Index: net/third_party/nss/ssl/sslinfo.c |
diff --git a/net/third_party/nss/ssl/sslinfo.c b/net/third_party/nss/ssl/sslinfo.c |
index 9a58b4d3b9174443c01b2845c49b2ddfbb54e43d..cf870c790067d909650f16e003294bcaf5c40e60 100644 |
--- a/net/third_party/nss/ssl/sslinfo.c |
+++ b/net/third_party/nss/ssl/sslinfo.c |
@@ -39,7 +39,6 @@ |
#include "ssl.h" |
#include "sslimpl.h" |
#include "sslproto.h" |
-#include "pk11func.h" |
static const char * |
ssl_GetCompressionMethodName(SSLCompressionMethod compression) |
@@ -318,12 +317,14 @@ SSL_IsExportCipherSuite(PRUint16 cipherSuite) |
return PR_FALSE; |
} |
-/* Export keying material according to draft-ietf-tls-extractor-06. |
+/* Export keying material according to RFC 5705. |
** fd must correspond to a TLS 1.0 or higher socket, out must |
** be already allocated. |
*/ |
SECStatus |
-SSL_ExportKeyingMaterial(PRFileDesc *fd, const char *label, |
+SSL_ExportKeyingMaterial(PRFileDesc *fd, |
+ const char *label, |
+ unsigned int labelLen, |
const unsigned char *context, |
unsigned int contextLen, |
unsigned char *out, |
@@ -346,11 +347,6 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd, const char *label, |
return SECFailure; |
} |
- if (ss->ssl3.hs.ws != idle_handshake) { |
- PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); |
- return SECFailure; |
- } |
- |
valLen = SSL3_RANDOM_LENGTH * 2; |
if (contextLen > 0) |
valLen += 2 /* uint16 length */ + contextLen; |
@@ -371,11 +367,16 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd, const char *label, |
PORT_Assert(i == valLen); |
ssl_GetSpecReadLock(ss); |
- rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.crSpec, label, strlen(label), val, valLen, out, outLen); |
+ if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) { |
+ PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); |
+ rv = SECFailure; |
+ } else { |
+ rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, |
+ valLen, out, outLen); |
+ } |
ssl_ReleaseSpecReadLock(ss); |
- if (val != NULL) |
- PORT_ZFree(val, valLen); |
+ PORT_ZFree(val, valLen); |
return rv; |
} |