diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-09 12:52:55 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-09 12:52:55 +0000 |
| commit | d557d0c5bec757abca6d545b5b49b3852f78ba06 (patch) | |
| tree | e160fb89a15f11a0fe68928879c8230bc94180b3 | |
| parent | dd8f21b81610f49699ae92fe2a21563b444c676b (diff) | |
| download | chromium_src-d557d0c5bec757abca6d545b5b49b3852f78ba06.zip chromium_src-d557d0c5bec757abca6d545b5b49b3852f78ba06.tar.gz chromium_src-d557d0c5bec757abca6d545b5b49b3852f78ba06.tar.bz2 | |
Use NSSRWLock instead of PRRWLock in sslSessionID. This avoids the bugs
in the lock rank checking code in PRRWLock.
Remove the suppression for the memory leak in _PR_SET_THREAD_RWLOCK_RANK.
R=agl@chromium.org,thestig@chromium.org
BUG=124445,331625
TEST=none
Review URL: https://codereview.chromium.org/129413003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@243875 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | net/third_party/nss/README.chromium | 5 | ||||
| -rwxr-xr-x | net/third_party/nss/patches/applypatches.sh | 2 | ||||
| -rw-r--r-- | net/third_party/nss/patches/nssrwlock.patch | 235 | ||||
| -rw-r--r-- | net/third_party/nss/ssl/ssl3con.c | 42 | ||||
| -rw-r--r-- | net/third_party/nss/ssl/sslimpl.h | 2 | ||||
| -rw-r--r-- | net/third_party/nss/ssl/sslnonce.c | 8 | ||||
| -rw-r--r-- | tools/valgrind/memcheck/suppressions.txt | 10 |
7 files changed, 268 insertions, 36 deletions
diff --git a/net/third_party/nss/README.chromium b/net/third_party/nss/README.chromium index 3c56e99..0f970f7 100644 --- a/net/third_party/nss/README.chromium +++ b/net/third_party/nss/README.chromium @@ -106,6 +106,11 @@ Patches: https://code.google.com/p/chromium/issues/detail?id=326011 patches/sslnoncestatics.patch + * Use NSSRWLock instead of PRRWLock in sslSessionID. This avoids the bugs + in the lock rank checking code in PRRWLock. + patches/nssrwlock.patch + https://bugzilla.mozilla.org/show_bug.cgi?id=957812 + Apply the patches to NSS by running the patches/applypatches.sh script. Read the comments at the top of patches/applypatches.sh for instructions. diff --git a/net/third_party/nss/patches/applypatches.sh b/net/third_party/nss/patches/applypatches.sh index cf7c83c..2b45728 100755 --- a/net/third_party/nss/patches/applypatches.sh +++ b/net/third_party/nss/patches/applypatches.sh @@ -52,3 +52,5 @@ patch -p4 < $patches_dir/fallbackscsv.patch patch -p4 < $patches_dir/sessioncache.patch patch -p4 < $patches_dir/sslnoncestatics.patch + +patch -p4 < $patches_dir/nssrwlock.patch diff --git a/net/third_party/nss/patches/nssrwlock.patch b/net/third_party/nss/patches/nssrwlock.patch new file mode 100644 index 0000000..854a594 --- /dev/null +++ b/net/third_party/nss/patches/nssrwlock.patch @@ -0,0 +1,235 @@ +diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c +--- a/nss/lib/ssl/ssl3con.c 2014-01-07 14:31:44.537621503 -0800 ++++ b/nss/lib/ssl/ssl3con.c 2014-01-08 15:00:02.814706742 -0800 +@@ -5211,7 +5211,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + * the lock across the calls to ssl3_CallHelloExtensionSenders. + */ + if (sid->u.ssl3.lock) { +- PR_RWLock_Rlock(sid->u.ssl3.lock); ++ NSSRWLock_LockRead(sid->u.ssl3.lock); + } + + if (isTLS || (ss->firstHsDone && ss->peerRequestedProtection)) { +@@ -5220,7 +5220,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + + extLen = ssl3_CallHelloExtensionSenders(ss, PR_FALSE, maxBytes, NULL); + if (extLen < 0) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return SECFailure; + } + maxBytes -= extLen; +@@ -5248,7 +5248,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + /* how many suites are permitted by policy and user preference? */ + num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); + if (!num_suites) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return SECFailure; /* count_cipher_suites has set error code. */ + } + +@@ -5293,7 +5293,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + + rv = ssl3_AppendHandshakeHeader(ss, client_hello, length); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + +@@ -5312,21 +5312,21 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2); + } + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + + if (!resending) { /* Don't re-generate if we are in DTLS re-sending mode */ + rv = ssl3_GetNewRandom(&ss->ssl3.hs.client_random); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by GetNewRandom. */ + } + } + rv = ssl3_AppendHandshake(ss, &ss->ssl3.hs.client_random, + SSL3_RANDOM_LENGTH); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + +@@ -5336,7 +5336,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + else + rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + +@@ -5344,14 +5344,14 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + rv = ssl3_AppendHandshakeVariable( + ss, ss->ssl3.hs.cookie, ss->ssl3.hs.cookieLen, 1); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + } + + rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + +@@ -5360,7 +5360,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, + sizeof(ssl3CipherSuite)); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + actual_count++; +@@ -5369,7 +5369,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, + sizeof(ssl3CipherSuite)); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + actual_count++; +@@ -5379,7 +5379,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) { + actual_count++; + if (actual_count > num_suites) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + /* set error card removal/insertion error */ + PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); + return SECFailure; +@@ -5387,7 +5387,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, + sizeof(ssl3CipherSuite)); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + } +@@ -5398,14 +5398,14 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + * the server.. */ + if (actual_count != num_suites) { + /* Card removal/insertion error */ +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); + return SECFailure; + } + + rv = ssl3_AppendHandshakeNumber(ss, numCompressionMethods, 1); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + for (i = 0; i < compressionMethodsCount; i++) { +@@ -5413,7 +5413,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + continue; + rv = ssl3_AppendHandshakeNumber(ss, compressions[i], 1); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by ssl3_AppendHandshake* */ + } + } +@@ -5424,20 +5424,20 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + + rv = ssl3_AppendHandshakeNumber(ss, maxBytes, 2); + if (rv != SECSuccess) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return rv; /* err set by AppendHandshake. */ + } + + extLen = ssl3_CallHelloExtensionSenders(ss, PR_TRUE, maxBytes, NULL); + if (extLen < 0) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return SECFailure; + } + maxBytes -= extLen; + + extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes); + if (extLen < 0) { +- if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } ++ if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } + return SECFailure; + } + maxBytes -= extLen; +@@ -5446,7 +5446,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo + } + + if (sid->u.ssl3.lock) { +- PR_RWLock_Unlock(sid->u.ssl3.lock); ++ NSSRWLock_UnlockRead(sid->u.ssl3.lock); + } + + if (ss->xtnData.sentSessionTicketInClientHello) { +diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h +--- a/nss/lib/ssl/sslimpl.h 2014-01-07 14:31:44.537621503 -0800 ++++ b/nss/lib/ssl/sslimpl.h 2014-01-08 15:00:02.804706578 -0800 +@@ -728,7 +728,7 @@ struct sslSessionIDStr { + * cached. Before then, there is no need to lock anything because + * the sid isn't being shared by anything. + */ +- PRRWLock *lock; ++ NSSRWLock *lock; + + /* The lock must be held while reading or writing these members + * because they change while the sid is