERR_SOCKET_NOT_CONNECTED;
264 return transport_socket_->GetPeerAddress(address);
267 int SSLServerSocketNSS::GetLocalAddress(IPEndPoint* address) const {
269 return ERR_SOCKET_NOT_CONNECTED;
270 return transport_socket_->GetLocalAddress(address);
273 const BoundNetLog& SSLServerSocketNSS::NetLog() const {
277 void SSLServerSocketNSS::SetSubresourceSpeculation() {
278 transport_socket_->SetSubresourceSpeculation();
281 void SSLServerSocketNSS::SetOmniboxSpeculation() {
282 transport_socket_->SetOmniboxSpeculation();
285 bool SSLServerSocketNSS::WasEverUsed() const {
286 return transport_socket_->WasEverUsed();
289 bool SSLServerSocketNSS::UsingTCPFastOpen() const {
290 return transport_socket_->UsingTCPFastOpen();
293 bool SSLServerSocketNSS::WasNpnNegotiated() const {
297 NextProto SSLServerSocketNSS::GetNegotiatedProtocol() const {
298 // NPN is not supported by this class.
299 return kProtoUnknown;
302 bool SSLServerSocketNSS::GetSSLInfo(SSLInfo* ssl_info) {
307 int SSLServerSocketNSS::InitializeSSLOptions() {
308 // Transport connected, now hook it up to nss
309 nss_fd_ = memio_CreateIOLayer(kRecvBufferSize, kSendBufferSize);
310 if (nss_fd_ == NULL) {
311 return ERR_OUT_OF_MEMORY; // TODO(port): map NSPR error code.
314 // Grab pointer to buffers
315 nss_bufs_ = memio_GetSecret(nss_fd_);
317 /* Create SSL state machine */
318 /* Push SSL onto our fake I/O socket */
319 nss_fd_ = SSL_ImportFD(NULL, nss_fd_);
320 if (nss_fd_ == NULL) {
321 LogFailedNSSFunction(net_log_, "SSL_ImportFD", "");
322 return ERR_OUT_OF_MEMORY; // TODO(port): map NSPR/NSS error code.
324 // TODO(port): set more ssl options! Check errors!
328 rv = SSL_OptionSet(nss_fd_, SSL_SECURITY, PR_TRUE);
329 if (rv != SECSuccess) {
330 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_SECURITY");
331 return ERR_UNEXPECTED;
334 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SSL2, PR_FALSE);
335 if (rv != SECSuccess) {
336 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_SSL2");
337 return ERR_UNEXPECTED;
340 SSLVersionRange version_range;
341 version_range.min = ssl_config_.version_min;
342 version_range.max = ssl_config_.version_max;
343 rv = SSL_VersionRangeSet(nss_fd_, &version_range);
344 if (rv != SECSuccess) {
345 LogFailedNSSFunction(net_log_, "SSL_VersionRangeSet", "");
346 return ERR_NO_SSL_VERSIONS_ENABLED;
349 if (ssl_config_.require_forward_secrecy) {
350 const PRUint16* const ssl_ciphers = SSL_GetImplementedCiphers();
351 const PRUint16 num_ciphers = SSL_GetNumImplementedCiphers();
353 // Require forward security by iterating over the cipher suites and
354 // disabling all those that don't use either DHE or ECDHE.
355 for (unsigned i = 0; i < num_ciphers; i++) {
356 SSLCipherSuiteInfo info;
357 if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info, sizeof(info)) ==
359 if (strcmp(info.keaTypeName, "ECDHE") != 0 &&
360 strcmp(info.keaTypeName, "DHE") != 0) {
361 SSL_CipherPrefSet(nss_fd_, ssl_ciphers[i], PR_FALSE);
367 for (std::vector<uint16>::const_iterator it =
368 ssl_config_.disabled_cipher_suites.begin();
369 it != ssl_config_.disabled_cipher_suites.end(); ++it) {
370 // This will fail if the specified cipher is not implemented by NSS, but
371 // the failure is harmless.
372 SSL_CipherPrefSet(nss_fd_, *it, PR_FALSE);
375 // Server socket doesn't need session tickets.
376 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_FALSE);
377 if (rv != SECSuccess) {
378 LogFailedNSSFunction(
379 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS");
382 // Doing this will force PR_Accept perform handshake as server.
