Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1308)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/tlsunique.patch

Issue 142283002: Update net/third_party/nss to NSS_3_15_5_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Fix applypatches.sh mistakes Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/tls12chromium.patch ('k') | net/third_party/nss/ssl/ssl.h » ('j') | net/third_party/nss/ssl/ssl.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c 1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-03 19:39:28.442012014 -0800 2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-17 17:59:03.242109996 -0800
3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-03 19:39:45.052283611 -0800 3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-17 17:59:45.862816905 -0800
4 @@ -12358,6 +12358,68 @@ ssl3_InitSocketPolicy(sslSocket *ss) 4 @@ -12383,6 +12383,68 @@ ssl3_InitSocketPolicy(sslSocket *ss)
5 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites); 5 PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);
6 } 6 }
7 7
8 +SECStatus 8 +SECStatus
9 +ssl3_GetTLSUniqueChannelBinding(sslSocket *ss, 9 +ssl3_GetTLSUniqueChannelBinding(sslSocket *ss,
10 + unsigned char *out, 10 + unsigned char *out,
11 + unsigned int *outLen, 11 + unsigned int *outLen,
12 + unsigned int outLenMax) { 12 + unsigned int outLenMax) {
13 + PRBool isTLS; 13 + PRBool isTLS;
14 + int index = 0; 14 + int index = 0;
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 + 64 +
65 +loser: 65 +loser:
66 + ssl_ReleaseSSL3HandshakeLock(ss); 66 + ssl_ReleaseSSL3HandshakeLock(ss);
67 + return rv; 67 + return rv;
68 +} 68 +}
69 + 69 +
70 /* ssl3_config_match_init must have already been called by 70 /* ssl3_config_match_init must have already been called by
71 * the caller of this function. 71 * the caller of this function.
72 */ 72 */
73 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h 73 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
74 --- a/nss/lib/ssl/ssl.h»2014-01-03 19:39:28.442012014 -0800 74 --- a/nss/lib/ssl/ssl.h»2014-01-17 17:59:03.242109996 -0800
75 +++ b/nss/lib/ssl/ssl.h»2014-01-03 19:39:45.052283611 -0800 75 +++ b/nss/lib/ssl/ssl.h»2014-01-17 17:59:45.862816905 -0800
76 @@ -252,6 +252,27 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDe 76 @@ -282,6 +282,27 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDe
77 SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy); 77 SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
78 SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy); 78 SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
79 79
80 +/* SSLChannelBindingType enumerates the types of supported channel binding 80 +/* SSLChannelBindingType enumerates the types of supported channel binding
81 + * values. See RFC 5929. */ 81 + * values. See RFC 5929. */
82 +typedef enum SSLChannelBindingType { 82 +typedef enum SSLChannelBindingType {
83 + SSL_CHANNEL_BINDING_TLS_UNIQUE = 1, 83 + SSL_CHANNEL_BINDING_TLS_UNIQUE = 1,
84 +} SSLChannelBindingType; 84 +} SSLChannelBindingType;
85 + 85 +
86 +/* SSL_GetChannelBinding copies the requested channel binding value, as defined 86 +/* SSL_GetChannelBinding copies the requested channel binding value, as defined
87 + * in RFC 5929, into |out|. The full length of the binding value is written 87 + * in RFC 5929, into |out|. The full length of the binding value is written
88 + * into |*outLen|. 88 + * into |*outLen|.
89 + * 89 + *
90 + * At most |outLenMax| bytes of data are copied. If |outLenMax| is 90 + * At most |outLenMax| bytes of data are copied. If |outLenMax| is
91 + * insufficient then the function returns SECFailure and sets the error to 91 + * insufficient then the function returns SECFailure and sets the error to
92 + * SEC_ERROR_OUTPUT_LEN, but |*outLen| is still set. 92 + * SEC_ERROR_OUTPUT_LEN, but |*outLen| is still set.
