Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1072)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 66553007: net: don't add padding extension for SSLv3. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/paddingextension.patch ('k') | net/third_party/nss/ssl/ssl3ext.c » ('j') | net/third_party/nss/ssl/ssl3ext.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /* 2 /*
3 * SSL3 Protocol 3 * SSL3 Protocol
4 * 4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public 5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 8
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
10 10
(...skipping 4957 matching lines...) Expand 10 before | Expand all | Expand 10 after
4968 sslSessionID * sid; 4968 sslSessionID * sid;
4969 ssl3CipherSpec * cwSpec; 4969 ssl3CipherSpec * cwSpec;
4970 SECStatus rv; 4970 SECStatus rv;
4971 int i; 4971 int i;
4972 int length; 4972 int length;
4973 int num_suites; 4973 int num_suites;
4974 int actual_count = 0; 4974 int actual_count = 0;
4975 PRBool isTLS = PR_FALSE; 4975 PRBool isTLS = PR_FALSE;
4976 PRBool requestingResume = PR_FALSE; 4976 PRBool requestingResume = PR_FALSE;
4977 PRInt32 total_exten_len = 0; 4977 PRInt32 total_exten_len = 0;
4978 unsigned paddingExtensionLen; 4978 PRInt32 paddingExtensionLen;
wtc 2013/11/11 21:50:33 This variable receives the return value of ssl3_Ca
agl 2013/11/12 16:21:57 Done.
4979 unsigned numCompressionMethods; 4979 unsigned numCompressionMethods;
4980 PRInt32 flags; 4980 PRInt32 flags;
4981 4981
4982 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(), 4982 SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
4983 ss->fd)); 4983 ss->fd));
4984 4984
4985 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) ); 4985 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
4986 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) ); 4986 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
4987 4987
4988 rv = ssl3_InitState(ss); 4988 rv = ssl3_InitState(ss);
(...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after
5241 if (IS_DTLS(ss)) { 5241 if (IS_DTLS(ss)) {
5242 length += 1 + ss->ssl3.hs.cookieLen; 5242 length += 1 + ss->ssl3.hs.cookieLen;
5243 } 5243 }
5244 5244
5245 /* A padding extension may be included to ensure that the record containing 5245 /* A padding extension may be included to ensure that the record containing
5246 * the ClientHello doesn't have a length between 256 and 511 bytes 5246 * the ClientHello doesn't have a length between 256 and 511 bytes
5247 * (inclusive). Initial, ClientHello records with such lengths trigger bugs 5247 * (inclusive). Initial, ClientHello records with such lengths trigger bugs
5248 * in F5 devices. 5248 * in F5 devices.
5249 * 5249 *
5250 * This is not done for DTLS nor for renegotiation. */ 5250 * This is not done for DTLS nor for renegotiation. */
5251 if (!IS_DTLS(ss) && !ss->firstHsDone) { 5251 if (!IS_DTLS(ss) && isTLS && !ss->firstHsDone) {
5252 paddingExtensionLen = ssl3_CalculatePaddingExtensionLength(length); 5252 paddingExtensionLen = ssl3_CalculatePaddingExtensionLength(length);
5253 total_exten_len += paddingExtensionLen; 5253 total_exten_len += paddingExtensionLen;
5254 length += paddingExtensionLen; 5254 length += paddingExtensionLen;
5255 } else { 5255 } else {
5256 paddingExtensionLen = 0; 5256 paddingExtensionLen = 0;
5257 } 5257 }
5258 5258
5259 rv = ssl3_AppendHandshakeHeader(ss, client_hello, length); 5259 rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);
5260 if (rv != SECSuccess) { 5260 if (rv != SECSuccess) {
5261 return rv; /* err set by ssl3_AppendHandshake* */ 5261 return rv; /* err set by ssl3_AppendHandshake* */
(...skipping 7328 matching lines...) Expand 10 before | Expand all | Expand 10 after
12590 PORT_Free(ss->ssl3.hs.recvdFragments.buf); 12590 PORT_Free(ss->ssl3.hs.recvdFragments.buf);
12591 } 12591 }
12592 } 12592 }
12593 12593
12594 ss->ssl3.initialized = PR_FALSE; 12594 ss->ssl3.initialized = PR_FALSE;
12595 12595
12596 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); 12596 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
12597 } 12597 }
12598 12598
12599 /* End of ssl3con.c */ 12599 /* End of ssl3con.c */
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/paddingextension.patch ('k') | net/third_party/nss/ssl/ssl3ext.c » ('j') | net/third_party/nss/ssl/ssl3ext.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698