Update net/third_party/nss/ssl to NSS 3.14.

net/third_party/nss/ssl/ssl3ext.c

 /*
  * SSL3 Protocol
  *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com> and
- *   Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
- *   Nagendra Modadugu <ngm@google.com>, Google Inc.
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /* TLS extension code moved here from ssl3ecc.c */
-/* $Id: ssl3ext.c,v 1.22 2012/03/12 19:14:12 wtc%google.com Exp $ */
+/* $Id: ssl3ext.c,v 1.28 2012/09/21 00:28:05 wtc%google.com Exp $ */
 
 #include "nssrenam.h"
 #include "nss.h"
 #include "ssl.h"
 #include "sslimpl.h"
 #include "sslproto.h"
 #include "pk11pub.h"
+#ifdef NO_PKCS11_BYPASS
+#include "blapit.h"
+#else
 #include "blapi.h"
+#endif
 #include "prinit.h"
 
 static unsigned char  key_name[SESS_TICKET_KEY_NAME_LEN];
 static PK11SymKey    *session_ticket_enc_key_pkcs11 = NULL;
 static PK11SymKey    *session_ticket_mac_key_pkcs11 = NULL;
 
+#ifndef NO_PKCS11_BYPASS
 static unsigned char  session_ticket_enc_key[AES_256_KEY_LENGTH];
 static unsigned char  session_ticket_mac_key[SHA256_LENGTH];
 
 static PRBool         session_ticket_keys_initialized = PR_FALSE;
+#endif
 static PRCallOnceType generate_session_keys_once;
 
 /* forward static function declarations */
 static SECStatus ssl3_ParseEncryptedSessionTicket(sslSocket *ss,
     SECItem *data, EncryptedSessionTicket *enc_session_ticket);
 static SECStatus ssl3_AppendToItem(SECItem *item, const unsigned char *buf,
     PRUint32 bytes);
 static SECStatus ssl3_AppendNumberToItem(SECItem *item, PRUint32 num,
     PRInt32 lenSize);
 static SECStatus ssl3_GetSessionTicketKeysPKCS11(sslSocket *ss,
     PK11SymKey **aes_key, PK11SymKey **mac_key);
+#ifndef NO_PKCS11_BYPASS
 static SECStatus ssl3_GetSessionTicketKeys(const unsigned char **aes_key,
     PRUint32 *aes_key_length, const unsigned char **mac_key,
     PRUint32 *mac_key_length);
+#endif
 static PRInt32 ssl3_SendRenegotiationInfoXtn(sslSocket * ss,
     PRBool append, PRUint32 maxBytes);
 static SECStatus ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, 
     PRUint16 ex_type, SECItem *data);
 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss,
                         PRUint16 ex_type, SECItem *data);
-static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss,
-                        PRUint16 ex_type, SECItem *data);
 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss,
                         PRUint16 ex_type, SECItem *data);
 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append,
                                                PRUint32 maxBytes);
-static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append,
-                                          PRUint32 maxBytes);
 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append,
     PRUint32 maxBytes);
 static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type,
     SECItem *data);
+static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss,
+    PRUint16 ex_type, SECItem *data);
+static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append,
+    PRUint32 maxBytes);
 
 /*
  * Write bytes.  Using this function means the SECItem structure
  * cannot be freed.  The caller is expected to call this function
  * on a shallow copy of the structure.
  */
 static SECStatus
 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes)
 {
     if (bytes > item->len)
@@ skipping 90 matching lines @@
 
     if (session_ticket_enc_key_pkcs11 == NULL ||
         session_ticket_mac_key_pkcs11 == NULL)
         return SECFailure;
 
     *aes_key = session_ticket_enc_key_pkcs11;
     *mac_key = session_ticket_mac_key_pkcs11;
     return SECSuccess;
 }
 
+#ifndef NO_PKCS11_BYPASS
 static PRStatus
 ssl3_GenerateSessionTicketKeys(void)
 {
     PORT_Memcpy(key_name, SESS_TICKET_KEY_NAME_PREFIX,
         sizeof(SESS_TICKET_KEY_NAME_PREFIX));
 
     if (!ssl_GetSessionTicketKeys(&key_name[SESS_TICKET_KEY_NAME_PREFIX_LEN],
             session_ticket_enc_key, session_ticket_mac_key))
         return PR_FAILURE;
 
@@ skipping 13 matching lines @@
     if (!session_ticket_keys_initialized)
         return SECFailure;
 
