Fix 166711: SSLSocket.setCipherPreference does the wrong thing.

security/jss/org/mozilla/jss/ssl/SSLClient.java

@@ -144,7 +144,7 @@ public class SSLClient
 	  results.println(htmlHeader);
 	results.println("SSL Client Tester");
 	results.println(
-			"$Id: SSLClient.java,v 1.4 2001/09/08 01:53:32 nicolson%netscape.com Exp $ " + 
+			"$Id: SSLClient.java,v 1.5 2002/09/05 01:16:59 nicolson%netscape.com Exp $ " + 
 			versionStr );
 	
 	SSLSocket s;
@@ -436,14 +436,14 @@ public class SSLClient
 	   i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) {
 //	SSLSocket.setPermittedByPolicy(i, SSLSocket.SSL_ALLOWED);
         if( i != 0xFF05 ) {
-            SSLSocket.setCipherPreference( i, true);
+            SSLSocket.setCipherPreferenceDefault( i, true);
         }
       }
       
       /* enable all the SSL3 cipher suites */
       for (i = 0; cipherSuites[i] != 0;  ++i) {
 //	SSLSocket.setPermittedByPolicy(cipherSuites[i], SSLSocket.SSL_ALLOWED);
-	SSLSocket.setCipherPreference( cipherSuites[i], true);
+	SSLSocket.setCipherPreferenceDefault( cipherSuites[i], true);
       }
       
       SSLClient x = new SSLClient(System.out, "Stand alone Ver 0.01", argv);

security/jss/org/mozilla/jss/ssl/SSLServer.java

@@ -355,13 +355,13 @@ public class SSLServer
 	for (i = SSLSocket.SSL2_RC4_128_WITH_MD5;
 	     i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) {
 //	    SSLSocket.setPermittedByPolicy(i, SSLSocket.SSL_ALLOWED);
-	    SSLSocket.setCipherPreference( i, true);
+	    SSLSocket.setCipherPreferenceDefault( i, true);
 	}
 
 	/* enable all the SSL3 cipher suites */
 	for (i = 0; cipherSuites[i] != 0;  ++i) {
 //	    SSLSocket.setPermittedByPolicy(cipherSuites[i], SSLSocket.SSL_ALLOWED);
-	    SSLSocket.setCipherPreference( cipherSuites[i], true);
+	    SSLSocket.setCipherPreferenceDefault( cipherSuites[i], true);
 	}
 
 	SSLServer x = new SSLServer(System.out, "Stand alone Ver 0.01");

security/jss/org/mozilla/jss/ssl/SSLServerSocket.java

@@ -226,7 +226,8 @@ public class SSLServerSocket extends java.net.ServerSocket {
      *  is used: <code>/tmp</code> on Unix and <code>\\temp</code> on Windows.
      */
     public static native void configServerSessionIDCache(int maxSidEntries,
-        int ssl2EntryTimeout, int ssl3EntryTimeout, String cacheFileDirectory);
+        int ssl2EntryTimeout, int ssl3EntryTimeout, String cacheFileDirectory)
+        throws SocketException;
 
     /**
      * Sets the certificate to use for server authentication.

security/jss/org/mozilla/jss/ssl/SSLSocket.c

@@ -572,7 +572,61 @@ finish:
 