cached. +diff -pu a/nss/lib/ssl/sslnonce.c b/nss/lib/ssl/sslnonce.c +--- a/nss/lib/ssl/sslnonce.c 2014-01-07 14:31:44.547621666 -0800 ++++ b/nss/lib/ssl/sslnonce.c 2014-01-08 15:00:02.814706742 -0800 +@@ -138,7 +138,7 @@ ssl_DestroySID(sslSessionID *sid) + } + + if (sid->u.ssl3.lock) { +- PR_DestroyRWLock(sid->u.ssl3.lock); ++ NSSRWLock_Destroy(sid->u.ssl3.lock); + } + } + +@@ -314,7 +314,7 @@ CacheSID(sslSessionID *sid) + PRINT_BUF(8, (0, "sessionID:", + sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); + +- sid->u.ssl3.lock = PR_NewRWLock(PR_RWLOCK_RANK_NONE, NULL); ++ sid->u.ssl3.lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL); + if (!sid->u.ssl3.lock) { + return; + } +@@ -454,7 +454,7 @@ ssl3_SetSIDSessionTicket(sslSessionID *s + * yet, so no locking is needed. + */ + if (sid->u.ssl3.lock) { +- PR_RWLock_Wlock(sid->u.ssl3.lock); ++ NSSRWLock_LockWrite(sid->u.ssl3.lock); + + /* A server might have sent us an empty ticket, which has the + * effect of clearing the previously known ticket. +@@ -473,6 +473,6 @@ ssl3_SetSIDSessionTicket(sslSessionID *s + newSessionTicket->ticket.len = 0; + + if (sid->u.ssl3.lock) { +- PR_RWLock_Unlock(sid->u.ssl3.lock); ++ NSSRWLock_UnlockWrite(sid->u.ssl3.lock); + } + } diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c index 2e38178..ba370a5 100644 --- a/net/third_party/nss/ssl/ssl3con.c +++ b/net/third_party/nss/ssl/ssl3con.c @@ -5211,7 +5211,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) * the lock across the calls to ssl3_CallHelloExtensionSenders. */ if (sid->u.ssl3.lock) { - PR_RWLock_Rlock(sid->u.ssl3.lock); + NSSRWLock_LockRead(sid->u.ssl3.lock); } if (isTLS || (ss->firstHsDone && ss->peerRequestedProtection)) { @@ -5220,7 +5220,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) extLen = ssl3_CallHelloExtensionSenders(ss, PR_FALSE, maxBytes, NULL); if (extLen < 0) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return SECFailure; } maxBytes -= extLen; @@ -5248,7 +5248,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) /* how many suites are permitted by policy and user preference? */ num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); if (!num_suites) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return SECFailure; /* count_cipher_suites has set error code. */ } @@ -5293,7 +5293,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeHeader(ss, client_hello, length); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } @@ -5312,21 +5312,21 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2); } if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } if (!resending) { /* Don't re-generate if we are in DTLS re-sending mode */ rv = ssl3_GetNewRandom(&ss->ssl3.hs.client_random); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by GetNewRandom. */ } } rv = ssl3_AppendHandshake(ss, &ss->ssl3.hs.client_random, SSL3_RANDOM_LENGTH); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } @@ -5336,7 +5336,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) else rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } @@ -5344,14 +5344,14 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeVariable( ss, ss->ssl3.hs.cookie, ss->ssl3.hs.cookieLen, 1); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } } rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } @@ -5360,7 +5360,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, sizeof(ssl3CipherSuite)); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } actual_count++; @@ -5369,7 +5369,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV, sizeof(ssl3CipherSuite)); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } actual_count++; @@ -5379,7 +5379,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) { actual_count++; if (actual_count > num_suites) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } /* set error card removal/insertion error */ PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); return