| OLD | NEW |
| (Empty) |
| 1 Index: net/third_party/nss/ssl/ssl.h | |
| 2 =================================================================== | |
| 3 --- net/third_party/nss/ssl/ssl.h (revision 125777) | |
| 4 +++ net/third_party/nss/ssl/ssl.h (working copy) | |
| 5 @@ -792,12 +792,14 @@ | |
| 6 | |
| 7 /* Export keying material according to RFC 5705. | |
| 8 ** fd must correspond to a TLS 1.0 or higher socket and out must | |
| 9 -** already be allocated. If contextLen is zero it uses the no-context | |
| 10 -** construction from the RFC. | |
| 11 +** already be allocated. If hasContext is false, it uses the no-context | |
| 12 +** construction from the RFC and ignores the context and contextLen | |
| 13 +** arguments. | |
| 14 */ | |
| 15 SSL_IMPORT SECStatus SSL_ExportKeyingMaterial(PRFileDesc *fd, | |
| 16 const char *label, | |
| 17 unsigned int labelLen, | |
| 18 + PRBool hasContext, | |
| 19 const unsigned char *context, | |
| 20 unsigned int contextLen, | |
| 21 unsigned char *out, | |
| 22 Index: net/third_party/nss/ssl/sslinfo.c | |
| 23 =================================================================== | |
| 24 --- net/third_party/nss/ssl/sslinfo.c (revision 125777) | |
| 25 +++ net/third_party/nss/ssl/sslinfo.c (working copy) | |
| 26 @@ -317,18 +317,12 @@ | |
| 27 return PR_FALSE; | |
| 28 } | |
| 29 | |
| 30 -/* Export keying material according to RFC 5705. | |
| 31 -** fd must correspond to a TLS 1.0 or higher socket, out must | |
| 32 -** be already allocated. | |
| 33 -*/ | |
| 34 SECStatus | |
| 35 SSL_ExportKeyingMaterial(PRFileDesc *fd, | |
| 36 - const char *label, | |
| 37 - unsigned int labelLen, | |
| 38 - const unsigned char *context, | |
| 39 - unsigned int contextLen, | |
| 40 - unsigned char *out, | |
| 41 - unsigned int outLen) | |
| 42 + const char *label, unsigned int labelLen, | |
| 43 + PRBool hasContext, | |
| 44 + const unsigned char *context, unsigned int contextLen, | |
| 45 + unsigned char *out, unsigned int outLen) | |
| 46 { | |
| 47 sslSocket *ss; | |
| 48 unsigned char *val = NULL; | |
| 49 @@ -347,18 +341,21 @@ | |
| 50 return SECFailure; | |
| 51 } | |
| 52 | |
| 53 + /* construct PRF arguments */ | |
| 54 valLen = SSL3_RANDOM_LENGTH * 2; | |
| 55 - if (contextLen > 0) | |
| 56 + if (hasContext) { | |
| 57 valLen += 2 /* uint16 length */ + contextLen; | |
| 58 + } | |
| 59 val = PORT_Alloc(valLen); | |
| 60 - if (val == NULL) | |
| 61 + if (!val) { | |
| 62 return SECFailure; | |
| 63 + } | |
| 64 i = 0; | |
| 65 PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); | |
| 66 i += SSL3_RANDOM_LENGTH; | |
| 67 PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH); | |
| 68 i += SSL3_RANDOM_LENGTH; | |
| 69 - if (contextLen > 0) { | |
| 70 + if (hasContext) { | |
| 71 val[i++] = contextLen >> 8; | |
| 72 val[i++] = contextLen; | |
| 73 PORT_Memcpy(val + i, context, contextLen); | |
| 74 @@ -366,6 +363,9 @@ | |
| 75 } | |
| 76 PORT_Assert(i == valLen); | |
| 77 | |
| 78 + /* Allow TLS keying material to be exported sooner, when the master | |
| 79 + * secret is available and we have sent ChangeCipherSpec. | |
| 80 + */ | |
| 81 ssl_GetSpecReadLock(ss); | |
| 82 if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) { | |
| 83 PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); | |
| 84 Index: net/third_party/nss/ssl/sslimpl.h | |
| 85 =================================================================== | |
| 86 --- net/third_party/nss/ssl/sslimpl.h (revision 125777) | |
| 87 +++ net/third_party/nss/ssl/sslimpl.h (working copy) | |
| 88 @@ -1715,11 +1715,11 @@ | |
| 89 SECStatus SSL_DisableExportCipherSuites(PRFileDesc * fd); | |
| 90 PRBool SSL_IsExportCipherSuite(PRUint16 cipherSuite); | |
| 91 | |
| 92 -SECStatus ssl3_TLSPRFWithMasterSecret( | |
| 93 - ssl3CipherSpec *spec, const char *label, | |
| 94 - unsigned int labelLen, const unsigned char *val, | |
| 95 - unsigned int valLen, unsigned char *out, | |
| 96 - unsigned int outLen); | |
| 97 +extern SECStatus | |
| 98 +ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, | |
| 99 + const char *label, unsigned int labelLen, | |
| 100 + const unsigned char *val, unsigned int valLen, | |
| 101 + unsigned char *out, unsigned int outLen); | |
| 102 | |
| 103 #ifdef TRACE | |
| 104 #define SSL_TRACE(msg) ssl_Trace msg | |
| 105 Index: net/third_party/nss/ssl/ssl3ext.c | |
| 106 =================================================================== | |
| 107 --- net/third_party/nss/ssl/ssl3ext.c (revision 125777) | |
| 108 +++ net/third_party/nss/ssl/ssl3ext.c (working copy) | |
| 109 @@ -606,10 +606,7 @@ | |
| 110 unsigned char resultBuffer[255]; | |
| 111 SECItem result = { siBuffer, resultBuffer, 0 }; | |
