net/third_party/nss/patches/weakserverkey.patch - Issue 6487026: Update to NSS 3.12.9. falsestart.patch, falsestart2.patch, and...

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/third_party/nss/patches/weakserverkey.patch

Issue 6487026: Update to NSS 3.12.9. falsestart.patch, falsestart2.patch, and... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 9 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 Index: mozilla/security/nss/lib/ssl/ssl3con.c

2 ===================================================================

3 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v

4 retrieving revision 1.144

5 diff -p -u -8 -r1.144 ssl3con.c

6 --- mozilla/security/nss/lib/ssl/ssl3con.c 12 Aug 2010 01:15:38 -0000 1.144

7 +++ mozilla/security/nss/lib/ssl/ssl3con.c 13 Aug 2010 23:23:40 -0000

8 @@ -5299,18 +5299,20 @@ ssl3_HandleServerKeyExchange(sslSocket *

9 SECItem dh_p = {siBuffer, NULL, 0};

10 SECItem dh_g = {siBuffer, NULL, 0};

11 SECItem dh_Ys = {siBuffer, NULL, 0};

12

13 rv = ssl3_ConsumeHandshakeVariable(ss, &dh_p, 2, &b, &length);

14 if (rv != SECSuccess) {

15 goto loser; /* malformed. */

16 }

17 - if (dh_p.len < 512/8)

18 + if (dh_p.len < 512/8) {

19 + errCode = SSL_ERROR_WEAK_SERVER_KEY;

20 goto alert_loser;

21 + }

22 rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);

23 if (rv != SECSuccess) {

24 goto loser; /* malformed. */

25 }

26 if (dh_g.len == 0 \|\| dh_g.len > dh_p.len + 1 \|\|

27 (dh_g.len == 1 && dh_g.data[0] == 0))

28 goto alert_loser;

29 rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);

30 Index: mozilla/security/nss/lib/ssl/sslerr.h

31 ===================================================================

32 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslerr.h,v

33 retrieving revision 1.11

34 diff -p -u -8 -r1.11 sslerr.h

35 --- mozilla/security/nss/lib/ssl/sslerr.h 24 Jun 2010 09:24:18 -0000 1.11

36 +++ mozilla/security/nss/lib/ssl/sslerr.h 13 Aug 2010 23:23:40 -0000

37 @@ -196,13 +196,15 @@ SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICK

38 SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 110),

39

40 SSL_ERROR_DECOMPRESSION_FAILURE = (SSL_ERROR_BASE + 111),

41 SSL_ERROR_RENEGOTIATION_NOT_ALLOWED = (SSL_ERROR_BASE + 112),

42 SSL_ERROR_UNSAFE_NEGOTIATION = (SSL_ERROR_BASE + 113),

43

44 SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD = (SSL_ERROR_BASE + 114),

45

46 +SSL_ERROR_WEAK_SERVER_KEY = (SSL_ERROR_BASE + 115),

47 +

48 SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */

49 } SSLErrorCodes;

50 #endif /* NO_SECURITY_ERROR_ENUM */

51

52 #endif /* __SSL_ERR_H_ */

OLD	NEW

« no previous file with comments | « net/third_party/nss/patches/ocspstapling.patch ('k') | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »