Update net/third_party/nss to NSS 3.15.4.

net/third_party/nss/ssl/ssl3ext.c

 /*
  * SSL3 Protocol
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /* TLS extension code moved here from ssl3ecc.c */
 
 #include "nssrenam.h"
@@ skipping 483 matching lines @@
  * sends an empty ticket.  Servers always send empty tickets.
  */
 PRInt32
 ssl3_SendSessionTicketXtn(
                         sslSocket * ss,
                         PRBool      append,
                         PRUint32    maxBytes)
 {
     PRInt32 extension_length;
     NewSessionTicket *session_ticket = NULL;
+    sslSessionID *sid = ss->sec.ci.sid;
 
     /* Ignore the SessionTicket extension if processing is disabled. */
     if (!ss->opt.enableSessionTickets)
         return 0;
 
     /* Empty extension length = extension_type (2-bytes) +
      * length(extension_data) (2-bytes)
      */
     extension_length = 4;
 
     /* If we are a client then send a session ticket if one is availble.
      * Servers that support the extension and are willing to negotiate the
      * the extension always respond with an empty extension.
      */
     if (!ss->sec.isServer) {
-        sslSessionID *sid = ss->sec.ci.sid;
-        session_ticket = &sid->u.ssl3.sessionTicket;
+        /* The caller must be holding sid->u.ssl3.lock for reading. We cannot
+         * just acquire and release the lock within this function because the
+         * caller will call this function twice, and we need the inputs to be
+         * consistent between the two calls. Note that currently the caller
+         * will only be holding the lock when we are the client and when we're
+         * attempting to resume an existing session.
+         */
+
+        session_ticket = &sid->u.ssl3.locked.sessionTicket;
         if (session_ticket->ticket.data) {
             if (ss->xtnData.ticketTimestampVerified) {
                 extension_length += session_ticket->ticket.len;
             } else if (!append &&
                 (session_ticket->ticket_lifetime_hint == 0 ||
                 (session_ticket->ticket_lifetime_hint +
                     session_ticket->received_timestamp > ssl_Time()))) {
                 extension_length += session_ticket->ticket.len;
                 ss->xtnData.ticketTimestampVerified = PR_TRUE;
             }
         }
     }
 
     if (append && maxBytes >= extension_length) {
         SECStatus rv;
         /* extension_type */
         rv = ssl3_AppendHandshakeNumber(ss, ssl_session_ticket_xtn, 2);
         if (rv != SECSuccess)
             goto loser;
         if (session_ticket && session_ticket->ticket.data &&
             ss->xtnData.ticketTimestampVerified) {
             rv = ssl3_AppendHandshakeVariable(ss, session_ticket->ticket.data,
                 session_ticket->ticket.len, 2);
             ss->xtnData.ticketTimestampVerified = PR_FALSE;
+            ss->xtnData.sentSessionTicketInClientHello = PR_TRUE;
         } else {
             rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
         }
         if (rv != SECSuccess)
             goto loser;
 
         if (!ss->sec.isServer) {
             TLSExtensionData *xtnData = &ss->xtnData;
             xtnData->advertised[xtnData->numAdvertised++] = 
                 ssl_session_ticket_xtn;
@@ skipping 1033 matching lines @@
 
         temp = ssl3_ConsumeHandshakeNumber(ss, 2, &buffer, &buffer_len);
         if (temp < 0) goto no_ticket;
         parsed_session_ticket->ms_length = (PRUint16)temp;
         if (parsed_session_ticket->ms_length == 0 ||  /* sanity check MS. */
             parsed_session_ticket->ms_length >
             sizeof(parsed_session_ticket->master_secret))
             goto no_ticket;
         
         /* Allow for the wrapped master secret to be longer. */
-        if (buffer_len < sizeof(SSL3_MASTER_SECRET_LENGTH))
+        if (buffer_len < parsed_session_ticket->ms_length)
             goto no_ticket;
         PORT_Memcpy(parsed_session_ticket->master_secret, buffer,
             parsed_session_ticket->ms_length);
         buffer += parsed_session_ticket->ms_length;
         buffer_len -= parsed_session_ticket->ms_length;
 
         /* Read client_identity */
         temp = ssl3_ConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
         if (temp < 0)
             goto no_ticket;
@@ skipping 819 matching lines @@
 
     if (!data->len) {
         /* Empty extension data: RFC 6962 mandates non-empty contents. */
         return SECFailure;
     }
     *scts = *data;
     /* Keep track of negotiated extensions. */
     ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
     return SECSuccess;
 }