SECFailure; @@ -5387,7 +5387,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite, sizeof(ssl3CipherSuite)); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } } @@ -5398,14 +5398,14 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) * the server.. */ if (actual_count != num_suites) { /* Card removal/insertion error */ - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); return SECFailure; } rv = ssl3_AppendHandshakeNumber(ss, numCompressionMethods, 1); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } for (i = 0; i < compressionMethodsCount; i++) { @@ -5413,7 +5413,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) continue; rv = ssl3_AppendHandshakeNumber(ss, compressions[i], 1); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by ssl3_AppendHandshake* */ } } @@ -5424,20 +5424,20 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) rv = ssl3_AppendHandshakeNumber(ss, maxBytes, 2); if (rv != SECSuccess) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return rv; /* err set by AppendHandshake. */ } extLen = ssl3_CallHelloExtensionSenders(ss, PR_TRUE, maxBytes, NULL); if (extLen < 0) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return SECFailure; } maxBytes -= extLen; extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes); if (extLen < 0) { - if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); } + if (sid->u.ssl3.lock) { NSSRWLock_UnlockRead(sid->u.ssl3.lock); } return SECFailure; } maxBytes -= extLen; @@ -5446,7 +5446,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) } if (sid->u.ssl3.lock) { - PR_RWLock_Unlock(sid->u.ssl3.lock); + NSSRWLock_UnlockRead(sid->u.ssl3.lock); } if (ss->xtnData.sentSessionTicketInClientHello) { diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h index 8c01f9e..89a3b8e 100644 --- a/net/third_party/nss/ssl/sslimpl.h +++ b/net/third_party/nss/ssl/sslimpl.h @@ -728,7 +728,7 @@ struct sslSessionIDStr { * cached. Before then, there is no need to lock anything because * the sid isn't being shared by anything. */ - PRRWLock *lock; + NSSRWLock *lock; /* The lock must be held while reading or writing these members * because they change while the sid is cached. diff --git a/net/third_party/nss/ssl/sslnonce.c b/net/third_party/nss/ssl/sslnonce.c index 700912c..105ce9f 100644 --- a/net/third_party/nss/ssl/sslnonce.c +++ b/net/third_party/nss/ssl/sslnonce.c @@ -138,7 +138,7 @@ ssl_DestroySID(sslSessionID *sid) } if (sid->u.ssl3.lock) { - PR_DestroyRWLock(sid->u.ssl3.lock); + NSSRWLock_Destroy(sid->u.ssl3.lock); } } @@ -314,7 +314,7 @@ CacheSID(sslSessionID *sid) PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); - sid->u.ssl3.lock = PR_NewRWLock(PR_RWLOCK_RANK_NONE, NULL); + sid->u.ssl3.lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL); if (!sid->u.ssl3.lock) { return; } @@ -454,7 +454,7 @@ ssl3_SetSIDSessionTicket(sslSessionID *sid, * yet, so no locking is needed. */ if (sid->u.ssl3.lock) { - PR_RWLock_Wlock(sid->u.ssl3.lock); + NSSRWLock_LockWrite(sid->u.ssl3.lock); /* A server might have sent us an empty ticket, which has the * effect of clearing the previously known ticket. @@ -473,6 +473,6 @@ ssl3_SetSIDSessionTicket(sslSessionID *sid, newSessionTicket->ticket.len = 0; if (sid->u.ssl3.lock) { - PR_RWLock_Unlock(sid->u.ssl3.lock); + NSSRWLock_UnlockWrite(sid->u.ssl3.lock); } } diff --git a/tools/valgrind/memcheck/suppressions.txt b/tools/valgrind/memcheck/suppressions.txt index 10703220..77fce2e 100644 --- a/tools/valgrind/memcheck/suppressions.txt +++ b/tools/valgrind/memcheck/suppressions.txt @@ -3780,16 +3780,6 @@ fun:_ZN11webkit_glue16WebURLLoaderImpl18loadAsynchronouslyERKN5blink13WebURLRequestEPNS1_18WebURLLoaderClientE } { - bug_124445 - Memcheck:Leak - fun:calloc - fun:PR_Calloc - ... - fun:_ZN3net18SSLClientSocketNSS4Core11DoHandshakeEv - ... - fun:_ZN8remoting8protocol21AuthenticatorTestBase14RunChannelAuthEb -} -{ bug_124488 Memcheck:Leak fun:malloc |