Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(795)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/cipherorder.patch

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/third_party/nss/patches/channelid.patch ('k') | net/third_party/nss/patches/clientauth.patch » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
2 --- a/nss/lib/ssl/ssl3con.c 2014-01-17 18:45:24.378132013 -0800
3 +++ b/nss/lib/ssl/ssl3con.c 2014-01-17 18:46:29.929216162 -0800
4 @@ -12540,6 +12540,46 @@ ssl3_CipherPrefGet(sslSocket *ss, ssl3Ci
5 return rv;
6 }
7
8 +SECStatus
9 +ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciphers, unsigned int len)
10 +{
11 + /* |i| iterates over |ciphers| while |done| and |j| iterate over
12 + * |ss->cipherSuites|. */
13 + unsigned int i, done;
14 +
15 + for (i = done = 0; i < len; i++) {
16 + PRUint16 id = ciphers[i];
17 + unsigned int existingIndex, j;
18 + PRBool found = PR_FALSE;
19 +
20 + for (j = done; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
21 + if (ss->cipherSuites[j].cipher_suite == id) {
22 + existingIndex = j;
23 + found = PR_TRUE;
24 + break;
25 + }
26 + }
27 +
28 + if (!found) {
29 + continue;
30 + }
31 +
32 + if (existingIndex != done) {
33 + const ssl3CipherSuiteCfg temp = ss->cipherSuites[done];
34 + ss->cipherSuites[done] = ss->cipherSuites[existingIndex];
35 + ss->cipherSuites[existingIndex] = temp;
36 + }
37 + done++;
38 + }
39 +
40 + /* Disable all cipher suites that weren't included. */
41 + for (; done < ssl_V3_SUITES_IMPLEMENTED; done++) {
42 + ss->cipherSuites[done].enabled = 0;
43 + }
44 +
45 + return SECSuccess;
46 +}
47 +
48 /* copy global default policy into socket. */
49 void
50 ssl3_InitSocketPolicy(sslSocket *ss)
51 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
52 --- a/nss/lib/ssl/ssl.h 2014-01-17 18:45:24.378132013 -0800
53 +++ b/nss/lib/ssl/ssl.h 2014-01-17 18:46:29.929216162 -0800
54 @@ -285,6 +285,13 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDe
55 SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
56 SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
57
58 +/* SSL_CipherOrderSet sets the cipher suite preference order from |ciphers|,
59 + * which must be an array of cipher suite ids of length |len|. All the given
60 + * cipher suite ids must appear in the array that is returned by
61 + * |SSL_GetImplementedCiphers| and may only appear once, at most. */
62 +SSL_IMPORT SECStatus SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers ,
63 + unsigned int len);
64 +
65 /* SSLChannelBindingType enumerates the types of supported channel binding
66 * values. See RFC 5929. */
67 typedef enum SSLChannelBindingType {
68 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
69 --- a/nss/lib/ssl/sslimpl.h 2014-01-17 18:45:24.378132013 -0800
70 +++ b/nss/lib/ssl/sslimpl.h 2014-01-17 18:46:29.929216162 -0800
71 @@ -1743,6 +1743,8 @@ extern SECStatus ssl3_CipherPrefSet(sslS
72 extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBoo l *on);
73 extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enable d);
74 extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabl ed);
75 +extern SECStatus ssl3_CipherOrderSet(sslSocket *ss, const ssl3CipherSuite *ciph er,
76 + unsigned int len);
77
78 extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
79 extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
80 diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
81 --- a/nss/lib/ssl/sslsock.c 2014-01-17 18:45:24.378132013 -0800
82 +++ b/nss/lib/ssl/sslsock.c 2014-01-17 18:46:29.929216162 -0800
83 @@ -1278,6 +1278,19 @@ SSL_CipherPrefSet(PRFileDesc *fd, PRInt3
84 return rv;
85 }
86
87 +SECStatus
88 +SSL_CipherOrderSet(PRFileDesc *fd, const PRUint16 *ciphers, unsigned int len)
89 +{
90 + sslSocket *ss = ssl_FindSocket(fd);
91 +
92 + if (!ss) {
93 + SSL_DBG(("%d: SSL[%d]: bad socket in CipherOrderSet", SSL_GETPID(),
94 + fd));
95 + return SECFailure;
96 + }
97 + return ssl3_CipherOrderSet(ss, ciphers, len);
98 +}
99 +
100 SECStatus
101 SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
102 {
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/channelid.patch ('k') | net/third_party/nss/patches/clientauth.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698