| Index: net/third_party/nss/ssl/ssl3ext.c
|
| ===================================================================
|
| --- net/third_party/nss/ssl/ssl3ext.c (revision 55938)
|
| +++ net/third_party/nss/ssl/ssl3ext.c (working copy)
|
| @@ -41,7 +41,7 @@
|
| * ***** END LICENSE BLOCK ***** */
|
|
|
| /* TLS extension code moved here from ssl3ecc.c */
|
| -/* $Id: ssl3ext.c,v 1.11 2010/02/03 02:38:20 wtc%google.com Exp $ */
|
| +/* $Id: ssl3ext.c,v 1.14 2010/04/03 19:19:07 nelson%bolyard.com Exp $ */
|
|
|
| #include "nssrenam.h"
|
| #include "nss.h"
|
| @@ -314,12 +314,14 @@
|
| PRUint32 maxBytes)
|
| {
|
| SECStatus rv;
|
| + if (!ss)
|
| + return 0;
|
| if (!ss->sec.isServer) {
|
| PRUint32 len;
|
| PRNetAddr netAddr;
|
|
|
| /* must have a hostname */
|
| - if (!ss || !ss->url || !ss->url[0])
|
| + if (!ss->url || !ss->url[0])
|
| return 0;
|
| /* must not be an IPv4 or IPv6 address */
|
| if (PR_SUCCESS == PR_StringToNetAddr(ss->url, &netAddr)) {
|
| @@ -1623,8 +1625,8 @@
|
| data->data[0] != len || (len &&
|
| NSS_SecureMemcmp(ss->ssl3.hs.finishedMsgs.data,
|
| data->data + 1, len))) {
|
| - /* Can we do this here? Or, must we arrange for the caller to do it? */
|
| - (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
|
| + /* Can we do this here? Or, must we arrange for the caller to do it? */
|
| + (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
|
| PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
|
| return SECFailure;
|
| }
|
|
|