Merge the NSS patch for https://bugzilla.mozilla.org/show_bug.cgi?id=770057.

R=rsleevi@chromium.org BUG=159669 TEST=none Review URL: https://chromiumcodereview.appspot.com/11364140 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@166599 0039d316-1c4b-4281-b951-d872f2087c98
author: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-11-08 04:34:31 +0000
committer: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-11-08 04:34:31 +0000
commit: 548330fa36c1e8f02e3f438b4adde453f6db7df0 (patch)
tree: 56615a0cb72fd1a560427350a615369a2773a916 /net/third_party
parent: 3d05cedd519eac72fb4eb84be40dfc00c3394173 (diff)
download: chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.zip
chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.tar.gz
chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.tar.bz2
6 files changed, 201 insertions, 16 deletions
diff --git a/net/third_party/nss/README.chromium b/net/third_party/nss/README.chromium
index 3b635f0..c5db65b 100644
--- a/net/third_party/nss/README.chromium
+++ b/net/third_party/nss/README.chromium
@@ -104,6 +104,10 @@ Patches:
     https://bugzilla.mozilla.org/show_bug.cgi?id=783448
     patches/renegoclientversion.patch
 
+  * Fix remaining crashes when SSL session caching is off.
+    https://bugzilla.mozilla.org/show_bug.cgi?id=770057
+    patches/checkuncache.patch
+
 Apply the patches to NSS by running the patches/applypatches.sh script.  Read
 the comments at the top of patches/applypatches.sh for instructions.
 
diff --git a/net/third_party/nss/patches/applypatches.sh b/net/third_party/nss/patches/applypatches.sh
index 2ea1845..9d49844 100755
--- a/net/third_party/nss/patches/applypatches.sh
+++ b/net/third_party/nss/patches/applypatches.sh
@@ -53,3 +53,5 @@ patch -p5 < $patches_dir/recordlayerversion.patch
 patch -p5 < $patches_dir/sslprotocolvariant.patch
 
