net/third_party/nss/ssl/ssl3con.c - Issue 7549020: net: fix caching of peer's cert chain in session objects.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 7549020: net: fix caching of peer's cert chain in session objects. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « net/third_party/nss/patches/cachedinfo.patch ('k') | no next file » | no next file with comments »

OLD	NEW
1 /*	1 /*

2 * SSL3 Protocol	2 * SSL3 Protocol

3 *	3 *

4 * *** BEGIN LICENSE BLOCK ***	4 * *** BEGIN LICENSE BLOCK ***

5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

6 *	6 *

7 * The contents of this file are subject to the Mozilla Public License Version	7 * The contents of this file are subject to the Mozilla Public License Version

8 * 1.1 (the "License"); you may not use this file except in compliance with	8 * 1.1 (the "License"); you may not use this file except in compliance with

9 * the License. You may obtain a copy of the License at	9 * the License. You may obtain a copy of the License at

10 * http://www.mozilla.org/MPL/	10 * http://www.mozilla.org/MPL/

(...skipping 8238 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
8249 anyRestrictedEnabled(ss) &&	8249 anyRestrictedEnabled(ss) &&

8250 SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,	8250 SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,

8251 PR_FALSE, /* checkSig */	8251 PR_FALSE, /* checkSig */

8252 certUsageSSLServerWithStepUp,	8252 certUsageSSLServerWithStepUp,

8253 /XXX/ ss->authCertificateArg) ) {	8253 /XXX/ ss->authCertificateArg) ) {

8254 ss->ssl3.policy = SSL_RESTRICTED;	8254 ss->ssl3.policy = SSL_RESTRICTED;

8255 ss->ssl3.hs.rehandshake = PR_TRUE;	8255 ss->ssl3.hs.rehandshake = PR_TRUE;

8256 }	8256 }

8257	8257

8258 ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);	8258 ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);

8259 ssl3_CopyPeerCertsToSID(certs, ss->sec.ci.sid);	8259 ssl3_CopyPeerCertsToSID(ss->ssl3.peerCertChain, ss->sec.ci.sid);

8260	8260

8261 if (!ss->sec.isServer) {	8261 if (!ss->sec.isServer) {

8262 /* set the server authentication and key exchange types and sizes	8262 /* set the server authentication and key exchange types and sizes

8263 ** from the value in the cert. If the key exchange key is different,	8263 ** from the value in the cert. If the key exchange key is different,

8264 ** it will get fixed when we handle the server key exchange message.	8264 ** it will get fixed when we handle the server key exchange message.

8265 */	8265 */

8266 SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert);	8266 SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert);

8267 ss->sec.authAlgorithm = ss->ssl3.hs.kea_def->signKeyType;	8267 ss->sec.authAlgorithm = ss->ssl3.hs.kea_def->signKeyType;

8268 ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType;	8268 ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType;

8269 if (pubKey) {	8269 if (pubKey) {

(...skipping 1682 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
9952	9952

9953 ss->ssl3.initialized = PR_FALSE;	9953 ss->ssl3.initialized = PR_FALSE;

9954	9954

9955 if (ss->ssl3.nextProto.data) {	9955 if (ss->ssl3.nextProto.data) {

9956 PORT_Free(ss->ssl3.nextProto.data);	9956 PORT_Free(ss->ssl3.nextProto.data);

9957 ss->ssl3.nextProto.data = NULL;	9957 ss->ssl3.nextProto.data = NULL;

9958 }	9958 }

9959 }	9959 }

9960	9960

9961 /* End of ssl3con.c */	9961 /* End of ssl3con.c */

OLD	NEW