net/third_party/nss/ssl/ssl3con.c - Issue 62103003: NSS: add `balloon' extension to when we might hit the F5 bug.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/ssl/ssl3con.c

Issue 62103003: NSS: add `balloon' extension to when we might hit the F5 bug. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/third_party/nss/README.chromium ('K') | « net/third_party/nss/patches/balloonextension.patch ('k') | net/third_party/nss/ssl/ssl3ext.c » ('j') | net/third_party/nss/ssl/ssl3ext.c » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/third_party/nss/ssl/ssl3con.c

diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c

index 8b8b758c0b47c50fb1b55a51658bf84ee3493a9b..f5b973b2fbd64206bdc9d653f6c1e490275c0a97 100644

--- a/net/third_party/nss/ssl/ssl3con.c

+++ b/net/third_party/nss/ssl/ssl3con.c

@@ -4974,7 +4974,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)

int actual_count = 0;

PRBool isTLS = PR_FALSE;

PRBool requestingResume = PR_FALSE;

- PRInt32 total_exten_len = 0;

+ PRInt32 total_exten_len = 0, balloonExtensionLen;

unsigned numCompressionMethods;

PRInt32 flags;

@@ -5241,6 +5241,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)

length += 1 + ss->ssl3.hs.cookieLen;

}

+ balloonExtensionLen = ssl3_CalculateBalloonExtensionLength(length);

+ total_exten_len += balloonExtensionLen;

+ length += balloonExtensionLen;

wtc 2013/11/06 21:51:58 This workaround should be disabled if IS_DTLS(ss)

wtc 2013/11/06 22:25:07 This workaround can also be turned off for renegot

agl 2013/11/08 19:39:17 Done. I've tested various sizes of renegotiation

wtc 2013/11/08 20:10:06 Thank you for the experiments. I guess they don't

rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);

if (rv != SECSuccess) {

return rv; /* err set by ssl3_AppendHandshake* */

@@ -5360,6 +5364,13 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)

return SECFailure;

}

maxBytes -= extLen;

+ extLen = ssl3_AppendBalloonExtension(ss, balloonExtensionLen, maxBytes);

+ if (extLen < 0) {

+ return SECFailure;

+ }

+ maxBytes -= extLen;

PORT_Assert(!maxBytes);

}

if (ss->ssl3.hs.sendingSCSV) {

« net/third_party/nss/README.chromium ('K') | « net/third_party/nss/patches/balloonextension.patch ('k') | net/third_party/nss/ssl/ssl3ext.c » ('j') | net/third_party/nss/ssl/ssl3ext.c » ('J')