Index: net/third_party/nss/patches/cachecerts.patch |
diff --git a/net/third_party/nss/patches/cachecerts.patch b/net/third_party/nss/patches/cachecerts.patch |
index fce438b66c4e180797364ba540d4c019b73ae916..adb7e3e95102cfbdecf68d740d893ec5d94322f5 100644 |
--- a/net/third_party/nss/patches/cachecerts.patch |
+++ b/net/third_party/nss/patches/cachecerts.patch |
@@ -1,6 +1,7 @@ |
-diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
---- a/nss/lib/ssl/ssl3con.c 2014-01-17 17:49:26.062517203 -0800 |
-+++ b/nss/lib/ssl/ssl3con.c 2014-01-17 17:51:23.974478249 -0800 |
+diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c |
+index 529eb42..ebaee61 100644 |
+--- a/ssl/ssl3con.c |
++++ b/ssl/ssl3con.c |
@@ -43,6 +43,7 @@ |
static SECStatus ssl3_AuthCertificate(sslSocket *ss); |
@@ -9,7 +10,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec, |
PK11SlotInfo * serverKeySlot); |
static SECStatus ssl3_DeriveMasterSecret(sslSocket *ss, PK11SymKey *pms); |
-@@ -6474,6 +6475,7 @@ ssl3_HandleServerHello(sslSocket *ss, SS |
+@@ -6534,6 +6535,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) |
/* copy the peer cert from the SID */ |
if (sid->peerCert != NULL) { |
ss->sec.peerCert = CERT_DupCertificate(sid->peerCert); |
@@ -17,7 +18,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
} |
/* NULL value for PMS signifies re-use of the old MS */ |
-@@ -8048,6 +8050,7 @@ compression_found: |
+@@ -8127,6 +8129,7 @@ compression_found: |
ss->sec.ci.sid = sid; |
if (sid->peerCert != NULL) { |
ss->sec.peerCert = CERT_DupCertificate(sid->peerCert); |
@@ -25,7 +26,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
} |
/* |
-@@ -9662,6 +9665,44 @@ ssl3_CleanupPeerCerts(sslSocket *ss) |
+@@ -9750,6 +9753,44 @@ ssl3_CleanupPeerCerts(sslSocket *ss) |
ss->ssl3.peerCertChain = NULL; |
} |
@@ -70,7 +71,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete |
* ssl3 CertificateStatus message. |
* Caller must hold Handshake and RecvBuf locks. |
-@@ -9940,6 +9981,7 @@ ssl3_AuthCertificate(sslSocket *ss) |
+@@ -10028,6 +10069,7 @@ ssl3_AuthCertificate(sslSocket *ss) |
} |
ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert); |
@@ -78,10 +79,11 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
if (!ss->sec.isServer) { |
CERTCertificate *cert = ss->sec.peerCert; |
-diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
---- a/nss/lib/ssl/sslimpl.h 2014-01-17 17:49:26.072517368 -0800 |
-+++ b/nss/lib/ssl/sslimpl.h 2014-01-17 17:51:23.984478418 -0800 |
-@@ -595,6 +595,8 @@ typedef enum { never_cached, |
+diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h |
+index 858ae0c..88a7039 100644 |
+--- a/ssl/sslimpl.h |
++++ b/ssl/sslimpl.h |
+@@ -597,6 +597,8 @@ typedef enum { never_cached, |
invalid_cache /* no longer in any cache. */ |
} Cached; |
@@ -90,7 +92,7 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
struct sslSessionIDStr { |
/* The global cache lock must be held when accessing these members when the |
* sid is in any cache. |
-@@ -609,6 +611,7 @@ struct sslSessionIDStr { |
+@@ -611,6 +613,7 @@ struct sslSessionIDStr { |
*/ |
CERTCertificate * peerCert; |
@@ -98,9 +100,10 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
SECItemArray peerCertStatus; /* client only */ |
const char * peerID; /* client only */ |
const char * urlSvrName; /* client only */ |
-diff -pu a/nss/lib/ssl/sslnonce.c b/nss/lib/ssl/sslnonce.c |
---- a/nss/lib/ssl/sslnonce.c 2014-01-17 17:49:26.072517368 -0800 |
-+++ b/nss/lib/ssl/sslnonce.c 2014-01-17 17:51:23.984478418 -0800 |
+diff --git a/ssl/sslnonce.c b/ssl/sslnonce.c |
+index 2e861f1..be11008 100644 |
+--- a/ssl/sslnonce.c |
++++ b/ssl/sslnonce.c |
@@ -164,6 +164,7 @@ lock_cache(void) |
static void |
ssl_DestroySID(sslSessionID *sid) |