net/third_party/nss/patches/reorderextensions.patch - Issue 1882433002: Removing NSS files and USE_OPENSSL flag

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/third_party/nss/patches/reorderextensions.patch

Issue 1882433002: Removing NSS files and USE_OPENSSL flag (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase. Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 diff --git a/lib/ssl/ssl3ext.c b/lib/ssl/ssl3ext.c

2 index 2ffe77b..3b48c9e 100644

3 --- a/lib/ssl/ssl3ext.c

4 +++ b/lib/ssl/ssl3ext.c

5 @@ -336,10 +336,14 @@ static const ssl3HelloExtensionSender clientHelloSendersTL S[SSL_MAX_EXTENSIONS]

6 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn },

7 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn },

8 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },

9 - { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },

10 { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },

11 { ssl_signed_cert_timestamp_xtn, &ssl3_ClientSendSignedCertTimestampXtn } ,

12 { ssl_tls13_key_share_xtn, &tls13_ClientSendKeyShareXtn },

13 + /* Some servers (e.g. WebSphere Application Server 7.0 and Tomcat) will

14 + * time out or terminate the connection if the last extension in the

15 + * client hello is empty. They are not intolerant of TLS 1.2, so list

16 + * signature_algorithms at the end. See bug 1243641. */

17 + { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },

18 /* any extra entries will appear as { 0, NULL } */

19 };

20

21 @@ -2690,9 +2694,11 @@ ssl3_CalculatePaddingExtensionLength(unsigned int clientH elloLength)

22 }

23

24 extensionLength = 512 - recordLength;

25 - /* Extensions take at least four bytes to encode. */

26 - if (extensionLength < 4) {

27 - extensionLength = 4;

28 + /* Extensions take at least four bytes to encode. Always include at least

29 + * one byte of data if including the extension. WebSphere Application

30 + * Server 7.0 is intolerant to the last extension being zero-length. */

31 + if (extensionLength < 4 + 1) {

32 + extensionLength = 4 + 1;

33 }

34

35 return extensionLength;

OLD	NEW

« ios/web/app/web_main_loop.mm ('K') | « net/third_party/nss/patches/nobypass.patch ('k') | net/third_party/nss/patches/restartclientauth.patch » ('j') | no next file with comments »