 patch -p5 < $patches_dir/renegoclientversion.patch
+
+patch -p4 < $patches_dir/checkuncache.patch
diff --git a/net/third_party/nss/patches/checkuncache.patch b/net/third_party/nss/patches/checkuncache.patch
new file mode 100644
index 0000000..eb928bb
--- /dev/null
+++ b/net/third_party/nss/patches/checkuncache.patch
@@ -0,0 +1,164 @@
+Index: net/third_party/nss/ssl/sslcon.c
+===================================================================
+--- net/third_party/nss/ssl/sslcon.c	(revision 166543)
++++ net/third_party/nss/ssl/sslcon.c	(working copy)
+@@ -658,7 +658,8 @@
+ 
+ 	if (sent < 0) {
+ 	    /* If send failed, it is now a bogus  session-id */
+-	    (*ss->sec.uncache)(sid);
++	    if (ss->sec.uncache)
++		(*ss->sec.uncache)(sid);
+ 	    rv = (SECStatus)sent;
+ 	} else if (!ss->opt.noCache) {
+ 	    /* Put the sid in session-id cache, (may already be there) */
+@@ -2891,7 +2892,8 @@
+ 	    /* Forget our session-id - server didn't like it */
+ 	    SSL_TRC(7, ("%d: SSL[%d]: server forgot me, uncaching session-id",
+ 			SSL_GETPID(), ss->fd));
+-	    (*ss->sec.uncache)(sid);
++	    if (ss->sec.uncache)
++		(*ss->sec.uncache)(sid);
+ 	    ssl_FreeSID(sid);
+ 	    ss->sec.ci.sid = sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
+ 	    if (!sid) {
+@@ -3065,7 +3067,8 @@
+ 
+ 	/* if we're not doing this SID's protocol any more, drop it. */
+ 	if (!sidVersionEnabled) {
+-	    ss->sec.uncache(sid);
++	    if (ss->sec.uncache)
++		ss->sec.uncache(sid);
+ 	    ssl_FreeSID(sid);
+ 	    sid = NULL;
+ 	    break;
+@@ -3077,7 +3080,8 @@
+ 		    break;
+ 	    }
+ 	    if (i >= ss->sizeCipherSpecs) {
+-		ss->sec.uncache(sid);
++		if (ss->sec.uncache)
++		    ss->sec.uncache(sid);
+ 		ssl_FreeSID(sid);
+ 		sid = NULL;
+ 		break;
+Index: net/third_party/nss/ssl/ssl3ext.c
+===================================================================
+--- net/third_party/nss/ssl/ssl3ext.c	(revision 166543)
++++ net/third_party/nss/ssl/ssl3ext.c	(working copy)
+@@ -1204,7 +1204,8 @@
+ 	 * renegotiation.)
+ 	 */
+ 	if (ss->sec.ci.sid != NULL) {
+-	    ss->sec.uncache(ss->sec.ci.sid);
++	    if (ss->sec.uncache)
++		ss->sec.uncache(ss->sec.ci.sid);
+ 	    ssl_FreeSID(ss->sec.ci.sid);
+ 	    ss->sec.ci.sid = NULL;
+ 	}
+Index: net/third_party/nss/ssl/ssl3con.c
+===================================================================
+--- net/third_party/nss/ssl/ssl3con.c	(revision 166543)
++++ net/third_party/nss/ssl/ssl3con.c	(working copy)
+@@ -2666,7 +2666,8 @@
+ 	 (ss->opt.requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE))) {
+ 	PRFileDesc * lower;
+ 
+-	ss->sec.uncache(ss->sec.ci.sid);
++	if (ss->sec.uncache)
++            ss->sec.uncache(ss->sec.ci.sid);
+ 	SSL3_SendAlert(ss, alert_fatal, bad_certificate);
+ 
+ 	lower = ss->fd->lower;
+@@ -2721,7 +2722,7 @@
+ 
+     ssl_GetSSL3HandshakeLock(ss);
+     if (level == alert_fatal) {
+-	if (ss->sec.ci.sid) {
++	if (!ss->opt.noCache && ss->sec.ci.sid && ss->sec.uncache) {
+ 	    ss->sec.uncache(ss->sec.ci.sid);
+ 	}
+     }
+@@ -2891,8 +2892,10 @@
+     default: 		error = SSL_ERROR_RX_UNKNOWN_ALERT;               break;
+     }
+     if (level == alert_fatal) {
+-	if (!ss->opt.noCache)
+-	    ss->sec.uncache(ss->sec.ci.sid);
++	if (!ss->opt.noCache) {
++	    if (ss->sec.uncache)
++                ss->sec.uncache(ss->sec.ci.sid);
++	}
+ 	if ((ss->ssl3.hs.ws == wait_server_hello) &&
+ 	    (desc == handshake_failure)) {
+ 	    /* XXX This is a hack.  We're assuming that any handshake failure
+@@ -4152,7 +4155,8 @@
+ 
+ 	if (!sidOK) {
+ 	    SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok );
+-	    (*ss->sec.uncache)(sid);
++	    if (ss->sec.uncache)
++                (*ss->sec.uncache)(sid);
+ 	    ssl_FreeSID(sid);
+ 	    sid = NULL;
+ 	}
+@@ -4457,7 +4461,8 @@
+     }
+ 
+     if (sid) {
+-	ss->sec.uncache(sid);
++	if (ss->sec.uncache)
++            ss->sec.uncache(sid);
+ 	ssl_FreeSID(sid);
+ 	ss->sec.ci.sid = NULL;
+     }
+@@ -5588,7 +5593,8 @@
+ 
+     /* throw the old one away */
+     sid->u.ssl3.keys.resumable = PR_FALSE;
+-    (*ss->sec.uncache)(sid);
++    if (ss->sec.uncache)
++        (*ss->sec.uncache)(sid);
+     ssl_FreeSID(sid);
+ 
+     /* get a new sid */
+@@ -6851,7 +6857,8 @@
+ 	      && !ss->firstHsDone))) {
+ 
+ 	    SSL_AtomicIncrementLong(& ssl3stats.hch_sid_cache_not_ok );
+-	    ss->sec.uncache(sid);
++	    if (ss->sec.uncache)
++                ss->sec.uncache(sid);
+ 	    ssl_FreeSID(sid);
+ 	    sid = NULL;
+ 	}
+@@ -6998,7 +7005,8 @@
+ 	}
+ 
+ 	if (ss->sec.ci.sid) {
+-	    ss->sec.uncache(ss->sec.ci.sid);
++	    if (ss->sec.uncache)
++                ss->sec.uncache(ss->sec.ci.sid);
+ 	    PORT_Assert(ss->sec.ci.sid != sid);  /* should be impossible, but ... */
+ 	    if (ss->sec.ci.sid != sid) {
+ 		ssl_FreeSID(ss->sec.ci.sid);
+@@ -7167,7 +7175,8 @@
+ 
+     if (sid) { 	/* we had a sid, but it's no longer valid, free it */
+ 	SSL_AtomicIncrementLong(& ssl3stats.hch_sid_cache_not_ok );
+-	ss->sec.uncache(sid);
++	if (ss->sec.uncache)
++            ss->sec.uncache(sid);
+ 	ssl_FreeSID(sid);
+ 	sid = NULL;
+     }
+@@ -10782,7 +10791,8 @@
+ 	return SECFailure;
+     }
+     if (sid && flushCache) {
+-	ss->sec.uncache(sid);	/* remove it from whichever cache it's in. */
++        if (ss->sec.uncache)
++            ss->sec.uncache(sid); /* remove it from whichever cache it's in. */
+ 	ssl_FreeSID(sid);	/* dec ref count and free if zero. */
+ 	ss->sec.ci.sid = NULL;
+     }
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
index caf9c78..72e0dc1 100644
--- a/net/third_party/nss/ssl/ssl3con.c
+++ b/net/third_party/nss/ssl/ssl3con.c
@@ -2666,7 +2666,8 @@ ssl3_HandleNoCertificate(sslSocket *ss)
 	 (ss->opt.requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE))) {
 	PRFileDesc * lower;
 