93 + * 93 + *
94 + * This call will fail if made during a renegotiation. */ 94 + * This call will fail if made during a renegotiation. */
95 +SSL_IMPORT SECStatus SSL_GetChannelBinding(PRFileDesc *fd, 95 +SSL_IMPORT SECStatus SSL_GetChannelBinding(PRFileDesc *fd,
96 + SSLChannelBindingType binding_type, 96 + SSLChannelBindingType binding_type,
97 + unsigned char *out, 97 + unsigned char *out,
98 + unsigned int *outLen, 98 + unsigned int *outLen,
99 + unsigned int outLenMax); 99 + unsigned int outLenMax);
100 + 100 +
101 /* SSL Version Range API 101 /* SSL Version Range API
102 ** 102 **
103 ** This API should be used to control SSL 3.0 & TLS support instead of the 103 ** This API should be used to control SSL 3.0 & TLS support instead of the
104 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h 104 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
105 --- a/nss/lib/ssl/sslimpl.h» 2014-01-03 19:39:28.452012178 -0800 105 --- a/nss/lib/ssl/sslimpl.h» 2014-01-17 17:59:03.242109996 -0800
106 +++ b/nss/lib/ssl/sslimpl.h» 2014-01-03 19:39:45.072283939 -0800 106 +++ b/nss/lib/ssl/sslimpl.h» 2014-01-17 17:59:45.862816905 -0800
107 @@ -1844,6 +1844,11 @@ extern PRBool ssl_GetSessionTicketKeysPK 107 @@ -1853,6 +1853,11 @@ extern PRBool ssl_GetSessionTicketKeysPK
108 extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char* data, 108 extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char* data,
109 unsigned int length); 109 unsigned int length);
110 110
111 +extern SECStatus ssl3_GetTLSUniqueChannelBinding(sslSocket *ss, 111 +extern SECStatus ssl3_GetTLSUniqueChannelBinding(sslSocket *ss,
112 + unsigned char *out, 112 + unsigned char *out,
113 + unsigned int *outLen, 113 + unsigned int *outLen,
114 + unsigned int outLenMax); 114 + unsigned int outLenMax);
115 + 115 +
116 /* Construct a new NSPR socket for the app to use */ 116 /* Construct a new NSPR socket for the app to use */
117 extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd); 117 extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd);
118 extern void ssl_FreePRSocket(PRFileDesc *fd); 118 extern void ssl_FreePRSocket(PRFileDesc *fd);
119 diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c 119 diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
120 --- a/nss/lib/ssl/sslsock.c» 2014-01-03 19:39:28.452012178 -0800 120 --- a/nss/lib/ssl/sslsock.c» 2014-01-17 17:59:03.252110162 -0800
121 +++ b/nss/lib/ssl/sslsock.c» 2014-01-03 19:39:45.092284267 -0800 121 +++ b/nss/lib/ssl/sslsock.c» 2014-01-17 17:59:45.872817074 -0800
122 @@ -1286,6 +1286,27 @@ NSS_SetFrancePolicy(void) 122 @@ -1308,6 +1308,27 @@ NSS_SetFrancePolicy(void)
123 return NSS_SetDomesticPolicy(); 123 return NSS_SetDomesticPolicy();
124 } 124 }
125 125
126 +SECStatus 126 +SECStatus
127 +SSL_GetChannelBinding(PRFileDesc *fd, 127 +SSL_GetChannelBinding(PRFileDesc *fd,
128 + SSLChannelBindingType binding_type, 128 + SSLChannelBindingType binding_type,
129 + unsigned char *out, 129 + unsigned char *out,
130 + unsigned int *outLen, 130 + unsigned int *outLen,
131 + unsigned int outLenMax) { 131 + unsigned int outLenMax) {
132 + sslSocket *ss = ssl_FindSocket(fd); 132 + sslSocket *ss = ssl_FindSocket(fd);
133 + 133 +
134 + if (!ss) { 134 + if (!ss) {
135 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelBinding", 135 + SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelBinding",
136 + SSL_GETPID(), fd)); 136 + SSL_GETPID(), fd));
137 + return SECFailure; 137 + return SECFailure;
138 + } 138 + }
139 + 139 +
140 + if (binding_type != SSL_CHANNEL_BINDING_TLS_UNIQUE) { 140 + if (binding_type != SSL_CHANNEL_BINDING_TLS_UNIQUE) {
141 + PORT_SetError(PR_INVALID_ARGUMENT_ERROR); 141 + PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
142 + return SECFailure; 142 + return SECFailure;
143 + } 143 + }
144 + 144 +
145 + return ssl3_GetTLSUniqueChannelBinding(ss, out, outLen, outLenMax); 145 + return ssl3_GetTLSUniqueChannelBinding(ss, out, outLen, outLenMax);
146 +} 146 +}
147 147
148 148
149 /* LOCKS ??? XXX */ 149 /* LOCKS ??? XXX */
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/tls12chromium.patch ('k') | net/third_party/nss/ssl/ssl.h » ('j') | net/third_party/nss/ssl/ssl.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698