| Index: net/third_party/nss/patches/aesgcmchromium.patch
|
| diff --git a/net/third_party/nss/patches/aesgcmchromium.patch b/net/third_party/nss/patches/aesgcmchromium.patch
|
| index 8549c35286ef10302131cd1706627665f7cbf616..0cf49a1edc23da711944ac106c819d2690b92e10 100644
|
| --- a/net/third_party/nss/patches/aesgcmchromium.patch
|
| +++ b/net/third_party/nss/patches/aesgcmchromium.patch
|
| @@ -1,7 +1,15 @@
|
| diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
| --- a/nss/lib/ssl/ssl3con.c 2014-01-17 18:04:43.127747463 -0800
|
| +++ b/nss/lib/ssl/ssl3con.c 2014-01-17 18:06:21.919386088 -0800
|
| -@@ -44,6 +44,9 @@
|
| +@@ -8,6 +8,7 @@
|
| +
|
| + /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
|
| +
|
| ++#define _GNU_SOURCE 1
|
| + #include "cert.h"
|
| + #include "ssl.h"
|
| + #include "cryptohi.h" /* for DSAU_ stuff */
|
| +@@ -44,6 +45,9 @@
|
| #ifdef NSS_ENABLE_ZLIB
|
| #include "zlib.h"
|
| #endif
|
| @@ -11,7 +19,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
|
|
| #ifndef PK11_SETATTRS
|
| #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
|
| -@@ -1842,6 +1845,69 @@ ssl3_BuildRecordPseudoHeader(unsigned ch
|
| +@@ -1842,6 +1846,63 @@ ssl3_BuildRecordPseudoHeader(unsigned ch
|
| return 13;
|
| }
|
|
|
| @@ -31,14 +39,8 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
| +#ifdef LINUX
|
| + /* On Linux we use the system NSS libraries. Look up the PK11_Encrypt and
|
| + * PK11_Decrypt functions at run time. */
|
| -+ void *handle = dlopen(NULL, RTLD_LAZY);
|
| -+ if (!handle) {
|
| -+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
| -+ return PR_FAILURE;
|
| -+ }
|
| -+ pk11_encrypt = (PK11CryptFcn)dlsym(handle, "PK11_Encrypt");
|
| -+ pk11_decrypt = (PK11CryptFcn)dlsym(handle, "PK11_Decrypt");
|
| -+ dlclose(handle);
|
| ++ pk11_encrypt = (PK11CryptFcn)dlsym(RTLD_DEFAULT, "PK11_Encrypt");
|
| ++ pk11_decrypt = (PK11CryptFcn)dlsym(RTLD_DEFAULT, "PK11_Decrypt");
|
| + return PR_SUCCESS;
|
| +#else
|
| + /* On other platforms we use our own copy of NSS. PK11_Encrypt and
|
| @@ -81,7 +83,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
| static SECStatus
|
| ssl3_AESGCM(ssl3KeyMaterial *keys,
|
| PRBool doDecrypt,
|
| -@@ -1893,10 +1959,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys,
|
| +@@ -1893,10 +1960,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys,
|
| gcmParams.ulTagBits = tagSize * 8;
|
|
|
| if (doDecrypt) {
|
| @@ -94,7 +96,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
| maxout, in, inlen);
|
| }
|
| *outlen += (int) uOutLen;
|
| -@@ -5103,6 +5169,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBo
|
| +@@ -5103,6 +5170,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBo
|
| ssl3_DisableNonDTLSSuites(ss);
|
| }
|
|
|
| @@ -105,7 +107,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
|
| /* how many suites are permitted by policy and user preference? */
|
| num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);
|
| if (!num_suites) {
|
| -@@ -8080,6 +8150,10 @@ ssl3_HandleClientHello(sslSocket *ss, SS
|
| +@@ -8080,6 +8151,10 @@ ssl3_HandleClientHello(sslSocket *ss, SS
|
| ssl3_DisableNonDTLSSuites(ss);
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 962593002:
Use dlsym(RTLD_DEFAULT) instead of dlsym(dlopen(NULL)) in aesgcmchromium.patch. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master