     *aes_key = session_ticket_enc_key;
     *aes_key_length = sizeof(session_ticket_enc_key);
     *mac_key = session_ticket_mac_key;
     *mac_key_length = sizeof(session_ticket_mac_key);
 
     return SECSuccess;
 }
+#endif
 
 /* Table of handlers for received TLS hello extensions, one per extension.
  * In the second generation, this table will be dynamic, and functions
  * will be registered here.
  */
 /* This table is used by the server, to handle client hello extensions. */
 static const ssl3HelloExtensionHandler clientHelloHandlers[] = {
     { ssl_server_name_xtn,        &ssl3_HandleServerNameXtn },
 #ifdef NSS_ENABLE_ECC
     { ssl_elliptic_curves_xtn,    &ssl3_HandleSupportedCurvesXtn },
     { ssl_ec_point_formats_xtn,   &ssl3_HandleSupportedPointFormatsXtn },
 #endif
     { ssl_session_ticket_xtn,     &ssl3_ServerHandleSessionTicketXtn },
     { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
     { ssl_next_proto_nego_xtn,    &ssl3_ServerHandleNextProtoNegoXtn },
     { ssl_use_srtp_xtn,           &ssl3_HandleUseSRTPXtn },
     { -1, NULL }
 };
 
 /* These two tables are used by the client, to handle server hello
  * extensions. */
 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = {
     { ssl_server_name_xtn,        &ssl3_HandleServerNameXtn },
     /* TODO: add a handler for ssl_ec_point_formats_xtn */
     { ssl_session_ticket_xtn,     &ssl3_ClientHandleSessionTicketXtn },
     { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
     { ssl_next_proto_nego_xtn,    &ssl3_ClientHandleNextProtoNegoXtn },
-    { ssl_channel_id_xtn,          &ssl3_ClientHandleChannelIDXtn },
+    { ssl_use_srtp_xtn,           &ssl3_HandleUseSRTPXtn },
+    { ssl_channel_id_xtn,         &ssl3_ClientHandleChannelIDXtn },
     { ssl_cert_status_xtn,        &ssl3_ClientHandleStatusRequestXtn },
-    { ssl_use_srtp_xtn,           &ssl3_HandleUseSRTPXtn},
     { -1, NULL }
 };
 
 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = {
     { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
     { -1, NULL }
 };
 
 /* Tables of functions to format TLS hello extensions, one function per
  * extension.
  * These static tables are for the formatting of client hello extensions.
  * The server's table of hello senders is dynamic, in the socket struct,
  * and sender functions are registered there.
  */
 static const 
 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
     { ssl_server_name_xtn,        &ssl3_SendServerNameXtn        },
     { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn },
 #ifdef NSS_ENABLE_ECC
     { ssl_elliptic_curves_xtn,    &ssl3_SendSupportedCurvesXtn },
     { ssl_ec_point_formats_xtn,   &ssl3_SendSupportedPointFormatsXtn },
 #endif
     { ssl_session_ticket_xtn,     &ssl3_SendSessionTicketXtn },
     { ssl_next_proto_nego_xtn,    &ssl3_ClientSendNextProtoNegoXtn },
+    { ssl_use_srtp_xtn,           &ssl3_SendUseSRTPXtn },
     { ssl_channel_id_xtn,         &ssl3_ClientSendChannelIDXtn },
-    { ssl_cert_status_xtn,        &ssl3_ClientSendStatusRequestXtn },
-    { ssl_use_srtp_xtn,           &ssl3_SendUseSRTPXtn }
+    { ssl_cert_status_xtn,        &ssl3_ClientSendStatusRequestXtn }
     /* any extra entries will appear as { 0, NULL }    */
 };
 
 static const 
 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = {
     { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }
     /* any extra entries will appear as { 0, NULL }    */
 };
 
 static PRBool
@@ skipping 514 matching lines @@
     unsigned char        wrapped_ms[SSL3_MASTER_SECRET_LENGTH];
     SECItem              ms_item = {0, NULL, 0};
     SSL3KEAType          effectiveExchKeyType = ssl_kea_null;
     PRUint32             padding_length;
     PRUint32             message_length;
     PRUint32             cert_length;
     uint8                length_buf[4];
     PRUint32             now;
     PK11SymKey          *aes_key_pkcs11;
     PK11SymKey          *mac_key_pkcs11;
+#ifndef NO_PKCS11_BYPASS
     const unsigned char *aes_key;
     const unsigned char *mac_key;
     PRUint32             aes_key_length;
     PRUint32             mac_key_length;
     PRUint64             aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
     AESContext          *aes_ctx;
-    CK_MECHANISM_TYPE    cipherMech = CKM_AES_CBC;
-    PK11Context         *aes_ctx_pkcs11;
     const SECHashObject *hashObj = NULL;
     PRUint64             hmac_ctx_buf[MAX_MAC_CONTEXT_LLONGS];
     HMACContext         *hmac_ctx;
+#endif
+    CK_MECHANISM_TYPE    cipherMech = CKM_AES_CBC;
+    PK11Context         *aes_ctx_pkcs11;
     CK_MECHANISM_TYPE    macMech = CKM_SHA256_HMAC;
     PK11Context         *hmac_ctx_pkcs11;
     unsigned char        computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
     unsigned int         computed_mac_length;
     unsigned char        iv[AES_BLOCK_SIZE];
     SECItem              ivItem;
     SECItem             *srvName = NULL;
     PRUint32             srvNameLen = 0;
     CK_MECHANISM_TYPE    msWrapMech = 0; /* dummy default value,
                                           * must be >= 0 */
 