-	ss->sec.uncache(ss->sec.ci.sid);
+	if (ss->sec.uncache)
+            ss->sec.uncache(ss->sec.ci.sid);
 	SSL3_SendAlert(ss, alert_fatal, bad_certificate);
 
 	lower = ss->fd->lower;
@@ -2721,7 +2722,7 @@ SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
 
     ssl_GetSSL3HandshakeLock(ss);
     if (level == alert_fatal) {
-	if (ss->sec.ci.sid) {
+	if (!ss->opt.noCache && ss->sec.ci.sid && ss->sec.uncache) {
 	    ss->sec.uncache(ss->sec.ci.sid);
 	}
     }
@@ -2891,8 +2892,10 @@ ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
     default: 		error = SSL_ERROR_RX_UNKNOWN_ALERT;               break;
     }
     if (level == alert_fatal) {
-	if (!ss->opt.noCache)
-	    ss->sec.uncache(ss->sec.ci.sid);
+	if (!ss->opt.noCache) {
+	    if (ss->sec.uncache)
+                ss->sec.uncache(ss->sec.ci.sid);
+	}
 	if ((ss->ssl3.hs.ws == wait_server_hello) &&
 	    (desc == handshake_failure)) {
 	    /* XXX This is a hack.  We're assuming that any handshake failure
@@ -4152,7 +4155,8 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
 
 	if (!sidOK) {
 	    SSL_AtomicIncrementLong(& ssl3stats.sch_sid_cache_not_ok );
-	    (*ss->sec.uncache)(sid);
+	    if (ss->sec.uncache)
+                (*ss->sec.uncache)(sid);
 	    ssl_FreeSID(sid);
 	    sid = NULL;
 	}
@@ -4457,7 +4461,8 @@ ssl3_HandleHelloRequest(sslSocket *ss)
     }
 
     if (sid) {
-	ss->sec.uncache(sid);
+	if (ss->sec.uncache)
+            ss->sec.uncache(sid);
 	ssl_FreeSID(sid);
 	ss->sec.ci.sid = NULL;
     }
@@ -5588,7 +5593,8 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
 
     /* throw the old one away */
     sid->u.ssl3.keys.resumable = PR_FALSE;
-    (*ss->sec.uncache)(sid);
+    if (ss->sec.uncache)
+        (*ss->sec.uncache)(sid);
     ssl_FreeSID(sid);
 
     /* get a new sid */
@@ -6851,7 +6857,8 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
 	      && !ss->firstHsDone))) {
 
 	    SSL_AtomicIncrementLong(& ssl3stats.hch_sid_cache_not_ok );
-	    ss->sec.uncache(sid);
+	    if (ss->sec.uncache)
+                ss->sec.uncache(sid);
 	    ssl_FreeSID(sid);
 	    sid = NULL;
 	}
@@ -6998,7 +7005,8 @@ compression_found:
 	}
 
 	if (ss->sec.ci.sid) {
-	    ss->sec.uncache(ss->sec.ci.sid);
+	    if (ss->sec.uncache)
+                ss->sec.uncache(ss->sec.ci.sid);
 	    PORT_Assert(ss->sec.ci.sid != sid);  /* should be impossible, but ... */
 	    if (ss->sec.ci.sid != sid) {
 		ssl_FreeSID(ss->sec.ci.sid);
@@ -7167,7 +7175,8 @@ compression_found:
 