| 112 | |
| 113 - if (ss->firstHsDone) { | |
| 114 - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); | |
| 115 - return SECFailure; | |
| 116 - } | |
| 117 + PORT_Assert(!ss->firstHsDone); | |
| 118 | |
| 119 rv = ssl3_ValidateNextProtoNego(data->data, data->len); | |
| 120 if (rv != SECSuccess) | |
| 121 @@ -621,6 +618,8 @@ | |
| 122 */ | |
| 123 PORT_Assert(ss->nextProtoCallback != NULL); | |
| 124 if (!ss->nextProtoCallback) { | |
| 125 + /* XXX Use a better error code. This is an application error, not an | |
| 126 + * NSS bug. */ | |
| 127 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); | |
| 128 return SECFailure; | |
| 129 } | |
| 130 @@ -631,7 +630,7 @@ | |
| 131 return rv; | |
| 132 /* If the callback wrote more than allowed to |result| it has corrupted our | |
| 133 * stack. */ | |
| 134 - if (result.len > sizeof result) { | |
| 135 + if (result.len > sizeof resultBuffer) { | |
| 136 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 137 return SECFailure; | |
| 138 } | |
| 139 Index: net/third_party/nss/ssl/sslsock.c | |
| 140 =================================================================== | |
| 141 --- net/third_party/nss/ssl/sslsock.c (revision 125777) | |
| 142 +++ net/third_party/nss/ssl/sslsock.c (working copy) | |
| 143 @@ -1344,7 +1344,7 @@ | |
| 144 return SECSuccess; | |
| 145 } | |
| 146 | |
| 147 -/* NextProtoStandardCallback is set as an NPN callback for the case when | |
| 148 +/* ssl_NextProtoNegoCallback is set as an NPN callback for the case when | |
| 149 * SSL_SetNextProtoNego is used. | |
| 150 */ | |
| 151 static SECStatus | |
| 152 @@ -1390,12 +1390,12 @@ | |
| 153 result = ss->opt.nextProtoNego.data; | |
| 154 | |
| 155 found: | |
| 156 - *protoOutLen = result[0]; | |
| 157 if (protoMaxLen < result[0]) { | |
| 158 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 159 return SECFailure; | |
| 160 } | |
| 161 memcpy(protoOut, result + 1, result[0]); | |
| 162 + *protoOutLen = result[0]; | |
| 163 return SECSuccess; | |
| 164 } | |
| 165 | |
| 166 @@ -1449,13 +1449,12 @@ | |
| 167 | |
| 168 if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT && | |
| 169 ss->ssl3.nextProto.data) { | |
| 170 - *bufLen = ss->ssl3.nextProto.len; | |
| 171 - if (*bufLen > bufLenMax) { | |
| 172 + if (ss->ssl3.nextProto.len > bufLenMax) { | |
| 173 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 174 - *bufLen = 0; | |
| 175 return SECFailure; | |
| 176 } | |
| 177 PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len); | |
| 178 + *bufLen = ss->ssl3.nextProto.len; | |
| 179 } else { | |
| 180 *bufLen = 0; | |
| 181 } | |
| 182 Index: net/third_party/nss/ssl/ssl3con.c | |
| 183 =================================================================== | |
| 184 --- net/third_party/nss/ssl/ssl3con.c (revision 125777) | |
| 185 +++ net/third_party/nss/ssl/ssl3con.c (working copy) | |
| 186 @@ -8484,9 +8484,9 @@ | |
| 187 return rv; | |
| 188 } | |
| 189 | |
| 190 -/* The calling function must acquire and release the appropriate lock (i.e., | |
| 191 - * ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for ss->ssl3.crSpec). Any | |
| 192 - * label must already be concatenated onto the beginning of val. | |
| 193 +/* The calling function must acquire and release the appropriate | |
| 194 + * lock (e.g., ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for | |
| 195 + * ss->ssl3.crSpec). | |
| 196 */ | |
| 197 SECStatus | |
| 198 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label, | |
| 199 @@ -8508,8 +8508,7 @@ | |
| 200 rv = PK11_DigestBegin(prf_context); | |
| 201 rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen); | |
| 202 rv |= PK11_DigestOp(prf_context, val, valLen); | |
| 203 - rv |= PK11_DigestFinal(prf_context, out, | |
| 204 - &retLen, outLen); | |
| 205 + rv |= PK11_DigestFinal(prf_context, out, &retLen, outLen); | |
| 206 PORT_Assert(rv != SECSuccess || retLen == outLen); | |
| 207 | |
| 208 PK11_DestroyContext(prf_context, PR_TRUE); | |
| 209 @@ -8532,15 +8531,15 @@ | |
| 210 static SECStatus | |
| 211 ssl3_ComputeTLSFinished(ssl3CipherSpec *spec, | |
| 212 PRBool isServer, | |
| 213 - const SSL3Finished * hashes, | |
| 214 - TLSFinished * tlsFinished) | |
| 215 + const SSL3Finished * hashes, | |
| 216 + TLSFinished * tlsFinished) | |
| 217 { | |
| 218 const char * label; | |
| 219 - SECStatus rv; | |
| 220 unsigned int len; | |
| 221 + SECStatus rv; | |
| 222 | |
| 223 label = isServer ? "server finished" : "client finished"; | |
| 224 - len = 15; | |
| 225 + len = 15; | |
| 226 | |
| 227 rv = ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->md5, | |
| 228 sizeof *hashes, tlsFinished->verify_data, | |
| OLD | NEW |