     SSL_TRC(3, ("%d: SSL3[%d]: send session_ticket handshake",
                 SSL_GETPID(), ss->fd));
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
     PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
 
     ticket.ticket_lifetime_hint = TLS_EX_SESS_TICKET_LIFETIME_HINT;
     cert_length = (ss->opt.requestCertificate && ss->sec.ci.sid->peerCert) ?
         3 + ss->sec.ci.sid->peerCert->derCert.len : 0;
 
     /* Get IV and encryption keys */
     ivItem.data = iv;
     ivItem.len = sizeof(iv);
     rv = PK11_GenerateRandom(iv, sizeof(iv));
     if (rv != SECSuccess) goto loser;
 
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
         rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length,
             &mac_key, &mac_key_length);
-    } else {
+    } else 
+#endif
+    {
         rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11,
             &mac_key_pkcs11);
     }
     if (rv != SECSuccess) goto loser;
 
     if (ss->ssl3.pwSpec->msItem.len && ss->ssl3.pwSpec->msItem.data) {
         /* The master secret is available unwrapped. */
         ms_item.data = ss->ssl3.pwSpec->msItem.data;
         ms_item.len = ss->ssl3.pwSpec->msItem.len;
         ms_is_wrapped = PR_FALSE;
@@ skipping 146 matching lines @@
     PORT_Assert(plaintext.len == padding_length);
     for (i = 0; i < padding_length; i++)
         plaintext.data[i] = (unsigned char)padding_length;
 
     if (SECITEM_AllocItem(NULL, &ciphertext, ciphertext_length) == NULL) {
         rv = SECFailure;
         goto loser;
     }
 
     /* Generate encrypted portion of ticket. */
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
         aes_ctx = (AESContext *)aes_ctx_buf;
         rv = AES_InitContext(aes_ctx, aes_key, aes_key_length, iv, 
             NSS_AES_CBC, 1, AES_BLOCK_SIZE);
         if (rv != SECSuccess) goto loser;
 
         rv = AES_Encrypt(aes_ctx, ciphertext.data, &ciphertext.len,
             ciphertext.len, plaintext_item.data,
             plaintext_item.len);
         if (rv != SECSuccess) goto loser;
-    } else {
+    } else 
+#endif
+    {
         aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech,
             CKA_ENCRYPT, aes_key_pkcs11, &ivItem);
         if (!aes_ctx_pkcs11) 
             goto loser;
 
         rv = PK11_CipherOp(aes_ctx_pkcs11, ciphertext.data,
             (int *)&ciphertext.len, ciphertext.len,
             plaintext_item.data, plaintext_item.len);
         PK11_Finalize(aes_ctx_pkcs11);
         PK11_DestroyContext(aes_ctx_pkcs11, PR_TRUE);
         if (rv != SECSuccess) goto loser;
     }
 
     /* Convert ciphertext length to network order. */
     length_buf[0] = (ciphertext.len >> 8) & 0xff;
     length_buf[1] = (ciphertext.len     ) & 0xff;
 
     /* Compute MAC. */
+#ifndef NO_PKCS11_BYPASS
     if (ss->opt.bypassPKCS11) {
         hmac_ctx = (HMACContext *)hmac_ctx_buf;
         hashObj = HASH_GetRawHashObject(HASH_AlgSHA256);
         if (HMAC_Init(hmac_ctx, hashObj, mac_key,
                 mac_key_length, PR_FALSE) != SECSuccess)
             goto loser;
 
