Workaround a bug in NSS when using DHE+client authentication.

net/third_party/nss/ssl/ssl3con.c

 /*
  * SSL3 Protocol
  *
  * ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
@@ skipping 5004 matching lines @@
     rv = ssl3_InitState(ss);
     if (rv != SECSuccess) {
         errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */
         goto alert_loser;
     }
     if (ss->ssl3.hs.ws != wait_server_hello) {
         errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO;
         desc    = unexpected_message;
         goto alert_loser;
     }
+    
+    /* clean up anything left from previous handshake. */
+    if (ss->ssl3.clientCertChain != NULL) {
+       CERT_DestroyCertificateList(ss->ssl3.clientCertChain);
+       ss->ssl3.clientCertChain = NULL;
+    }
+    if (ss->ssl3.clientCertificate != NULL) {
+       CERT_DestroyCertificate(ss->ssl3.clientCertificate);
+       ss->ssl3.clientCertificate = NULL;
+    }
+    if (ss->ssl3.clientPrivateKey != NULL) {
+       SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+       ss->ssl3.clientPrivateKey = NULL;
+    }
+#ifdef NSS_PLATFORM_CLIENT_AUTH
+    if (ss->ssl3.platformClientKey) {
+       ssl_FreePlatformKey(ss->ssl3.platformClientKey);
+       ss->ssl3.platformClientKey = (PlatformKey)NULL;
+    }
+#endif  /* NSS_PLATFORM_CLIENT_AUTH */
 
     if (ss->ssl3.serverHelloPredictionData.data)
         SECITEM_FreeItem(&ss->ssl3.serverHelloPredictionData, PR_FALSE);
 
     /* If this allocation fails it will only stop the application from
      * recording the ServerHello information and performing future Snap
      * Starts. */
     if (SECITEM_AllocItem(NULL, &ss->ssl3.serverHelloPredictionData, length))
         memcpy(ss->ssl3.serverHelloPredictionData.data, b, length);
     /* ss->ssl3.serverHelloPredictionDataValid is still false at this
@@ skipping 478 matching lines @@
     PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
 
     if (ss->ssl3.hs.ws != wait_cert_request &&
         ss->ssl3.hs.ws != wait_server_key) {
         desc    = unexpected_message;
         errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
         goto alert_loser;
     }
 
-    /* clean up anything left from previous handshake. */

[wtc, 2010/12/08 03:04:14]

You can replace these with PORT_Assert assertions
that all the relevant fields are NULL.

-    if (ss->ssl3.clientCertChain != NULL) {
-       CERT_DestroyCertificateList(ss->ssl3.clientCertChain);
-       ss->ssl3.clientCertChain = NULL;
-    }
-    if (ss->ssl3.clientCertificate != NULL) {
-       CERT_DestroyCertificate(ss->ssl3.clientCertificate);
-       ss->ssl3.clientCertificate = NULL;
-    }
-    if (ss->ssl3.clientPrivateKey != NULL) {
-       SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
-       ss->ssl3.clientPrivateKey = NULL;
-    }
-#ifdef NSS_PLATFORM_CLIENT_AUTH
-    if (ss->ssl3.platformClientKey) {
-       ssl_FreePlatformKey(ss->ssl3.platformClientKey);
-       ss->ssl3.platformClientKey = (PlatformKey)NULL;
-    }
-#endif  /* NSS_PLATFORM_CLIENT_AUTH */
-
     isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
     rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
     if (rv != SECSuccess)
         goto loser;             /* malformed, alert has been sent */
 
     arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL)
         goto no_mem;
 
     remaining = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
@@ skipping 4335 matching lines @@
 
     ss->ssl3.initialized = PR_FALSE;
 
     if (ss->ssl3.nextProto.data) {
         PORT_Free(ss->ssl3.nextProto.data);
         ss->ssl3.nextProto.data = NULL;
     }
 }
 
 /* End of ssl3con.c */