| Index: net/third_party/nss/ssl/sslreveal.c
|
| diff --git a/net/third_party/nss/ssl/sslreveal.c b/net/third_party/nss/ssl/sslreveal.c
|
| index d97299885d949acd99c9700e55fb4f5f14827bd8..4c124a1dc0c60ee2e2d553fdf352a388deec99ed 100644
|
| --- a/net/third_party/nss/ssl/sslreveal.c
|
| +++ b/net/third_party/nss/ssl/sslreveal.c
|
| @@ -1,4 +1,4 @@
|
| -/*
|
| +/*
|
| * Accessor functions for SSLSocket private members.
|
| *
|
| * This Source Code Form is subject to the terms of the Mozilla Public
|
| @@ -13,100 +13,98 @@
|
| /* given PRFileDesc, returns a copy of certificate associated with the socket
|
| * the caller should delete the cert when done with SSL_DestroyCertificate
|
| */
|
| -CERTCertificate *
|
| -SSL_RevealCert(PRFileDesc * fd)
|
| +CERTCertificate *
|
| +SSL_RevealCert(PRFileDesc *fd)
|
| {
|
| - CERTCertificate * cert = NULL;
|
| - sslSocket * sslsocket = NULL;
|
| -
|
| - sslsocket = ssl_FindSocket(fd);
|
| -
|
| - /* CERT_DupCertificate increases reference count and returns pointer to
|
| - * the same cert
|
| - */
|
| - if (sslsocket && sslsocket->sec.peerCert)
|
| - cert = CERT_DupCertificate(sslsocket->sec.peerCert);
|
| -
|
| - return cert;
|
| + CERTCertificate *cert = NULL;
|
| + sslSocket *sslsocket = NULL;
|
| +
|
| + sslsocket = ssl_FindSocket(fd);
|
| +
|
| + /* CERT_DupCertificate increases reference count and returns pointer to
|
| + * the same cert
|
| + */
|
| + if (sslsocket && sslsocket->sec.peerCert)
|
| + cert = CERT_DupCertificate(sslsocket->sec.peerCert);
|
| +
|
| + return cert;
|
| }
|
|
|
| /* given PRFileDesc, returns a pointer to PinArg associated with the socket
|
| */
|
| -void *
|
| -SSL_RevealPinArg(PRFileDesc * fd)
|
| +void *
|
| +SSL_RevealPinArg(PRFileDesc *fd)
|
| {
|
| - sslSocket * sslsocket = NULL;
|
| - void * PinArg = NULL;
|
| -
|
| - sslsocket = ssl_FindSocket(fd);
|
| -
|
| - /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
|
| - if (sslsocket)
|
| - PinArg = sslsocket->pkcs11PinArg;
|
| -
|
| - return PinArg;
|
| -}
|
| + sslSocket *sslsocket = NULL;
|
| + void *PinArg = NULL;
|
| +
|
| + sslsocket = ssl_FindSocket(fd);
|
|
|
| + /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
|
| + if (sslsocket)
|
| + PinArg = sslsocket->pkcs11PinArg;
|
| +
|
| + return PinArg;
|
| +}
|
|
|
| /* given PRFileDesc, returns a pointer to the URL associated with the socket
|
| * the caller should free url when done
|
| */
|
| -char *
|
| -SSL_RevealURL(PRFileDesc * fd)
|
| +char *
|
| +SSL_RevealURL(PRFileDesc *fd)
|
| {
|
| - sslSocket * sslsocket = NULL;
|
| - char * url = NULL;
|
| -
|
| - sslsocket = ssl_FindSocket(fd);
|
| -
|
| - if (sslsocket && sslsocket->url)
|
| - url = PL_strdup(sslsocket->url);
|
| -
|
| - return url;
|
| -}
|
| + sslSocket *sslsocket = NULL;
|
| + char *url = NULL;
|
| +
|
| + sslsocket = ssl_FindSocket(fd);
|
|
|
| + if (sslsocket && sslsocket->url)
|
| + url = PL_strdup(sslsocket->url);
|
|
|
| -/* given PRFileDesc, returns status information related to extensions
|
| + return url;
|
| +}
|
| +
|
| +/* given PRFileDesc, returns status information related to extensions
|
| * negotiated with peer during the handshake.
|
| */
|
|
|
| SECStatus
|
| -SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
|
| +SSL_HandshakeNegotiatedExtension(PRFileDesc *socket,
|
| SSLExtensionType extId,
|
| PRBool *pYes)
|
| {
|
| - /* some decisions derived from SSL_GetChannelInfo */
|
| - sslSocket * sslsocket = NULL;
|
| -
|
| - if (!pYes) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| - return SECFailure;
|
| - }
|
| -
|
| - sslsocket = ssl_FindSocket(socket);
|
| - if (!sslsocket) {
|
| - SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
|
| - SSL_GETPID(), socket));
|
| - return SECFailure;
|
| - }
|
| -
|
| - *pYes = PR_FALSE;
|
| -
|
| - /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
|
| - if (sslsocket->opt.useSecurity) {
|
| - if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
|
| - /* now we know this socket went through ssl3_InitState() and
|
| - * ss->xtnData got initialized, which is the only member accessed by
|
| - * ssl3_ExtensionNegotiated();
|
| - * Member xtnData appears to get accessed in functions that handle
|
| - * the handshake (hello messages and extension sending),
|
| - * therefore the handshake lock should be sufficient.
|
| - */
|
| - ssl_GetSSL3HandshakeLock(sslsocket);
|
| - *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
|
| - ssl_ReleaseSSL3HandshakeLock(sslsocket);
|
| + /* some decisions derived from SSL_GetChannelInfo */
|
| + sslSocket *sslsocket = NULL;
|
| +
|
| + if (!pYes) {
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + return SECFailure;
|
| + }
|
| +
|
| + sslsocket = ssl_FindSocket(socket);
|
| + if (!sslsocket) {
|
| + SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
|
| + SSL_GETPID(), socket));
|
| + return SECFailure;
|
| + }
|
| +
|
| + *pYes = PR_FALSE;
|
| +
|
| + /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
|
| + if (sslsocket->opt.useSecurity) {
|
| + if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
|
| + /* now we know this socket went through ssl3_InitState() and
|
| + * ss->xtnData got initialized, which is the only member accessed by
|
| + * ssl3_ExtensionNegotiated();
|
| + * Member xtnData appears to get accessed in functions that handle
|
| + * the handshake (hello messages and extension sending),
|
| + * therefore the handshake lock should be sufficient.
|
| + */
|
| + ssl_GetSSL3HandshakeLock(sslsocket);
|
| + *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
|
| + ssl_ReleaseSSL3HandshakeLock(sslsocket);
|
| + }
|
| }
|
| - }
|
|
|
| - return SECSuccess;
|
| + return SECSuccess;
|
| }
|
|
|
Chromium Code Reviews
Issue 1844813002:
Uprev NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master