         HMAC_Begin(hmac_ctx);
         HMAC_Update(hmac_ctx, key_name, SESS_TICKET_KEY_NAME_LEN);
         HMAC_Update(hmac_ctx, iv, sizeof(iv));
         HMAC_Update(hmac_ctx, (unsigned char *)length_buf, 2);
         HMAC_Update(hmac_ctx, ciphertext.data, ciphertext.len);
         HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length,
             sizeof(computed_mac));
-    } else {
+    } else 
+#endif
+    {
         SECItem macParam;
         macParam.data = NULL;
         macParam.len = 0;
         hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech,
             CKA_SIGN, mac_key_pkcs11, &macParam);
         if (!hmac_ctx_pkcs11)
             goto loser;
 
         rv = PK11_DigestBegin(hmac_ctx_pkcs11);
         rv = PK11_DigestOp(hmac_ctx_pkcs11, key_name,
@@ skipping 77 matching lines @@
      * instead of terminating the current connection.
      */
     if (data->len == 0) {
         ss->xtnData.emptySessionTicket = PR_TRUE;
     } else {
         int                    i;
         SECItem                extension_data;
         EncryptedSessionTicket enc_session_ticket;
         unsigned char          computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
         unsigned int           computed_mac_length;
+#ifndef NO_PKCS11_BYPASS
         const SECHashObject   *hashObj;
         const unsigned char   *aes_key;
         const unsigned char   *mac_key;
-        PK11SymKey            *aes_key_pkcs11;
-        PK11SymKey            *mac_key_pkcs11;
         PRUint32               aes_key_length;
         PRUint32               mac_key_length;
         PRUint64               hmac_ctx_buf[MAX_MAC_CONTEXT_LLONGS];
         HMACContext           *hmac_ctx;
+        PRUint64               aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
+        AESContext            *aes_ctx;
+#endif
+        PK11SymKey            *aes_key_pkcs11;
+        PK11SymKey            *mac_key_pkcs11;
         PK11Context           *hmac_ctx_pkcs11;
         CK_MECHANISM_TYPE      macMech = CKM_SHA256_HMAC;
-        PRUint64               aes_ctx_buf[MAX_CIPHER_CONTEXT_LLONGS];
-        AESContext            *aes_ctx;
         PK11Context           *aes_ctx_pkcs11;
         CK_MECHANISM_TYPE      cipherMech = CKM_AES_CBC;
         unsigned char *        padding;
         PRUint32               padding_length;
         unsigned char         *buffer;
         unsigned int           buffer_len;
         PRInt32                temp;
         SECItem                cert_item;
         PRInt8                 nameType = TLS_STE_NO_SERVER_NAME;
 
@@ skipping 10 matching lines @@
         }
 
         extension_data.data = data->data; /* Keep a copy for future use. */
         extension_data.len = data->len;
 
         if (ssl3_ParseEncryptedSessionTicket(ss, data, &enc_session_ticket)
             != SECSuccess)
             return SECFailure;
 
         /* Get session ticket keys. */
+#ifndef NO_PKCS11_BYPASS
         if (ss->opt.bypassPKCS11) {
             rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length,
                 &mac_key, &mac_key_length);
-        } else {
+        } else 
+#endif
+    {
             rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11,
                 &mac_key_pkcs11);
         }
         if (rv != SECSuccess) {
             SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.",
                         SSL_GETPID(), ss->fd));
             goto loser;
         }
 
         /* If the ticket sent by the client was generated under a key different
          * from the one we have, bypass ticket processing.
          */
         if (PORT_Memcmp(enc_session_ticket.key_name, key_name,
                 SESS_TICKET_KEY_NAME_LEN) != 0) {
             SSL_DBG(("%d: SSL[%d]: Session ticket key_name sent mismatch.",
                         SSL_GETPID(), ss->fd));
             goto no_ticket;
         }
 
         /* Verify the MAC on the ticket.  MAC verification may also
          * fail if the MAC key has been recently refreshed.
          */
+#ifndef NO_PKCS11_BYPASS
         if (ss->opt.bypassPKCS11) {
             hmac_ctx = (HMACContext *)hmac_ctx_buf;
             hashObj = HASH_GetRawHashObject(HASH_AlgSHA256);
             if (HMAC_Init(hmac_ctx, hashObj, mac_key,
                     sizeof(session_ticket_mac_key), PR_FALSE) != SECSuccess)
                 goto no_ticket;
             HMAC_Begin(hmac_ctx);
             HMAC_Update(hmac_ctx, extension_data.data,
                 extension_data.len - TLS_EX_SESS_TICKET_MAC_LENGTH);
             if (HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length,
                     sizeof(computed_mac)) != SECSuccess)
                 goto no_ticket;
-        } else {
+        } else 
+#endif
+    {
             SECItem macParam;
             macParam.data = NULL;
             macParam.len = 0;
             hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech,
                 CKA_SIGN, mac_key_pkcs11, &macParam);
             if (!hmac_ctx_pkcs11) {
                 SSL_DBG(("%d: SSL[%d]: Unable to create HMAC context: %d.",
                             SSL_GETPID(), ss->fd, PORT_GetError()));
                 goto no_ticket;
             } else {
@@ skipping 23 matching lines @@
         /* We ignore key_name for now.
          * This is ok as MAC verification succeeded.
          */
 
