Lines Matching refs:ssl
48 static kssl_status_t kssl_build_single_record(ssl_t *ssl, mblk_t *mp);
299 ssl_t *ssl = (ssl_t *)ksslctx; in kssl_async_done() local
301 mutex_enter(&ssl->kssl_lock); in kssl_async_done()
302 if (--ssl->async_ops_pending == 0) in kssl_async_done()
303 cv_signal(&ssl->async_cv); in kssl_async_done()
304 mutex_exit(&ssl->kssl_lock); in kssl_async_done()
329 ssl_t *ssl; in kssl_input() local
341 ssl = (ssl_t *)(ctx); in kssl_input()
346 mutex_enter(&ssl->kssl_lock); in kssl_input()
348 if (ssl->close_notify_clnt == B_TRUE) { in kssl_input()
354 if (ssl->activeinput) { in kssl_input()
356 KSSL_ENQUEUE_MP(ssl, mp); in kssl_input()
358 mutex_exit(&ssl->kssl_lock); in kssl_input()
368 if ((!ssl->activeinput) && (ssl->rec_ass_head == NULL) && in kssl_input()
375 (ssl->hs_waitstate == idle_handshake)) { in kssl_input()
382 mutex_exit(&ssl->kssl_lock); in kssl_input()
388 ssl->activeinput = B_TRUE; in kssl_input()
391 KSSL_ENQUEUE_MP(ssl, mp); in kssl_input()
394 recmp = kssl_get_next_record(ssl); in kssl_input()
397 ssl->activeinput = B_FALSE; in kssl_input()
398 if (ssl->alert_sendbuf != NULL) { in kssl_input()
403 mutex_exit(&ssl->kssl_lock); in kssl_input()
421 ssl->activeinput = B_FALSE; in kssl_input()
422 if (ssl->hs_waitstate != idle_handshake) { in kssl_input()
441 if (ssl->hs_waitstate == idle_handshake) { in kssl_input()
442 ssl->activeinput = B_FALSE; in kssl_input()
446 kssl_cmd = kssl_handle_any_record(ssl, recmp, in kssl_input()
451 ssl->activeinput = B_FALSE; in kssl_input()
457 if (ssl->alert_sendbuf != NULL) { in kssl_input()
463 if (ssl->handshake_sendbuf) { in kssl_input()
465 linkb(*decrmp, ssl->handshake_sendbuf); in kssl_input()
467 *decrmp = ssl->handshake_sendbuf; in kssl_input()
469 ssl->handshake_sendbuf = NULL; in kssl_input()
471 *more = ((ssl->rec_ass_head != NULL) && in kssl_input()
472 (!ssl->activeinput)); in kssl_input()
473 mutex_exit(&ssl->kssl_lock); in kssl_input()
477 if (ssl->hs_waitstate == idle_handshake) { in kssl_input()
478 *more = ((ssl->rec_ass_head != NULL) && in kssl_input()
479 (!ssl->activeinput)); in kssl_input()
489 mutex_exit(&ssl->kssl_lock); in kssl_input()
495 if (ssl->activeinput) { in kssl_input()
496 mutex_exit(&ssl->kssl_lock); in kssl_input()
499 } while ((recmp = kssl_get_next_record(ssl)) != NULL); in kssl_input()
501 mutex_exit(&ssl->kssl_lock); in kssl_input()
505 kssl_send_alert(ssl, alert_fatal, unexpected_message); in kssl_input()
511 *decrmp = ssl->alert_sendbuf; in kssl_input()
512 ssl->alert_sendbuf = NULL; in kssl_input()
513 mutex_exit(&ssl->kssl_lock); in kssl_input()
532 ssl_t *ssl; in kssl_handle_mblk() local
541 ssl = (ssl_t *)(ctx); in kssl_handle_mblk()
593 mutex_enter(&ssl->kssl_lock); in kssl_handle_mblk()
595 kssl_cmd = kssl_handle_any_record(ssl, mp, outmp, in kssl_handle_mblk()
598 if (ssl->alert_sendbuf != NULL) { in kssl_handle_mblk()
603 mutex_exit(&ssl->kssl_lock); in kssl_handle_mblk()
639 spec = &ssl->spec[KSSL_READ]; in kssl_handle_mblk()
699 ret = kssl_compute_record_mac(ssl, KSSL_READ, in kssl_handle_mblk()
700 ssl->seq_num[KSSL_READ], content_type, in kssl_handle_mblk()
712 ssl->seq_num[KSSL_READ]++; in kssl_handle_mblk()
715 if (ssl->hs_waitstate != idle_handshake) { in kssl_handle_mblk()
717 SSL3WaitState, ssl->hs_waitstate); in kssl_handle_mblk()
