Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(688)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/patches/cachecerts.patch

Issue 14522022: Update NSS libSSL to NSS_3_15_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Make the changes rsleevi suggested Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/patches/applypatches.sh ('k') | net/third_party/nss/patches/cbc.patch » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/cachecerts.patch
===================================================================
--- net/third_party/nss/patches/cachecerts.patch (revision 196870)
+++ net/third_party/nss/patches/cachecerts.patch (working copy)
@@ -1,6 +1,6 @@
-diff -pu -r a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
---- a/net/third_party/nss/ssl/ssl3con.c 2012-11-09 15:19:29.665155332 -0800
-+++ b/net/third_party/nss/ssl/ssl3con.c 2012-11-09 15:20:08.835732728 -0800
+diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
+--- a/nss/lib/ssl/ssl3con.c 2013-04-27 09:19:50.358559102 -0700
++++ b/nss/lib/ssl/ssl3con.c 2013-04-27 09:19:58.798678612 -0700
@@ -42,6 +42,7 @@
#endif
@@ -9,15 +9,15 @@
static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
PK11SlotInfo * serverKeySlot);
static SECStatus ssl3_DeriveMasterSecret(sslSocket *ss, PK11SymKey *pms);
-@@ -5575,6 +5576,7 @@ ssl3_HandleServerHello(sslSocket *ss, SS
+@@ -5697,6 +5698,7 @@ ssl3_HandleServerHello(sslSocket *ss, SS
/* copy the peer cert from the SID */
if (sid->peerCert != NULL) {
ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
+ ssl3_CopyPeerCertsFromSID(ss, sid);
}
-
-@@ -6916,6 +6918,7 @@ compression_found:
+ /* NULL value for PMS signifies re-use of the old MS */
+@@ -7048,6 +7050,7 @@ compression_found:
ss->sec.ci.sid = sid;
if (sid->peerCert != NULL) {
ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
@@ -25,7 +25,7 @@
}
/*
-@@ -8323,6 +8326,44 @@ ssl3_CleanupPeerCerts(sslSocket *ss)
+@@ -8501,6 +8504,44 @@ ssl3_CleanupPeerCerts(sslSocket *ss)
ss->ssl3.peerCertChain = NULL;
}
@@ -68,9 +68,9 @@
+}
+
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate message.
+ * ssl3 CertificateStatus message.
* Caller must hold Handshake and RecvBuf locks.
-@@ -8510,6 +8551,7 @@ ssl3_HandleCertificate(sslSocket *ss, SS
+@@ -8780,6 +8821,7 @@ ssl3_AuthCertificate(sslSocket *ss)
}
ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
@@ -78,10 +78,10 @@
if (!ss->sec.isServer) {
CERTCertificate *cert = ss->sec.peerCert;
-diff -pu -r a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h
---- a/net/third_party/nss/ssl/sslimpl.h 2012-09-27 18:46:45.000000000 -0700
-+++ b/net/third_party/nss/ssl/sslimpl.h 2012-11-09 15:20:08.835732728 -0800
-@@ -571,10 +571,13 @@ typedef enum { never_cached,
+diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
+--- a/nss/lib/ssl/sslimpl.h 2013-04-27 09:17:17.216390477 -0700
++++ b/nss/lib/ssl/sslimpl.h 2013-04-27 09:19:58.798678612 -0700
+@@ -570,10 +570,13 @@ typedef enum { never_cached,
invalid_cache /* no longer in any cache. */
} Cached;
@@ -92,12 +92,12 @@
CERTCertificate * peerCert;
+ CERTCertificate * peerCertChain[MAX_PEER_CERT_CHAIN_SIZE];
+ SECItemArray peerCertStatus; /* client only */
const char * peerID; /* client only */
const char * urlSvrName; /* client only */
- CERTCertificate * localCert;
-diff -pu -r a/net/third_party/nss/ssl/sslnonce.c b/net/third_party/nss/ssl/sslnonce.c
---- a/net/third_party/nss/ssl/sslnonce.c 2012-04-25 07:50:12.000000000 -0700
-+++ b/net/third_party/nss/ssl/sslnonce.c 2012-11-09 15:20:08.835732728 -0800
+diff -pu a/nss/lib/ssl/sslnonce.c b/nss/lib/ssl/sslnonce.c
+--- a/nss/lib/ssl/sslnonce.c 2013-04-27 09:17:17.216390477 -0700
++++ b/nss/lib/ssl/sslnonce.c 2013-04-27 09:19:58.798678612 -0700
@@ -165,6 +165,7 @@ lock_cache(void)
static void
ssl_DestroySID(sslSessionID *sid)
@@ -113,6 +113,6 @@
+ for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) {
+ CERT_DestroyCertificate(sid->peerCertChain[i]);
+ }
- if ( sid->localCert ) {
- CERT_DestroyCertificate(sid->localCert);
- }
+ if (sid->peerCertStatus.len) {
+ SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE);
+ sid->peerCertStatus.items = NULL;
« no previous file with comments | « net/third_party/nss/patches/applypatches.sh ('k') | net/third_party/nss/patches/cbc.patch » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698