OLD | NEW |
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
2 --- a/nss/lib/ssl/ssl3con.c 2013-07-31 12:45:11.497944276 -0700 | 2 --- a/nss/lib/ssl/ssl3con.c 2013-07-31 12:45:11.497944276 -0700 |
3 +++ b/nss/lib/ssl/ssl3con.c 2013-07-31 12:51:32.663550380 -0700 | 3 +++ b/nss/lib/ssl/ssl3con.c 2013-07-31 12:51:32.663550380 -0700 |
4 @@ -55,6 +55,7 @@ static SECStatus ssl3_SendCertificateSta | 4 @@ -55,6 +55,7 @@ static SECStatus ssl3_SendCertificateSta |
5 static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss); | 5 static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss); |
6 static SECStatus ssl3_SendCertificateRequest(sslSocket *ss); | 6 static SECStatus ssl3_SendCertificateRequest(sslSocket *ss); |
7 static SECStatus ssl3_SendNextProto( sslSocket *ss); | 7 static SECStatus ssl3_SendNextProto( sslSocket *ss); |
8 +static SECStatus ssl3_SendEncryptedExtensions(sslSocket *ss); | 8 +static SECStatus ssl3_SendEncryptedExtensions(sslSocket *ss); |
9 static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags); | 9 static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags); |
10 static SECStatus ssl3_SendServerHello( sslSocket *ss); | 10 static SECStatus ssl3_SendServerHello( sslSocket *ss); |
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
144 + rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); | 144 + rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); |
145 + if (rv != SECSuccess) | 145 + if (rv != SECSuccess) |
146 + goto loser; /* error code set by AppendHandshake */ | 146 + goto loser; /* error code set by AppendHandshake */ |
147 + rv = ssl3_AppendHandshakeNumber(ss, CHANNEL_ID_LENGTH, 2); | 147 + rv = ssl3_AppendHandshakeNumber(ss, CHANNEL_ID_LENGTH, 2); |
148 + if (rv != SECSuccess) | 148 + if (rv != SECSuccess) |
149 + goto loser; /* error code set by AppendHandshake */ | 149 + goto loser; /* error code set by AppendHandshake */ |
150 + | 150 + |
151 + spki = SECKEY_EncodeDERSubjectPublicKeyInfo(ss->ssl3.channelIDPub); | 151 + spki = SECKEY_EncodeDERSubjectPublicKeyInfo(ss->ssl3.channelIDPub); |
152 + | 152 + |
153 + if (spki->len != sizeof(P256_SPKI_PREFIX) + CHANNEL_ID_PUBLIC_KEY_LENGTH || | 153 + if (spki->len != sizeof(P256_SPKI_PREFIX) + CHANNEL_ID_PUBLIC_KEY_LENGTH || |
154 +» memcmp(spki->data, P256_SPKI_PREFIX, sizeof(P256_SPKI_PREFIX) != 0)) { | 154 +» memcmp(spki->data, P256_SPKI_PREFIX, sizeof(P256_SPKI_PREFIX)) != 0) { |
155 + PORT_SetError(SSL_ERROR_INVALID_CHANNEL_ID_KEY); | 155 + PORT_SetError(SSL_ERROR_INVALID_CHANNEL_ID_KEY); |
156 + rv = SECFailure; | 156 + rv = SECFailure; |
157 + goto loser; | 157 + goto loser; |
158 + } | 158 + } |
159 + | 159 + |
160 + pub_bytes = spki->data + sizeof(P256_SPKI_PREFIX); | 160 + pub_bytes = spki->data + sizeof(P256_SPKI_PREFIX); |
161 + | 161 + |
162 + memcpy(signed_data, CHANNEL_ID_MAGIC, sizeof(CHANNEL_ID_MAGIC)); | 162 + memcpy(signed_data, CHANNEL_ID_MAGIC, sizeof(CHANNEL_ID_MAGIC)); |
163 + memcpy(signed_data + sizeof(CHANNEL_ID_MAGIC), hashes.u.raw, hashes.len); | 163 + memcpy(signed_data + sizeof(CHANNEL_ID_MAGIC), hashes.u.raw, hashes.len); |
164 + | 164 + |
(...skipping 419 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
584 ssl_session_ticket_xtn = 35, | 584 ssl_session_ticket_xtn = 35, |
585 ssl_next_proto_nego_xtn = 13172, | 585 ssl_next_proto_nego_xtn = 13172, |
586 + ssl_channel_id_xtn = 30031, | 586 + ssl_channel_id_xtn = 30031, |
587 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ | 587 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ |
588 } SSLExtensionType; | 588 } SSLExtensionType; |
589 | 589 |
590 -#define SSL_MAX_EXTENSIONS 9 | 590 -#define SSL_MAX_EXTENSIONS 9 |
591 +#define SSL_MAX_EXTENSIONS 10 | 591 +#define SSL_MAX_EXTENSIONS 10 |
592 | 592 |
593 #endif /* __sslt_h_ */ | 593 #endif /* __sslt_h_ */ |
OLD | NEW |