383 rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_CLIENT, PR_FALSE);
384 if (rv != SECSuccess) {
385 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_HANDSHAKE_AS_CLIENT");
386 return ERR_UNEXPECTED;
389 rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
390 if (rv != SECSuccess) {
391 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_HANDSHAKE_AS_SERVER");
392 return ERR_UNEXPECTED;
395 rv = SSL_OptionSet(nss_fd_, SSL_REQUEST_CERTIFICATE, PR_FALSE);
396 if (rv != SECSuccess) {
397 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_REQUEST_CERTIFICATE");
398 return ERR_UNEXPECTED;
401 rv = SSL_OptionSet(nss_fd_, SSL_REQUIRE_CERTIFICATE, PR_FALSE);
402 if (rv != SECSuccess) {
403 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_REQUIRE_CERTIFICATE");
404 return ERR_UNEXPECTED;
407 rv = SSL_AuthCertificateHook(nss_fd_, OwnAuthCertHandler, this);
408 if (rv != SECSuccess) {
409 LogFailedNSSFunction(net_log_, "SSL_AuthCertificateHook", "");
410 return ERR_UNEXPECTED;
413 rv = SSL_HandshakeCallback(nss_fd_, HandshakeCallback, this);
414 if (rv != SECSuccess) {
415 LogFailedNSSFunction(net_log_, "SSL_HandshakeCallback", "");
416 return ERR_UNEXPECTED;
419 // Get a certificate of CERTCertificate structure.
420 std::string der_string;
421 if (!X509Certificate::GetDEREncoded(cert_->os_cert_handle(), &der_string))
422 return ERR_UNEXPECTED;
425 der_cert.data = reinterpret_cast<unsigned char*>(const_cast<char*>(
427 der_cert.len = der_string.length();
428 der_cert.type = siDERCertBuffer;
430 // Parse into a CERTCertificate structure.
431 CERTCertificate* cert = CERT_NewTempCertificate(
432 CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE);
434 LogFailedNSSFunction(net_log_, "CERT_NewTempCertificate", "");
435 return MapNSSError(PORT_GetError());
438 // Get a key of SECKEYPrivateKey* structure.
439 std::vector<uint8> key_vector;
440 if (!key_->ExportPrivateKey(&key_vector)) {
441 CERT_DestroyCertificate(cert);
442 return ERR_UNEXPECTED;
445 SECKEYPrivateKeyStr* private_key = NULL;
446 PK11SlotInfo* slot = crypto::GetPrivateNSSKeySlot();
448 CERT_DestroyCertificate(cert);
449 return ERR_UNEXPECTED;
452 SECItem der_private_key_info;
453 der_private_key_info.data =
454 const_cast<unsigned char*>(&key_vector.front());
455 der_private_key_info.len = key_vector.size();
456 // The server's RSA private key must be imported into NSS with the
457 // following key usage bits:
458 // - KU_KEY_ENCIPHERMENT, required for the RSA key exchange algorithm.
459 // - KU_DIGITAL_SIGNATURE, required for the DHE_RSA and ECDHE_RSA key
460 // exchange algorithms.
461 const unsigned int key_usage = KU_KEY_ENCIPHERMENT | KU_DIGITAL_SIGNATURE;
462 rv = PK11_ImportDERPrivateKeyInfoAndReturnKey(
463 slot, &der_private_key_info, NULL, NULL, PR_FALSE, PR_FALSE,
464 key_usage, &private_key, NULL);
466 if (rv != SECSuccess) {
467 CERT_DestroyCertificate(cert);
468 return ERR_UNEXPECTED;
471 // Assign server certificate and private key.
472 SSLKEAType cert_kea = NSS_FindCertKEAType(cert);
473 rv = SSL_ConfigSecureServer(nss_fd_, cert, private_key, cert_kea);
474 CERT_DestroyCertificate(cert);
475 SECKEY_DestroyPrivateKey(private_key);
477 if (rv != SECSuccess) {
478 PRErrorCode prerr = PR_GetError();
479 LOG(ERROR) << "Failed to config SSL server: " << prerr;
480 LogFailedNSSFunction(net_log_, "SSL_ConfigureSecureServer", "");
481 return ERR_UNEXPECTED;
484 // Tell SSL we're a server; needed if not letting NSPR do socket I/O
485 rv = SSL_ResetHandshake(nss_fd_, PR_TRUE);
486 if (rv != SECSuccess) {
487 LogFailedNSSFunction(net_log_, "SSL_ResetHandshake", "");
488 return ERR_UNEXPECTED;
494 void SSLServerSocketNSS::OnSendComplete(int result) {
495 if (next_handshake_state_ == STATE_HANDSHAKE) {
496 // In handshake phase.
497 OnHandshakeIOComplete(result);
501 if (!completed_handshake_)
504 if (user_write_buf_.get()) {
505 int rv = DoWriteLoop(result);
506 if (rv != ERR_IO_PENDING)
509 // Ensure that any queued ciphertext is flushed.
514 void SSLServerSocketNSS::OnRecvComplete(int result) {
515 if (next_handshake_state_ == STATE_HANDSHAKE) {
516 // In handshake phase.
