net/third_party/nss/patches/peercertchain.patch - Issue 111853013: Update net/third_party/nss to NSS 3.15.4.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/patches/peercertchain.patch

Issue 111853013: Update net/third_party/nss to NSS 3.15.4. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Add CT TLS extension bug number Created 6 years, 12 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « net/third_party/nss/patches/paddingextensionall.patch ('k') | net/third_party/nss/patches/peercertchain2.patch » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/third_party/nss/patches/peercertchain.patch

===================================================================

--- net/third_party/nss/patches/peercertchain.patch (revision 242942)

+++ net/third_party/nss/patches/peercertchain.patch (working copy)

@@ -1,67 +0,0 @@

-diff -pu a/nss/lib/ssl/sslauth.c b/nss/lib/ssl/sslauth.c

---- a/nss/lib/ssl/sslauth.c 2013-07-31 12:07:10.974699609 -0700

-+++ b/nss/lib/ssl/sslauth.c 2013-07-31 12:32:07.996451064 -0700

-@@ -28,6 +28,41 @@ SSL_PeerCertificate(PRFileDesc *fd)

- }

- /* NEED LOCKS IN HERE. */

-+SECStatus

-+SSL_PeerCertificateChain(PRFileDesc *fd, CERTCertificate **certs,

-+ unsigned int *numCerts, unsigned int maxNumCerts)

-+{

-+ sslSocket *ss;

-+ ssl3CertNode* cur;

-+ ss = ssl_FindSocket(fd);

-+ if (!ss) {

-+ SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificateChain",

-+ SSL_GETPID(), fd));

-+ return SECFailure;

-+ }

-+ if (!ss->opt.useSecurity)

-+ return SECFailure;

-+ if (ss->sec.peerCert == NULL) {

-+ *numCerts = 0;

-+ return SECSuccess;

-+ }

-+ *numCerts = 1; /* for the leaf certificate */

-+ if (maxNumCerts > 0)

-+ certs[0] = CERT_DupCertificate(ss->sec.peerCert);

-+ for (cur = ss->ssl3.peerCertChain; cur; cur = cur->next) {

-+ if (*numCerts < maxNumCerts)

-+ certs[*numCerts] = CERT_DupCertificate(cur->cert);

-+ (*numCerts)++;

-+ }

-+ return SECSuccess;

-+}

-+/* NEED LOCKS IN HERE. */

- CERTCertificate *

- SSL_LocalCertificate(PRFileDesc *fd)

- {

-diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h

---- a/nss/lib/ssl/ssl.h 2013-07-31 12:07:10.964699464 -0700

-+++ b/nss/lib/ssl/ssl.h 2013-07-31 12:32:07.996451065 -0700

-@@ -426,6 +426,18 @@ SSL_SetStapledOCSPResponses(PRFileDesc *

- SSLKEAType kea);

- /*

-+** Return references to the certificates presented by the SSL peer.

-+** |maxNumCerts| must contain the size of the |certs| array. On successful

-+** return, |*numCerts| contains the number of certificates available and

-+** |certs| will contain references to as many certificates as would fit.

-+** Therefore if |*numCerts| contains a value less than or equal to

-+** |maxNumCerts|, then all certificates were returned.

-+*/

-+SSL_IMPORT SECStatus SSL_PeerCertificateChain(

-+ PRFileDesc *fd, CERTCertificate **certs,

-+ unsigned int *numCerts, unsigned int maxNumCerts);

-+/*

- ** Authenticate certificate hook. Called when a certificate comes in

- ** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the

- ** certificate.