Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(232)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/patches/clientauth.patch

Issue 11359197: Ensure the patched NSS libssl used on Win and Mac behaves the same as upstream when handling client… (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Update patch Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/clientauth.patch
diff --git a/net/third_party/nss/patches/clientauth.patch b/net/third_party/nss/patches/clientauth.patch
index 39687d659aec28701f906e420ab7cc0df6798ff6..33335f65100de060a1fb32519e2dd325cf27f08d 100644
--- a/net/third_party/nss/patches/clientauth.patch
+++ b/net/third_party/nss/patches/clientauth.patch
@@ -93,14 +93,12 @@ diff -puN -r a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3c
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
-@@ -5983,6 +6006,20 @@ ssl3_HandleCertificateRequest(sslSocket
+@@ -5983,6 +6006,18 @@ ssl3_HandleCertificateRequest(sslSocket
desc = no_certificate;
ss->ssl3.hs.ws = wait_hello_done;
+#ifdef NSS_PLATFORM_CLIENT_AUTH
-+ if (ss->getPlatformClientAuthData == NULL) {
-+ rv = SECFailure; /* force it to send a no_certificate alert */
-+ } else {
++ if (ss->getPlatformClientAuthData != NULL) {
+ /* XXX Should pass cert_types in this call!! */
+ rv = (SECStatus)(*ss->getPlatformClientAuthData)(
+ ss->getPlatformClientAuthDataArg,
@@ -109,8 +107,8 @@ diff -puN -r a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3c
+ (void**)&ss->ssl3.platformClientKey,
+ &ss->ssl3.clientCertificate,
+ &ss->ssl3.clientPrivateKey);
-+ }
-+#else
++ } else
++#endif
if (ss->getClientAuthData == NULL) {
rv = SECFailure; /* force it to send a no_certificate alert */
} else {
@@ -118,7 +116,7 @@ diff -puN -r a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3c
&ss->ssl3.clientCertificate,
&ss->ssl3.clientPrivateKey);
}
-+#endif /* NSS_PLATFORM_CLIENT_AUTH */
++
switch (rv) {
case SECWouldBlock: /* getClientAuthData has put up a dialog box. */
ssl3_SetAlwaysBlock(ss);
@@ -247,7 +245,7 @@ diff -puN -r a/net/third_party/nss/ssl/sslauth.c b/net/third_party/nss/ssl/sslau
diff -puN -r a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h
--- a/net/third_party/nss/ssl/ssl.h 2012-11-09 15:34:12.258133766 -0800
+++ b/net/third_party/nss/ssl/ssl.h 2012-11-09 15:35:08.488958561 -0800
-@@ -483,6 +483,45 @@ typedef SECStatus (PR_CALLBACK *SSLGetCl
+@@ -483,6 +483,48 @@ typedef SECStatus (PR_CALLBACK *SSLGetCl
SSL_IMPORT SECStatus SSL_GetClientAuthDataHook(PRFileDesc *fd,
SSLGetClientAuthData f, void *a);
@@ -283,6 +281,9 @@ diff -puN -r a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h
+/*
+ * Set the client side callback for SSL to retrieve user's private key
+ * and certificate.
++ * Note: If a platform client auth callback is set, the callback configured by
++ * SSL_GetClientAuthDataHook, if any, will not be called.
++ *
+ * fd - the file descriptor for the connection in question
+ * f - the application's callback that delivers the key and cert
+ * a - application specific data
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698