net/third_party/nss/ssl/ssl3con.c - Issue 12327032: When performing an SSL renegotiation and requesting a certificate status, clear any existing certif…

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 12327032: When performing an SSL renegotiation and requesting a certificate status, clear any existing certif… (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Review feedback Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /* -- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -- */	1 /* -- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -- */

2 /*	2 /*

3 * SSL3 Protocol	3 * SSL3 Protocol

4 *	4 *

5 * This Source Code Form is subject to the terms of the Mozilla Public	5 * This Source Code Form is subject to the terms of the Mozilla Public

6 * License, v. 2.0. If a copy of the MPL was not distributed with this	6 * License, v. 2.0. If a copy of the MPL was not distributed with this

7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */	7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */	8 /* $Id: ssl3con.c,v 1.192 2012/09/28 05:10:25 wtc%google.com Exp $ */

9	9

10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */	10 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */

(...skipping 4166 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
4177 if (rv != SECSuccess) {	4177 if (rv != SECSuccess) {

4178 return rv; /* ssl3_InitState has set the error code. */	4178 return rv; /* ssl3_InitState has set the error code. */

4179 }	4179 }

4180 ss->ssl3.hs.sendingSCSV = PR_FALSE; /* Must be reset every handshake */	4180 ss->ssl3.hs.sendingSCSV = PR_FALSE; /* Must be reset every handshake */

4181 PORT_Assert(IS_DTLS(ss) \|\| !resending);	4181 PORT_Assert(IS_DTLS(ss) \|\| !resending);

4182	4182

4183 /* We might be starting a session renegotiation in which case we should	4183 /* We might be starting a session renegotiation in which case we should

4184 * clear previous state.	4184 * clear previous state.

4185 */	4185 */

4186 PORT_Memset(&ss->xtnData, 0, sizeof(TLSExtensionData));	4186 PORT_Memset(&ss->xtnData, 0, sizeof(TLSExtensionData));

	4187 ss->ssl3.hs.may_get_cert_status = PR_FALSE;

	4188 if (ss->ssl3.hs.cert_status.data) {

	4189 SECITEM_FreeItem(&ss->ssl3.hs.cert_status, PR_FALSE);

	4190 }
	wtc 2013/02/25 23:59:21 This is a good place to clear these two members. This is a good place to clear these two members. NOTE: This bug seems similar to a bug you fixed before: ---------------------------- revision 1.150 date: 2011/01/22 02:25:06; author: wtc%google.com; state: Exp; lines: +20 -22 Bug 616757: in ssl3_SendCertificateVerify, we must destroy ss->ssl3.clientPrivateKey for all key exchange algorithms, otherwise we will send a Certificate message in renegotiation even if the renegotiation doesn't request client auth. Move the cleanup of clientCertChain and clientPrivateKey from ssl3_HandleCertificateRequest to ssl3_HandleServerHello as a second defense. The patch is contributed by Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc. ---------------------------- In that bug, we clear the relevant members in ssl3_HandleServerHello. I don't know why we didn't add that code to ssl3_SendClientHello. Do you remember? It would be nice to consolidate the code all in this function.
4187	4191

4188 SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",	4192 SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",

4189 SSL_GETPID(), ss->fd ));	4193 SSL_GETPID(), ss->fd ));

4190 rv = ssl3_RestartHandshakeHashes(ss);	4194 rv = ssl3_RestartHandshakeHashes(ss);

4191 if (rv != SECSuccess) {	4195 if (rv != SECSuccess) {

4192 return rv;	4196 return rv;

4193 }	4197 }

4194	4198

4195 /*	4199 /*

4196 * During a renegotiation, ss->clientHelloVersion will be used again to	4200 * During a renegotiation, ss->clientHelloVersion will be used again to

(...skipping 7065 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
11262 PORT_Free(ss->ssl3.hs.recvdFragments.buf);	11266 PORT_Free(ss->ssl3.hs.recvdFragments.buf);

11263 }	11267 }

11264 }	11268 }

11265	11269

11266 ss->ssl3.initialized = PR_FALSE;	11270 ss->ssl3.initialized = PR_FALSE;

11267	11271

11268 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);	11272 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);

11269 }	11273 }

11270	11274

11271 /* End of ssl3con.c */	11275 /* End of ssl3con.c */

OLD	NEW

« no previous file with comments | « no previous file | no next file » | no next file with comments »