Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(375)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/patches/cipherorder.patch

Issue 1844813002: Uprev NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: One more GN fix Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/patches/channelid.patch ('k') | net/third_party/nss/patches/clientauth.patch » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/cipherorder.patch
diff --git a/net/third_party/nss/patches/cipherorder.patch b/net/third_party/nss/patches/cipherorder.patch
index eb15be7b73551c22785868cab03bba37f88bd27a..26e83261f7f84d42fbad349c474f0d597076f904 100644
--- a/net/third_party/nss/patches/cipherorder.patch
+++ b/net/third_party/nss/patches/cipherorder.patch
@@ -1,5 +1,5 @@
diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h
-index db09425..437a822 100644
+index 3550580..70665a1 100644
--- a/lib/ssl/ssl.h
+++ b/lib/ssl/ssl.h
@@ -387,6 +387,13 @@ SSL_IMPORT SECStatus SSL_DHEGroupPrefSet(PRFileDesc *fd,
@@ -17,10 +17,10 @@ index db09425..437a822 100644
* values. See RFC 5929. */
typedef enum SSLChannelBindingType {
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
-index 5c09f25..572bba9 100644
+index d7d186a..b100b9b 100644
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
-@@ -13390,6 +13390,46 @@ SSL_SignatureMaxCount() {
+@@ -13797,6 +13797,46 @@ SSL_SignatureMaxCount()
return MAX_SIGNATURE_ALGORITHMS;
}
@@ -32,33 +32,33 @@ index 5c09f25..572bba9 100644
+ unsigned int i, done;
+
+ for (i = done = 0; i < len; i++) {
-+ PRUint16 id = ciphers[i];
-+ unsigned int existingIndex, j;
-+ PRBool found = PR_FALSE;
++ PRUint16 id = ciphers[i];
++ unsigned int existingIndex, j;
++ PRBool found = PR_FALSE;
+
-+ for (j = done; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
-+ if (ss->cipherSuites[j].cipher_suite == id) {
-+ existingIndex = j;
-+ found = PR_TRUE;
-+ break;
-+ }
-+ }
++ for (j = done; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
++ if (ss->cipherSuites[j].cipher_suite == id) {
++ existingIndex = j;
++ found = PR_TRUE;
++ break;
++ }
++ }
+
-+ if (!found) {
-+ continue;
-+ }
++ if (!found) {
++ continue;
++ }
+
-+ if (existingIndex != done) {
-+ const ssl3CipherSuiteCfg temp = ss->cipherSuites[done];
-+ ss->cipherSuites[done] = ss->cipherSuites[existingIndex];
-+ ss->cipherSuites[existingIndex] = temp;
-+ }
-+ done++;
++ if (existingIndex != done) {
++ const ssl3CipherSuiteCfg temp = ss->cipherSuites[done];
++ ss->cipherSuites[done] = ss->cipherSuites[existingIndex];
++ ss->cipherSuites[existingIndex] = temp;
++ }
++ done++;
+ }
+
+ /* Disable all cipher suites that weren't included. */
+ for (; done < ssl_V3_SUITES_IMPLEMENTED; done++) {
-+ ss->cipherSuites[done].enabled = 0;
++ ss->cipherSuites[done].enabled = 0;
+ }
+
+ return SECSuccess;
@@ -68,23 +68,23 @@ index 5c09f25..572bba9 100644
void
ssl3_InitSocketPolicy(sslSocket *ss)
diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h
-index 080debe..3403091 100644
+index c0e3a0b..f56ab53 100644
--- a/lib/ssl/sslimpl.h
+++ b/lib/ssl/sslimpl.h
-@@ -1786,6 +1786,8 @@ extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool
+@@ -1835,6 +1835,8 @@ extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool
extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *on);
extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled);
extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled);
+extern SECStatus ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *cipher,
-+ unsigned int len);
++ unsigned int len);
extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
-index 28e3543..8ad1517 100644
+index e312d82..e82c916 100644
--- a/lib/ssl/sslsock.c
+++ b/lib/ssl/sslsock.c
-@@ -1369,6 +1369,19 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
+@@ -1500,6 +1500,19 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
}
SECStatus
@@ -93,9 +93,9 @@ index 28e3543..8ad1517 100644
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
-+ SSL_DBG(("%d: SSL[%d]: bad socket in CipherOrderSet", SSL_GETPID(),
-+ fd));
-+ return SECFailure;
++ SSL_DBG(("%d: SSL[%d]: bad socket in CipherOrderSet", SSL_GETPID(),
++ fd));
++ return SECFailure;
+ }
+ return ssl3_CipherOrderSet(ss, ciphers, len);
+}
@@ -103,4 +103,4 @@ index 28e3543..8ad1517 100644
+SECStatus
SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
{
- SECStatus rv;
+ SECStatus rv;
« no previous file with comments | « net/third_party/nss/patches/channelid.patch ('k') | net/third_party/nss/patches/clientauth.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698