     if (sid) { 	/* we had a sid, but it's no longer valid, free it */
 	SSL_AtomicIncrementLong(& ssl3stats.hch_sid_cache_not_ok );
-	ss->sec.uncache(sid);
+	if (ss->sec.uncache)
+            ss->sec.uncache(sid);
 	ssl_FreeSID(sid);
 	sid = NULL;
     }
@@ -10782,7 +10791,8 @@ ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache)
 	return SECFailure;
     }
     if (sid && flushCache) {
-	ss->sec.uncache(sid);	/* remove it from whichever cache it's in. */
+        if (ss->sec.uncache)
+            ss->sec.uncache(sid); /* remove it from whichever cache it's in. */
 	ssl_FreeSID(sid);	/* dec ref count and free if zero. */
 	ss->sec.ci.sid = NULL;
     }
diff --git a/net/third_party/nss/ssl/ssl3ext.c b/net/third_party/nss/ssl/ssl3ext.c
index 89d47fe..de14f8d 100644
--- a/net/third_party/nss/ssl/ssl3ext.c
+++ b/net/third_party/nss/ssl/ssl3ext.c
@@ -1204,7 +1204,8 @@ ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type,
 	 * renegotiation.)
 	 */
 	if (ss->sec.ci.sid != NULL) {
-	    ss->sec.uncache(ss->sec.ci.sid);
+	    if (ss->sec.uncache)
+		ss->sec.uncache(ss->sec.ci.sid);
 	    ssl_FreeSID(ss->sec.ci.sid);
 	    ss->sec.ci.sid = NULL;
 	}
diff --git a/net/third_party/nss/ssl/sslcon.c b/net/third_party/nss/ssl/sslcon.c
index 7a469e5..3eab62c 100644
--- a/net/third_party/nss/ssl/sslcon.c
+++ b/net/third_party/nss/ssl/sslcon.c
@@ -658,7 +658,8 @@ ssl2_SendServerFinishedMessage(sslSocket *ss)
 
 	if (sent < 0) {
 	    /* If send failed, it is now a bogus  session-id */
-	    (*ss->sec.uncache)(sid);
+	    if (ss->sec.uncache)
+		(*ss->sec.uncache)(sid);
 	    rv = (SECStatus)sent;
 	} else if (!ss->opt.noCache) {
 	    /* Put the sid in session-id cache, (may already be there) */
@@ -2891,7 +2892,8 @@ ssl2_HandleServerHelloMessage(sslSocket *ss)
 	    /* Forget our session-id - server didn't like it */
 	    SSL_TRC(7, ("%d: SSL[%d]: server forgot me, uncaching session-id",
 			SSL_GETPID(), ss->fd));
-	    (*ss->sec.uncache)(sid);
+	    if (ss->sec.uncache)
+		(*ss->sec.uncache)(sid);
 	    ssl_FreeSID(sid);
 	    ss->sec.ci.sid = sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
 	    if (!sid) {
@@ -3065,7 +3067,8 @@ ssl2_BeginClientHandshake(sslSocket *ss)
 
 	/* if we're not doing this SID's protocol any more, drop it. */
 	if (!sidVersionEnabled) {
-	    ss->sec.uncache(sid);
+	    if (ss->sec.uncache)
+		ss->sec.uncache(sid);
 	    ssl_FreeSID(sid);
 	    sid = NULL;
 	    break;
@@ -3077,7 +3080,8 @@ ssl2_BeginClientHandshake(sslSocket *ss)
 		    break;
 	    }
 	    if (i >= ss->sizeCipherSpecs) {
-		ss->sec.uncache(sid);
+		if (ss->sec.uncache)
+		    ss->sec.uncache(sid);
 		ssl_FreeSID(sid);
 		sid = NULL;
 		break;
author	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-11-08 04:34:31 +0000
committer	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-11-08 04:34:31 +0000
commit	548330fa36c1e8f02e3f438b4adde453f6db7df0 (patch)
tree	56615a0cb72fd1a560427350a615369a2773a916 /net/third_party
parent	3d05cedd519eac72fb4eb84be40dfc00c3394173 (diff)
download	chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.zip chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.tar.gz chromium_src-548330fa36c1e8f02e3f438b4adde453f6db7df0.tar.bz2