517 OnHandshakeIOComplete(result);
521 // Network layer received some data, check if client requested to read
523 if (!user_read_buf_.get() || !completed_handshake_)
526 int rv = DoReadLoop(result);
527 if (rv != ERR_IO_PENDING)
531 void SSLServerSocketNSS::OnHandshakeIOComplete(int result) {
532 int rv = DoHandshakeLoop(result);
533 if (rv != ERR_IO_PENDING) {
534 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
535 if (!user_handshake_callback_.is_null())
536 DoHandshakeCallback(rv);
541 // > 0 for bytes transferred immediately,
542 // < 0 for error (or the non-error ERR_IO_PENDING).
543 int SSLServerSocketNSS::BufferSend(void) {
544 if (transport_send_busy_)
545 return ERR_IO_PENDING;
549 unsigned int len1, len2;
550 memio_GetWriteParams(nss_bufs_, &buf1, &len1, &buf2, &len2);
551 const unsigned int len = len1 + len2;
555 scoped_refptr<IOBuffer> send_buffer(new IOBuffer(len));
556 memcpy(send_buffer->data(), buf1, len1);
557 memcpy(send_buffer->data() + len1, buf2, len2);
558 rv = transport_socket_->Write(
561 base::Bind(&SSLServerSocketNSS::BufferSendComplete,
562 base::Unretained(this)));
563 if (rv == ERR_IO_PENDING) {
564 transport_send_busy_ = true;
566 memio_PutWriteResult(nss_bufs_, MapErrorToNSS(rv));
573 void SSLServerSocketNSS::BufferSendComplete(int result) {
574 memio_PutWriteResult(nss_bufs_, MapErrorToNSS(result));
575 transport_send_busy_ = false;
576 OnSendComplete(result);
579 int SSLServerSocketNSS::BufferRecv(void) {
580 if (transport_recv_busy_) return ERR_IO_PENDING;
583 int nb = memio_GetReadParams(nss_bufs_, &buf);
586 // buffer too full to read into, so no I/O possible at moment
589 recv_buffer_ = new IOBuffer(nb);
590 rv = transport_socket_->Read(
593 base::Bind(&SSLServerSocketNSS::BufferRecvComplete,
594 base::Unretained(this)));
595 if (rv == ERR_IO_PENDING) {
596 transport_recv_busy_ = true;
599 memcpy(buf, recv_buffer_->data(), rv);
600 memio_PutReadResult(nss_bufs_, MapErrorToNSS(rv));
607 void SSLServerSocketNSS::BufferRecvComplete(int result) {
610 memio_GetReadParams(nss_bufs_, &buf);
611 memcpy(buf, recv_buffer_->data(), result);
614 memio_PutReadResult(nss_bufs_, MapErrorToNSS(result));
615 transport_recv_busy_ = false;
616 OnRecvComplete(result);
619 // Do as much network I/O as possible between the buffer and the
620 // transport socket. Return true if some I/O performed, false
621 // otherwise (error or ERR_IO_PENDING).
622 bool SSLServerSocketNSS::DoTransportIO() {
623 bool network_moved = false;
624 if (nss_bufs_ != NULL) {
626 // Read and write as much data as we can. The loop is neccessary
627 // because Write() may return synchronously.
631 network_moved = true;
633 if (BufferRecv() >= 0)
634 network_moved = true;
636 return network_moved;
639 int SSLServerSocketNSS::DoPayloadRead() {
640 DCHECK(user_read_buf_.get());
641 DCHECK_GT(user_read_buf_len_, 0);
642 int rv = PR_Read(nss_fd_, user_read_buf_->data(), user_read_buf_len_);
645 PRErrorCode prerr = PR_GetError();
646 if (prerr == PR_WOULD_BLOCK_ERROR) {
647 return ERR_IO_PENDING;
649 rv = MapNSSError(prerr);
650 net_log_.AddEvent(NetLog::TYPE_SSL_READ_ERROR,
651 CreateNetLogSSLErrorCallback(rv, prerr));
655 int SSLServerSocketNSS::DoPayloadWrite() {
656 DCHECK(user_write_buf_.get());
657 int rv = PR_Write(nss_fd_, user_write_buf_->data(), user_write_buf_len_);
660 PRErrorCode prerr = PR_GetError();
661 if (prerr == PR_WOULD_BLOCK_ERROR) {
662 return ERR_IO_PENDING;
664 rv = MapNSSError(prerr);
665 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR,
666 CreateNetLogSSLErrorCallback(rv, prerr));
670 int SSLServerSocketNSS::DoHandshakeLoop(int last_io_result) {
671 int rv = last_io_result;
673 // Default to STATE_NONE for next state.