 JNIEXPORT void JNICALL
 Java_org_mozilla_jss_ssl_SSLSocket_setCipherPreference(
-    JNIEnv *env, jobject clazz, jint cipher, jboolean enable)
+    JNIEnv *env, jobject sockObj, jint cipher, jboolean enable)
+{
+    JSSL_SocketData *sock=NULL;
+    SECStatus status;
+
+    /* get the fd */
+    if( JSSL_getSockData(env, sockObj, &sock) != PR_SUCCESS) {
+        /* exception was thrown */
+        goto finish;
+    }
+
+    status = SSL_CipherPrefSet(sock->fd, cipher, enable);
+    if( status != SECSuccess ) {
+        char buf[128];
+        PR_snprintf(buf, 128, "Failed to %s cipher 0x%lx\n",
+            (enable ? "enable" : "disable"), cipher);
+        JSSL_throwSSLSocketException(env, buf);
+        goto finish;
+    }
+
+finish:
+    EXCEPTION_CHECK(env, sock);
+}
+
+JNIEXPORT jboolean JNICALL
+Java_org_mozilla_jss_ssl_SSLSocket_getCipherPreference(
+    JNIEnv *env, jobject sockObj, jint cipher)
+{
+    JSSL_SocketData *sock=NULL;
+    SECStatus status;
+    PRBool enabled;
+
+    /* get the fd */
+    if( JSSL_getSockData(env, sockObj, &sock) != PR_SUCCESS) {
+        /* exception was thrown */
+        goto finish;
+    }
+
+    status = SSL_CipherPrefGet(sock->fd, cipher, &enabled);
+    if( status != SECSuccess ) {
+        char buf[128];
+        PR_snprintf(buf, 128, "Failed to get preference for cipher 0x%lx\n",
+            cipher);
+        JSSL_throwSSLSocketException(env, buf);
+        goto finish;
+    }
+
+finish:
+    EXCEPTION_CHECK(env, sock);
+    return enabled;
+}
+
+JNIEXPORT void JNICALL
+Java_org_mozilla_jss_ssl_SSLSocket_setCipherPreferenceDefault(
+    JNIEnv *env, jclass clazz, jint cipher, jboolean enable)
 {
     SECStatus status;
 
@@ -590,6 +644,27 @@ finish:
     return;
 }
 
+JNIEXPORT jboolean JNICALL
+Java_org_mozilla_jss_ssl_SSLSocket_getCipherPreferenceDefault(
+    JNIEnv *env, jclass clazz, jint cipher)
+{
+    SECStatus status;
+    PRBool enabled;
+
+    /* get the preference */
+    status = SSL_CipherPrefGetDefault(cipher, &enabled);
+    if(status != SECSuccess) {
+        char buf[128];
+        PR_snprintf(buf, 128, "Failed to get default preference for "
+            "cipher 0x%lx\n", cipher);
+        JSSL_throwSSLSocketException(env, buf);
+        goto finish;
+    }
+
+finish:
+    return enabled;
+}
+
 JNIEXPORT jint JNICALL 
 Java_org_mozilla_jss_ssl_SSLSocket_socketRead(JNIEnv *env, jobject self, 
     jbyteArray bufBA, jint off, jint len, jint timeout)

security/jss/org/mozilla/jss/ssl/SSLSocket.java

@@ -618,10 +618,28 @@ public class SSLSocket extends java.net.Socket {
         throws SocketException;
 
     /**
-     * Enables/disables the given cipher on this socket.
+     * Enables/disables the cipher on this socket.
      */
-    public static native void setCipherPreference( int cipher,
-        boolean enable);
+    public native void setCipherPreference(int cipher, boolean enable)
+        throws SocketException;
+
+    /**
+     * Returns whether this cipher is enabled or disabled on this socket.
+     */
+    public native boolean getCipherPreference( int cipher)
+        throws SocketException;
+
+    /**
+     * Sets the default for whether this cipher is enabled or disabled.
+     */
+    public static native void setCipherPreferenceDefault(int cipher,
+        boolean enable) throws SocketException;
+
+    /**
+     * Returns the default for whether this cipher is enabled or disabled.
+     */
+    public static native boolean getCipherPreferenceDefault(int cipher)
+        throws SocketException;
 
     native int socketAvailable()
         throws IOException;

security/jss/org/mozilla/jss/ssl/SocketBase.java

@@ -174,7 +174,6 @@ class SocketBase {
         try {
             return convertIntToInetAddress( getPeerAddressNative() );
         } catch(SocketException e) {
-            e.printStackTrace();
             return null;
         }
     }
@@ -187,7 +186,6 @@ class SocketBase {
         try {
             return convertIntToInetAddress( getLocalAddressNative() );
         } catch(SocketException e) {
-            e.printStackTrace();
             return null;
         }
     }
@@ -197,7 +195,6 @@ class SocketBase {
         try {
             return getLocalPortNative();
         } catch(SocketException e) {
-            e.printStackTrace();
             return 0;
         }
     }