         /* Decrypt the ticket. */
 
         /* Plaintext is shorter than the ciphertext due to padding. */
         decrypted_state = SECITEM_AllocItem(NULL, NULL,
             enc_session_ticket.encrypted_state.len);
 
+#ifndef NO_PKCS11_BYPASS
         if (ss->opt.bypassPKCS11) {
             aes_ctx = (AESContext *)aes_ctx_buf;
             rv = AES_InitContext(aes_ctx, aes_key,
                 sizeof(session_ticket_enc_key), enc_session_ticket.iv,
                 NSS_AES_CBC, 0,AES_BLOCK_SIZE);
             if (rv != SECSuccess) {
                 SSL_DBG(("%d: SSL[%d]: Unable to create AES context.",
                             SSL_GETPID(), ss->fd));
                 goto no_ticket;
             }
 
             rv = AES_Decrypt(aes_ctx, decrypted_state->data,
                 &decrypted_state->len, decrypted_state->len,
                 enc_session_ticket.encrypted_state.data,
                 enc_session_ticket.encrypted_state.len);
             if (rv != SECSuccess)
                 goto no_ticket;
-        } else {
+        } else 
+#endif
+    {
             SECItem ivItem;
             ivItem.data = enc_session_ticket.iv;
             ivItem.len = AES_BLOCK_SIZE;
             aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech,
                 CKA_DECRYPT, aes_key_pkcs11, &ivItem);
             if (!aes_ctx_pkcs11) {
                 SSL_DBG(("%d: SSL[%d]: Unable to create AES context.",
                             SSL_GETPID(), ss->fd));
                 goto no_ticket;
             }
@@ skipping 153 matching lines @@
             /* Copy over parameters. */
             sid->version = parsed_session_ticket->ssl_version;
             sid->u.ssl3.cipherSuite = parsed_session_ticket->cipher_suite;
             sid->u.ssl3.compression = parsed_session_ticket->compression_method;
             sid->authAlgorithm = parsed_session_ticket->authAlgorithm;
             sid->authKeyBits = parsed_session_ticket->authKeyBits;
             sid->keaType = parsed_session_ticket->keaType;
             sid->keaKeyBits = parsed_session_ticket->keaKeyBits;
 
             /* Copy master secret. */
+#ifndef NO_PKCS11_BYPASS
             if (ss->opt.bypassPKCS11 &&
                     parsed_session_ticket->ms_is_wrapped)
                 goto no_ticket;
+#endif
             if (parsed_session_ticket->ms_length >
                     sizeof(sid->u.ssl3.keys.wrapped_master_secret))
                 goto no_ticket;
             PORT_Memcpy(sid->u.ssl3.keys.wrapped_master_secret,
                 parsed_session_ticket->master_secret,
                 parsed_session_ticket->ms_length);
             sid->u.ssl3.keys.wrapped_master_secret_len =
                 parsed_session_ticket->ms_length;
             sid->u.ssl3.exchKeyType = parsed_session_ticket->exchKeyType;
             sid->u.ssl3.masterWrapMech = parsed_session_ticket->msWrapMech;
@@ skipping 348 matching lines @@
     }
 
     return 9;
 }
 
 static SECStatus
 ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
 {
     SECStatus rv;
     SECItem ciphers = {siBuffer, NULL, 0};
-    PRInt16 i;
-    PRInt16 j;
+    PRUint16 i;
+    unsigned int j;
     PRUint16 cipher = 0;
     PRBool found = PR_FALSE;
     SECItem litem;
 
     if (!ss->sec.isServer) {
         /* Client side */
         if (!data->data || !data->len) {
             /* malformed */
             return SECFailure;
         }
@@ skipping 109 matching lines @@
         return SECSuccess;
     }
 
     /* OK, we have a valid cipher and we've selected it */
     ss->ssl3.dtlsSRTPCipherSuite = cipher;
     ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ssl_use_srtp_xtn;
 
     return ssl3_RegisterServerHelloExtensionSender(ss, ssl_use_srtp_xtn,
                                                    ssl3_SendUseSRTPXtn);
 }