674 // (This is a quirk carried over from the windows
675 // implementation. It makes reading the logs a bit harder.)
676 // State handlers can and often do call GotoState just
677 // to stay in the current state.
678 State state = next_handshake_state_;
679 GotoState(STATE_NONE);
681 case STATE_HANDSHAKE:
687 LOG(DFATAL) << "unexpected state " << state;
691 // Do the actual network I/O
692 bool network_moved = DoTransportIO();
693 if (network_moved && next_handshake_state_ == STATE_HANDSHAKE) {
694 // In general we exit the loop if rv is ERR_IO_PENDING. In this
695 // special case we keep looping even if rv is ERR_IO_PENDING because
696 // the transport IO may allow DoHandshake to make progress.
697 rv = OK; // This causes us to stay in the loop.
699 } while (rv != ERR_IO_PENDING && next_handshake_state_ != STATE_NONE);
703 int SSLServerSocketNSS::DoReadLoop(int result) {
704 DCHECK(completed_handshake_);
705 DCHECK(next_handshake_state_ == STATE_NONE);
711 LOG(DFATAL) << "!nss_bufs_";
712 int rv = ERR_UNEXPECTED;
713 net_log_.AddEvent(NetLog::TYPE_SSL_READ_ERROR,
714 CreateNetLogSSLErrorCallback(rv, 0));
721 rv = DoPayloadRead();
722 network_moved = DoTransportIO();
723 } while (rv == ERR_IO_PENDING && network_moved);
727 int SSLServerSocketNSS::DoWriteLoop(int result) {
728 DCHECK(completed_handshake_);
729 DCHECK(next_handshake_state_ == STATE_NONE);
735 LOG(DFATAL) << "!nss_bufs_";
736 int rv = ERR_UNEXPECTED;
737 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR,
738 CreateNetLogSSLErrorCallback(rv, 0));
745 rv = DoPayloadWrite();
746 network_moved = DoTransportIO();
747 } while (rv == ERR_IO_PENDING && network_moved);
751 int SSLServerSocketNSS::DoHandshake() {
753 SECStatus rv = SSL_ForceHandshake(nss_fd_);
755 if (rv == SECSuccess) {
756 completed_handshake_ = true;
758 PRErrorCode prerr = PR_GetError();
759 net_error = MapNSSError(prerr);
761 // If not done, stay in this state
762 if (net_error == ERR_IO_PENDING) {
763 GotoState(STATE_HANDSHAKE);
765 LOG(ERROR) << "handshake failed; NSS error code " << prerr
766 << ", net_error " << net_error;
767 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR,
768 CreateNetLogSSLErrorCallback(net_error, prerr));
774 void SSLServerSocketNSS::DoHandshakeCallback(int rv) {
775 DCHECK_NE(rv, ERR_IO_PENDING);
777 CompletionCallback c = user_handshake_callback_;
778 user_handshake_callback_.Reset();
779 c.Run(rv > OK ? OK : rv);
782 void SSLServerSocketNSS::DoReadCallback(int rv) {
783 DCHECK(rv != ERR_IO_PENDING);
784 DCHECK(!user_read_callback_.is_null());
786 // Since Run may result in Read being called, clear |user_read_callback_|
788 CompletionCallback c = user_read_callback_;
789 user_read_callback_.Reset();
790 user_read_buf_ = NULL;
791 user_read_buf_len_ = 0;
795 void SSLServerSocketNSS::DoWriteCallback(int rv) {
796 DCHECK(rv != ERR_IO_PENDING);
797 DCHECK(!user_write_callback_.is_null());
799 // Since Run may result in Write being called, clear |user_write_callback_|
801 CompletionCallback c = user_write_callback_;
802 user_write_callback_.Reset();
803 user_write_buf_ = NULL;
804 user_write_buf_len_ = 0;
809 // NSS calls this if an incoming certificate needs to be verified.
810 // Do nothing but return SECSuccess.
811 // This is called only in full handshake mode.
812 // Peer certificate is retrieved in HandshakeCallback() later, which is called
813 // in full handshake mode or in resumption handshake mode.
814 SECStatus SSLServerSocketNSS::OwnAuthCertHandler(void* arg,
818 // TODO(hclam): Implement.
819 // Tell NSS to not verify the certificate.
824 // NSS calls this when handshake is completed.
825 // After the SSL handshake is finished we need to verify the certificate.
826 void SSLServerSocketNSS::HandshakeCallback(PRFileDesc* socket,
828 // TODO(hclam): Implement.
831 int SSLServerSocketNSS::Init() {
832 // Initialize the NSS SSL library in a threadsafe way. This also
833 // initializes the NSS base library.
835 if (!NSS_IsInitialized())
836 return ERR_UNEXPECTED;
838 EnableSSLServerSockets();