737 mutex_enter(&ssl->kssl_lock); in kssl_handle_mblk()
738 kssl_send_alert(ssl, alert_fatal, desc); in kssl_handle_mblk()
740 if (ssl->alert_sendbuf == NULL) { in kssl_handle_mblk()
743 mutex_exit(&ssl->kssl_lock); in kssl_handle_mblk()
755 *outmp = ssl->alert_sendbuf; in kssl_handle_mblk()
757 linkb(*outmp, ssl->alert_sendbuf); in kssl_handle_mblk()
759 ssl->alert_sendbuf = NULL; in kssl_handle_mblk()
760 mutex_exit(&ssl->kssl_lock); in kssl_handle_mblk()
795 ssl_t *ssl; in kssl_handle_any_record() local
801 ssl = (ssl_t *)(ctx); in kssl_handle_any_record()
808 ASSERT(MUTEX_HELD(&ssl->kssl_lock)); in kssl_handle_any_record()
812 if (ssl->hs_waitstate == wait_client_hello) { in kssl_handle_any_record()
817 ssl->major_version = version[0] = mp->b_rptr[3]; in kssl_handle_any_record()
818 ssl->minor_version = version[1] = mp->b_rptr[4]; in kssl_handle_any_record()
822 ssl->major_version = mp->b_rptr[3]; in kssl_handle_any_record()
823 ssl->minor_version = mp->b_rptr[4]; in kssl_handle_any_record()
831 ssl->major_version = version[0] = mp->b_rptr[1]; in kssl_handle_any_record()
832 ssl->minor_version = version[1] = mp->b_rptr[2]; in kssl_handle_any_record()
855 spec = &ssl->spec[KSSL_READ]; in kssl_handle_any_record()
910 ret = kssl_compute_record_mac(ssl, KSSL_READ, in kssl_handle_any_record()
911 ssl->seq_num[KSSL_READ], content_type, in kssl_handle_any_record()
923 ssl->seq_num[KSSL_READ]++; in kssl_handle_any_record()
935 ssl->hs_waitstate == idle_handshake) { in kssl_handle_any_record()
946 if (ssl->hs_waitstate == wait_client_key_done) in kssl_handle_any_record()
949 return ((ssl->handshake_sendbuf != NULL) ? in kssl_handle_any_record()
952 if (ssl->msg.state < MSG_BODY) { in kssl_handle_any_record()
953 if (ssl->msg.state == MSG_INIT) { in kssl_handle_any_record()
954 ssl->msg.type = in kssl_handle_any_record()
956 ssl->msg.state = MSG_INIT_LEN; in kssl_handle_any_record()
958 if (ssl->msg.state == MSG_INIT_LEN) { in kssl_handle_any_record()
960 ssl->msg.msglen_bytes; in kssl_handle_any_record()
961 int msglen = ssl->msg.msglen; in kssl_handle_any_record()
968 ssl->msg.msglen_bytes = msglenb; in kssl_handle_any_record()
969 ssl->msg.msglen = msglen; in kssl_handle_any_record()
971 ssl->msg.state = MSG_BODY; in kssl_handle_any_record()
980 ASSERT(ssl->msg.state == MSG_BODY); in kssl_handle_any_record()
984 if (ssl->msg.head == NULL && in kssl_handle_any_record()
985 ssl->msg.msglen <= sz) { in kssl_handle_any_record()
988 if (ssl->msg.head != NULL) { in kssl_handle_any_record()
989 sz += msgdsize(ssl->msg.head); in kssl_handle_any_record()
990 if (ssl->msg.msglen <= sz) { in kssl_handle_any_record()
991 ssl->msg.tail->b_cont = mp; in kssl_handle_any_record()
992 mp = ssl->msg.head; in kssl_handle_any_record()
993 ssl->sslcnt = 100; in kssl_handle_any_record()
994 ssl->msg.head = NULL; in kssl_handle_any_record()
995 ssl->msg.tail = NULL; in kssl_handle_any_record()
1010 if (ssl->msg.head == NULL) { in kssl_handle_any_record()
1011 ssl->msg.head = mp; in kssl_handle_any_record()
1012 ssl->msg.tail = mp; in kssl_handle_any_record()
1015 ssl->msg.tail->b_cont = mp; in kssl_handle_any_record()
1016 ssl->msg.tail = mp; in kssl_handle_any_record()
1019 } while (kssl_handle_handshake_message(ssl, mp, &error, cbfn, in kssl_handle_any_record()
1027 if (ssl->hs_waitstate == wait_client_key_done) { in kssl_handle_any_record()
