diff options
author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-11-12 15:35:45 +0000 |
---|---|---|
committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-11-12 15:35:45 +0000 |
commit | eb857cd5a78120d551cf9040d138515177f21c7c (patch) | |
tree | ddc9e70919468ccd03cd327d27c74ad259d0bd07 /net/third_party | |
parent | a65882cfd89af9fc51fc34781fd9ebfc4978ea4c (diff) | |
download | chromium_src-eb857cd5a78120d551cf9040d138515177f21c7c.zip chromium_src-eb857cd5a78120d551cf9040d138515177f21c7c.tar.gz chromium_src-eb857cd5a78120d551cf9040d138515177f21c7c.tar.bz2 |
NSS: always record the ServerHello data.
Previously, if we predicted a ServerHello (because we were snap
startting), then serverHelloPredictionData was set and we wouldn't
record the actual ServerHello contents in the event of a misprediction.
This meant that we couldn't recover from a misprediction because we
would record the same prediction again.
With this patch, we'll always write to serverHelloPredictionData, even
if we made a prediction.
BUG=none
TEST=snap_start_unittests
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65947 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/third_party')
-rw-r--r-- | net/third_party/nss/ssl/ssl3con.c | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c index d3d2727..c5ea79f 100644 --- a/net/third_party/nss/ssl/ssl3con.c +++ b/net/third_party/nss/ssl/ssl3con.c @@ -5023,20 +5023,20 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length) goto alert_loser; } - if (!ss->ssl3.serverHelloPredictionData.data) { - /* If this allocation fails it will only stop the application from - * recording the ServerHello information and performing future Snap - * Starts. */ - if (SECITEM_AllocItem(NULL, &ss->ssl3.serverHelloPredictionData, - length)) - memcpy(ss->ssl3.serverHelloPredictionData.data, b, length); - /* ss->ssl3.serverHelloPredictionDataValid is still false at this - * point. We have to record the contents of the ServerHello here - * because we don't have a pointer to the whole message when handling - * the extensions. However, we wait until the Snap Start extenion - * handler to recognise that the server supports Snap Start and to set - * serverHelloPredictionDataValid. */ - } + if (ss->ssl3.serverHelloPredictionData.data) + SECITEM_FreeItem(&ss->ssl3.serverHelloPredictionData, PR_FALSE); + + /* If this allocation fails it will only stop the application from + * recording the ServerHello information and performing future Snap + * Starts. */ + if (SECITEM_AllocItem(NULL, &ss->ssl3.serverHelloPredictionData, length)) + memcpy(ss->ssl3.serverHelloPredictionData.data, b, length); + /* ss->ssl3.serverHelloPredictionDataValid is still false at this + * point. We have to record the contents of the ServerHello here + * because we don't have a pointer to the whole message when handling + * the extensions. However, we wait until the Snap Start extension + * handler to recognise that the server supports Snap Start and to set + * serverHelloPredictionDataValid. */ temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length); if (temp < 0) { |