| Index: net/third_party/nss/ssl/sslgathr.c
|
| ===================================================================
|
| --- net/third_party/nss/ssl/sslgathr.c (revision 55938)
|
| +++ net/third_party/nss/ssl/sslgathr.c (working copy)
|
| @@ -36,7 +36,7 @@
|
| * the terms of any one of the MPL, the GPL or the LGPL.
|
| *
|
| * ***** END LICENSE BLOCK ***** */
|
| -/* $Id: sslgathr.c,v 1.10 2009/10/16 17:45:35 wtc%google.com Exp $ */
|
| +/* $Id: sslgathr.c,v 1.12 2010/04/25 23:37:38 nelson%bolyard.com Exp $ */
|
| #include "cert.h"
|
| #include "ssl.h"
|
| #include "sslimpl.h"
|
| @@ -272,7 +272,7 @@
|
| goto spec_locked_done;
|
| }
|
|
|
| - /* Decrypt the portion of data that we just recieved.
|
| + /* Decrypt the portion of data that we just received.
|
| ** Decrypt it in place.
|
| */
|
| rv = (*ss->sec.dec)(ss->sec.readcx, pBuf, &nout, gs->offset,
|
| @@ -303,25 +303,25 @@
|
| gs->offset - macLen);
|
| (*ss->sec.hash->update)(ss->sec.hashcx, seq, 4);
|
| (*ss->sec.hash->end)(ss->sec.hashcx, mac, &macLen, macLen);
|
| - }
|
|
|
| - PORT_Assert(macLen == ss->sec.hash->length);
|
| + PORT_Assert(macLen == ss->sec.hash->length);
|
|
|
| - ssl_ReleaseSpecReadLock(ss); /******************************/
|
| + ssl_ReleaseSpecReadLock(ss); /******************************/
|
|
|
| - if (NSS_SecureMemcmp(mac, pBuf, macLen) != 0) {
|
| - /* MAC's didn't match... */
|
| - SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
|
| - SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
|
| - PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
|
| - PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
|
| - PORT_SetError(SSL_ERROR_BAD_MAC_READ);
|
| - rv = SECFailure;
|
| - goto cleanup;
|
| + if (NSS_SecureMemcmp(mac, pBuf, macLen) != 0) {
|
| + /* MAC's didn't match... */
|
| + SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
|
| + SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
|
| + PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
|
| + PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
|
| + PORT_SetError(SSL_ERROR_BAD_MAC_READ);
|
| + rv = SECFailure;
|
| + goto cleanup;
|
| + }
|
| + } else {
|
| + ssl_ReleaseSpecReadLock(ss); /******************************/
|
| }
|
|
|
| -
|
| - PORT_Assert(gs->recordPadding + macLen <= gs->offset);
|
| if (gs->recordPadding + macLen <= gs->offset) {
|
| gs->recordOffset = macLen;
|
| gs->readOffset = macLen;
|
|
|