1044 if (ssl->sid.cached == B_TRUE) { in kssl_handle_any_record()
1045 kssl_uncache_sid(&ssl->sid, in kssl_handle_any_record()
1046 ssl->kssl_entry); in kssl_handle_any_record()
1051 ssl->fatal_alert = B_TRUE; in kssl_handle_any_record()
1055 ssl->close_notify_clnt = B_TRUE; in kssl_handle_any_record()
1056 ssl->activeinput = B_FALSE; in kssl_handle_any_record()
1064 if (ssl->hs_waitstate != wait_change_cipher) { in kssl_handle_any_record()
1070 ssl->hs_waitstate = wait_finished; in kssl_handle_any_record()
1071 ssl->seq_num[KSSL_READ] = 0; in kssl_handle_any_record()
1072 if ((error = kssl_spec_init(ssl, KSSL_READ)) != 0) { in kssl_handle_any_record()
1077 ssl->activeinput = B_FALSE; in kssl_handle_any_record()
1088 if (ssl->hs_waitstate != idle_handshake) { in kssl_handle_any_record()
1096 ssl->activeinput = B_FALSE; in kssl_handle_any_record()
1102 error = kssl_handle_v2client_hello(ssl, mp, rec_sz); in kssl_handle_any_record()
1123 kssl_send_alert(ssl, alert_fatal, desc); in kssl_handle_any_record()
1124 *decrmp = ssl->alert_sendbuf; in kssl_handle_any_record()
1125 ssl->alert_sendbuf = NULL; in kssl_handle_any_record()
1141 ssl_t *ssl = kmem_cache_alloc(kssl_cache, KM_NOSLEEP); in kssl_init_context() local
1144 if (ssl == NULL) { in kssl_init_context()
1148 bzero(ssl, sizeof (ssl_t)); in kssl_init_context()
1150 ssl->kssl_entry = (kssl_entry_t *)kssl_ent; in kssl_init_context()
1151 KSSL_ENTRY_REFHOLD(ssl->kssl_entry); in kssl_init_context()
1154 IN6_IPADDR_TO_V4MAPPED(sin->sin_addr.s_addr, &ssl->faddr); in kssl_init_context()
1157 ssl->faddr = ((struct sockaddr_in6 *)addr)->sin6_addr; in kssl_init_context()
1159 ssl->tcp_mss = mss; in kssl_init_context()
1160 ssl->sendalert_level = alert_warning; in kssl_init_context()
1161 ssl->sendalert_desc = close_notify; in kssl_init_context()
1162 ssl->sid.cached = B_FALSE; in kssl_init_context()
1164 *kssl_ctxp = (kssl_ctx_t)ssl; in kssl_init_context()
1171 ssl_t *ssl = (ssl_t *)ctx; in kssl_set_mss() local
1172 ssl->tcp_mss = mss; in kssl_set_mss()
1186 ssl_t *ssl = (ssl_t *)ctx; in kssl_build_record() local
1189 ASSERT(ssl != NULL); in kssl_build_record()
1204 if (mp == NULL && !ssl->close_notify_srvr) { in kssl_build_record()
1205 kssl_send_alert(ssl, alert_warning, close_notify); in kssl_build_record()
1206 if (ssl->alert_sendbuf == NULL) in kssl_build_record()
1208 mp = bp = retmp = prevbp = ssl->alert_sendbuf; in kssl_build_record()
1209 ssl->alert_sendbuf = NULL; in kssl_build_record()
1210 ssl->close_notify_srvr = B_TRUE; in kssl_build_record()
1236 if (kssl_build_single_record(ssl, bp) != KSSL_STS_OK) in kssl_build_record()
1257 kssl_build_single_record(ssl_t *ssl, mblk_t *mp) in kssl_build_single_record() argument
1266 spec = &ssl->spec[KSSL_WRITE]; in kssl_build_single_record()
1274 if (!ssl->close_notify_srvr) in kssl_build_single_record()
1281 mutex_enter(&ssl->kssl_lock); in kssl_build_single_record()
1284 if (!ssl->close_notify_srvr) { in kssl_build_single_record()
1289 recstart[1] = ssl->major_version; in kssl_build_single_record()
1290 recstart[2] = ssl->minor_version; in kssl_build_single_record()
1305 if (kssl_mac_encrypt_record(ssl, recstart[0], versionp, in kssl_build_single_record()
1308 mutex_exit(&ssl->kssl_lock); in kssl_build_single_record()
1315 mutex_exit(&ssl->kssl_lock); in kssl_build_single_record()