Fix crash when an SSL key-log file couldn't be opened.

BUG=none
TEST=`SSLKEYLOGFILE=/ ./out/Release/chrome` shouldn't crash.


Review URL: https://chromiumcodereview.appspot.com/10636062

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@144495 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 38 insertions, 4 deletions

diff --git a/net/third_party/nss/README.chromium b/net/third_party/nss/README.chromium
index b16bb66..fd4238f 100644
--- a/net/third_party/nss/README.chromium
+++ b/net/third_party/nss/README.chromium
@@ -72,6 +72,7 @@ Patches:
   * Move SSL keylogging out from behind the TRACE and DEBUG defines and add
     support for CLIENT_RANDOM keylogging to support ECDHE-RSA and others.
     patches/keylog.patch
+    https://bugzilla.mozilla.org/show_bug.cgi?id=762763
 
   * SSL_GetChannelInfo and SSL_GetNegotiatedHostInfo should use cwSpec
     instead of crSpec to support False Start.
@@ -81,6 +82,9 @@ Patches:
   * Add support for extracting the tls-unique channel binding value
     patches/tlsunique.patch
 
+  * Don't crash when the SSL keylog file cannot be opened.
+    patches/sslkeylogerror.patch
+
 Apply the patches to NSS by running the patches/applypatches.sh script.  Read
 the comments at the top of patches/applypatches.sh for instructions.
 
diff --git a/net/third_party/nss/patches/applypatches.sh b/net/third_party/nss/patches/applypatches.sh
index d0500c5..b586613 100755
--- a/net/third_party/nss/patches/applypatches.sh
+++ b/net/third_party/nss/patches/applypatches.sh
@@ -45,3 +45,5 @@ patch -p4 < $patches_dir/keylog.patch
 patch -p4 < $patches_dir/getchannelinfo.patch
 
 patch -p4 < $patches_dir/tlsunique.patch
+
+patch -p4 < $patches_dir/sslkeylogerror.patch
diff --git a/net/third_party/nss/patches/sslkeylogerror.patch b/net/third_party/nss/patches/sslkeylogerror.patch
new file mode 100644
index 0000000..7dd57c2
--- /dev/null
+++ b/net/third_party/nss/patches/sslkeylogerror.patch
@@ -0,0 +1,24 @@
+diff --git a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock.c
+index 1823a1c..2a93dae 100644
+--- a/net/third_party/nss/ssl/sslsock.c
++++ b/net/third_party/nss/ssl/sslsock.c
+@@ -2934,11 +2934,15 @@ ssl_SetDefaultsFromEnvironment(void)
+ 	ev = getenv("SSLKEYLOGFILE");
+ 	if (ev && ev[0]) {
+ 	    ssl_keylog_iob = fopen(ev, "a");
+-	    if (ftell(ssl_keylog_iob) == 0) {
+-		fputs("# SSL/TLS secrets log file, generated by NSS\n",
+-		      ssl_keylog_iob);
++	    if (!ssl_keylog_iob) {
++		SSL_TRACE(("Failed to open key log file"));
++	    } else {
++		if (ftell(ssl_keylog_iob) == 0) {
++		    fputs("# SSL/TLS secrets log file, generated by NSS\n",
++			  ssl_keylog_iob);
++		}
++		SSL_TRACE(("SSL: logging pre-master secrets to %s", ev));
+ 	    }
+-	    SSL_TRACE(("SSL: logging pre-master secrets to %s", ev));
+ 	}
+ 	ev = getenv("SSLBYPASS");
+ 	if (ev && ev[0]) {
diff --git a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock.c
index 1823a1c..2a93dae 100644
--- a/net/third_party/nss/ssl/sslsock.c
+++ b/net/third_party/nss/ssl/sslsock.c
@@ -2934,11 +2934,15 @@ ssl_SetDefaultsFromEnvironment(void)
 	ev = getenv("SSLKEYLOGFILE");
 	if (ev && ev[0]) {
 	    ssl_keylog_iob = fopen(ev, "a");
-	    if (ftell(ssl_keylog_iob) == 0) {
-		fputs("# SSL/TLS secrets log file, generated by NSS\n",
-		      ssl_keylog_iob);
+	    if (!ssl_keylog_iob) {
+		SSL_TRACE(("Failed to open key log file"));
+	    } else {
+		if (ftell(ssl_keylog_iob) == 0) {
+		    fputs("# SSL/TLS secrets log file, generated by NSS\n",
+			  ssl_keylog_iob);
+		}
+		SSL_TRACE(("SSL: logging pre-master secrets to %s", ev));
 	    }
-	    SSL_TRACE(("SSL: logging pre-master secrets to %s", ev));
 	}
 	ev = getenv("SSLBYPASS");
 	if (ev && ev[0]) {