Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/patches/reorderextensions.patch

Issue 1053903002: Update libssl to NSS 3.18 RTM (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix typo Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/patches/removebuildmetadata.patch ('k') | net/third_party/nss/patches/restartclientauth.patch » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/reorderextensions.patch
diff --git a/net/third_party/nss/patches/reorderextensions.patch b/net/third_party/nss/patches/reorderextensions.patch
index 3572fb157d2a9360ee253749117fcef873770dcc..7bbf559ee37e97ad710b52181f6e46c79b420ed4 100644
--- a/net/third_party/nss/patches/reorderextensions.patch
+++ b/net/third_party/nss/patches/reorderextensions.patch
@@ -1,34 +1,30 @@
-diff --git a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c
-index 6f3fe2f..523e49a 100644
---- a/nss/lib/ssl/ssl3ext.c
-+++ b/nss/lib/ssl/ssl3ext.c
-@@ -295,9 +295,12 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
- { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn },
- { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn },
+diff --git a/ssl/ssl3ext.c b/ssl/ssl3ext.c
+index 6c120ff..697a313 100644
+--- a/ssl/ssl3ext.c
++++ b/ssl/ssl3ext.c
+@@ -308,6 +308,10 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
{ ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
-- { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
{ ssl_signed_certificate_timestamp_xtn,
-- &ssl3_ClientSendSignedCertTimestampXtn }
-+ &ssl3_ClientSendSignedCertTimestampXtn },
+ &ssl3_ClientSendSignedCertTimestampXtn },
+ /* WebSphere Application Server 7.0 is intolerant to the last extension
-+ * being zero-length. It is not intolerant of TLS 1.2, so move
-+ * signature_algorithms to the end. */
-+ { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }
++ * being zero-length. It is not intolerant of TLS 1.2, so ensure that
++ * signature_algorithms is at the end to guarantee a non-empty
++ * extension. */
+ { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
+ { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },
/* any extra entries will appear as { 0, NULL } */
- };
-
-@@ -2347,9 +2350,11 @@ ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength)
+@@ -2464,9 +2468,11 @@ ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength)
}
extensionLength = 512 - recordLength;
- /* Extensions take at least four bytes to encode. */
- if (extensionLength < 4) {
-- extensionLength = 4;
+- extensionLength = 4;
+ /* Extensions take at least four bytes to encode. Always include at least
-+ * one byte of data if including the extension. WebSphere Application Server
-+ * 7.0 is intolerant to the last extension being zero-length. */
++ * one byte of data if including the extension. WebSphere Application
++ * Server 7.0 is intolerant to the last extension being zero-length. */
+ if (extensionLength < 4 + 1) {
-+ extensionLength = 4 + 1;
++ extensionLength = 4 + 1;
}
return extensionLength;
« no previous file with comments | « net/third_party/nss/patches/removebuildmetadata.patch ('k') | net/third_party/nss/patches/restartclientauth.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698