Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/cachedinfo.patch

Issue 7549020: net: fix caching of peer's cert chain in session objects. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl3con.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 commit 070963bde0a9c474733f19fbd525ff14e3f15803 1 commit b84efe75d31ad7e16bf8e97845d264a0f5994a3f
2 Author: Adam Langley <agl@chromium.org> 2 Author: Adam Langley <agl@chromium.org>
3 Date: Fri Jun 24 13:10:38 2011 -0400 3 Date: Fri Jun 24 13:10:38 2011 -0400
4 4
5 cachedinfo.patch 5 cachedinfo.patch
6 6
7 diff --git a/mozilla/security/nss/lib/ssl/fnv1a64.c b/mozilla/security/nss/lib/s sl/fnv1a64.c 7 diff --git a/mozilla/security/nss/lib/ssl/fnv1a64.c b/mozilla/security/nss/lib/s sl/fnv1a64.c
8 new file mode 100644 8 new file mode 100644
9 index 0000000..c7c4b08 9 index 0000000..c7c4b08
10 --- /dev/null 10 --- /dev/null
11 +++ b/mozilla/security/nss/lib/ssl/fnv1a64.c 11 +++ b/mozilla/security/nss/lib/ssl/fnv1a64.c
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after
146 + */ 146 + */
147 + SSL_IMPORT SECStatus SSL_SetPredictedPeerCertificates( 147 + SSL_IMPORT SECStatus SSL_SetPredictedPeerCertificates(
148 + PRFileDesc *fd, CERTCertificate **certs, 148 + PRFileDesc *fd, CERTCertificate **certs,
149 + unsigned int numCerts); 149 + unsigned int numCerts);
150 + 150 +
151 +/* 151 +/*
152 ** Configure SSL socket for running a secure server. Needs the 152 ** Configure SSL socket for running a secure server. Needs the
153 ** certificate for the server and the servers private key. The arguments 153 ** certificate for the server and the servers private key. The arguments
154 ** are copied. 154 ** are copied.
155 diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/s sl/ssl3con.c 155 diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/s sl/ssl3con.c
156 index 0997e18..f7064ef 100644 156 index 0997e18..068f021 100644
157 --- a/mozilla/security/nss/lib/ssl/ssl3con.c 157 --- a/mozilla/security/nss/lib/ssl/ssl3con.c
158 +++ b/mozilla/security/nss/lib/ssl/ssl3con.c 158 +++ b/mozilla/security/nss/lib/ssl/ssl3con.c
159 @@ -5170,7 +5170,6 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUin t32 length) 159 @@ -5170,7 +5170,6 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUin t32 length)
160 ssl3_CopyPeerCertsFromSID(ss, sid); 160 ssl3_CopyPeerCertsFromSID(ss, sid);
161 } 161 }
162 162
163 - 163 -
164 /* NULL value for PMS signifies re-use of the old MS */ 164 /* NULL value for PMS signifies re-use of the old MS */
165 rv = ssl3_InitPendingCipherSpec(ss, NULL); 165 rv = ssl3_InitPendingCipherSpec(ss, NULL);
166 if (rv != SECSuccess) { 166 if (rv != SECSuccess) {
(...skipping 232 matching lines...) Expand 10 before | Expand all | Expand 10 after
399 399
400 @@ -8108,8 +8208,6 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUin t32 length) 400 @@ -8108,8 +8208,6 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUin t32 length)
401 /* someone will handle this connection asynchronously*/ 401 /* someone will handle this connection asynchronously*/
402 SSL_DBG(("%d: SSL3[%d]: go to async cert handler", 402 SSL_DBG(("%d: SSL3[%d]: go to async cert handler",
403 SSL_GETPID(), ss->fd)); 403 SSL_GETPID(), ss->fd));
404 - ss->ssl3.peerCertChain = certs; 404 - ss->ssl3.peerCertChain = certs;
405 - certs = NULL; 405 - certs = NULL;
406 ssl_SetAlwaysBlock(ss); 406 ssl_SetAlwaysBlock(ss);
407 goto cert_block; 407 goto cert_block;
408 } 408 }
409 @@ -8134,7 +8232,7 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUin t32 length)
410 }
411
412 ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
413 - ssl3_CopyPeerCertsToSID(certs, ss->sec.ci.sid);
414 + ssl3_CopyPeerCertsToSID(ss->ssl3.peerCertChain, ss->sec.ci.sid);
415
416 if (!ss->sec.isServer) {
417 /* set the server authentication and key exchange types and sizes
409 @@ -8179,8 +8277,6 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUin t32 length) 418 @@ -8179,8 +8277,6 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUin t32 length)
410 } 419 }
411 } 420 }
412 421
413 - ss->ssl3.peerCertChain = certs; certs = NULL; arena = NULL; 422 - ss->ssl3.peerCertChain = certs; certs = NULL; arena = NULL;
414 - 423 -
415 cert_block: 424 cert_block:
416 if (ss->sec.isServer) { 425 if (ss->sec.isServer) {
417 ss->ssl3.hs.ws = wait_client_key; 426 ss->ssl3.hs.ws = wait_client_key;
418 @@ -8250,7 +8346,10 @@ alert_loser: 427 @@ -8250,7 +8346,10 @@ alert_loser:
(...skipping 526 matching lines...) Expand 10 before | Expand all | Expand 10 after
945 ssl_session_ticket_xtn = 35, 954 ssl_session_ticket_xtn = 35,
946 ssl_next_proto_neg_xtn = 13172, 955 ssl_next_proto_neg_xtn = 13172,
947 + ssl_cached_info_xtn = 13173, 956 + ssl_cached_info_xtn = 13173,
948 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ 957 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
949 } SSLExtensionType; 958 } SSLExtensionType;
950 959
951 -#define SSL_MAX_EXTENSIONS 7 960 -#define SSL_MAX_EXTENSIONS 7
952 +#define SSL_MAX_EXTENSIONS 8 961 +#define SSL_MAX_EXTENSIONS 8
953 962
954 #endif /* __sslt_h_ */ 963 #endif /* __sslt_h_ */
OLDNEW
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl3con.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698