Checking again for: NSS_3_3_4_1_BRANCH
authorchristophe.ravel.bugs%sun.com
Thu, 18 Aug 2005 18:32:17 +0000
branchNSS_3_3_4_1_BRANCH
changeset 6017 4e125e049abd83215da6b42fc84dcda38ddbd394
parent 5976 40c8810025f823bea367c9b1e48b126f021624be
child 6022 b64744e212fb5c36a714bd3d28104e627b8f3233
push idunknown
push userunknown
push dateunknown
bugs6289081
Checking again for: Backport from NSS 3.4 to NSS 3.3.4.x. Checkins to directory mozilla/security/nss /lib/ssl by relyea* between 2001-12-05 00:00 and 2001-12-07 00:00 r+: Saul Edwards sr+: Nelson Bolyard Note: there is no bug for this fix on Bugzilla. 6289081
security/nss/lib/certhigh/certvfy.c
security/nss/lib/nss/nss.h
security/nss/lib/ssl/authcert.c
security/nss/lib/ssl/emulate.c
security/nss/lib/ssl/ssl3con.c
security/nss/lib/ssl/ssldef.c
security/nss/lib/ssl/sslsock.c
--- a/security/nss/lib/certhigh/certvfy.c
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -648,17 +648,17 @@ CERT_VerifyCertChain(CERTCertDBHandle *h
 	int i;
 
 	/* Construct a list of names for the current and all previous certifcates 
 	   to be verified against the name constraints extension of the issuer
 	   certificate. */
 	subjectNameList = CERT_GetCertificateNames(subjectCert, arena);
 	subjectNameListLen = CERT_GetNamesLength(subjectNameList);
 	for (i = 0; i < subjectNameListLen; i++) {
-	    if (namesIndexLen < namesCount + i) {
+            if (namesIndexLen <= namesCount + i) {
 		namesIndexLen = namesIndexLen * 2;
 		namesIndex = (SECItem *) PORT_Realloc(namesIndex, namesIndexLen * 
 						       sizeof(SECItem));
 		if (namesIndex == NULL) {
 		    goto loser;
 		}
 	    }
 	    rv = SECITEM_CopyItem(arena, &(namesIndex[namesCount + i]), &(subjectCert->derSubject));
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -44,17 +44,17 @@ SEC_BEGIN_PROTOS
 
 /*
  * NSS's major version, minor version, patch level, and whether
  * this is a beta release.
  *
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>] [<Beta>]"
  */
-#define NSS_VERSION  "3.3.4.6"
+#define NSS_VERSION  "3.3.4.7"
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   3
 #define NSS_VPATCH   4
 #define NSS_BETA     PR_FALSE
 
 
 /*
  * Return a boolean that indicates whether the underlying library
--- a/security/nss/lib/ssl/authcert.c
+++ b/security/nss/lib/ssl/authcert.c
@@ -54,18 +54,18 @@
  */
 SECStatus 
 NSS_GetClientAuthData(void *                       arg, 
                       PRFileDesc *                 socket, 
 		      struct CERTDistNamesStr *    caNames, 
 		      struct CERTCertificateStr ** pRetCert, 
 		      struct SECKEYPrivateKeyStr **pRetKey)
 {
-  CERTCertificate *  cert;
-  SECKEYPrivateKey * privkey;
+  CERTCertificate *  cert = NULL;
+  SECKEYPrivateKey * privkey = NULL;
   char *             chosenNickName = (char *)arg;    /* CONST */
   void *             proto_win  = NULL;
   SECStatus          rv         = SECFailure;
   
   proto_win = SSL_RevealPinArg(socket);
   
   if (chosenNickName) {
     cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
--- a/security/nss/lib/ssl/emulate.c
+++ b/security/nss/lib/ssl/emulate.c
@@ -197,17 +197,17 @@ done:
 PRInt32 
 ssl_EmulateTransmitFile(    PRFileDesc *        sd, 
 			    PRFileDesc *        fd,
 			    const void *        headers, 
 			    PRInt32             hlen, 
 			    PRTransmitFileFlags flags,
 			    PRIntervalTime      timeout)
 {
-    void *            addr;
+    void *            addr = NULL;
     PRFileMap *       mapHandle = NULL;
     PRInt32           count     = 0;
     PRInt32           index     = 0;
     PRInt32           len	= 0;
     PRInt32           rv;
     struct PRFileInfo info;
     struct PRIOVec    iov[2];
 
@@ -456,17 +456,17 @@ done:
  *
  */
 #define SENDFILE_MMAP_CHUNK    (256 * 1024)
 
 PRInt32 
 ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
                     PRTransmitFileFlags flags, PRIntervalTime timeout)
 {
-    void *            addr;
+    void *            addr = NULL;
     PRFileMap *       mapHandle  	= NULL;
     PRInt32           count 		= 0;
     PRInt32           file_bytes;
     PRInt32           index 		= 0;
     PRInt32           len;
     PRInt32           rv;
     PRUint32          addr_offset;
     PRUint32          file_mmap_offset;
@@ -524,16 +524,22 @@ ssl_EmulateSendFile(PRFileDesc *sd, PRSe
 
         /* number of initial bytes to skip in mmap'd segment */
         addr_offset = sfd->file_offset - file_mmap_offset;
         PR_ASSERT(addr_offset > 0);
         mmap_len = PR_MIN(file_bytes + addr_offset, SENDFILE_MMAP_CHUNK);
         len      = mmap_len - addr_offset;
     }
     /*
+     * filebytes is negative or SENDFILE_MMAP_CHUNK is less than pagesize.
+     * assert so we catch problems in debug builds.
+     */
+    PR_ASSERT(len >= 0);
+
+    /*
      * Map in (part of) file. Take care of zero-length files.
      */
     if (len > 0) {
 	mapHandle = PR_CreateFileMap(sfd->fd, info.size, PR_PROT_READONLY);
 	if (!mapHandle) {
 	    count = -1;
 	    goto done;
 	}
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -439,19 +439,19 @@ ssl3_config_match_init(sslSocket *ss)
 	    }
 	    cipher_alg=bulk_cipher_defs[cipher_def->bulk_cipher_alg ].calg;
 	    exchKeyType =
 	    	    kea_defs[cipher_def->key_exchange_alg].exchKeyType;
 
 	    /* Mark the suites that are backed by real tokens, certs and keys */
 	    suite->isPresent = (PRBool)
 		(((exchKeyType == kt_null) ||
-		    (!isServer || (ss->serverKey[exchKeyType] &&
+                    ((!isServer || (ss->serverKey[exchKeyType] &&
 				   ss->serverCertChain[exchKeyType])) &&
-		    PK11_TokenExists(kea_alg_defs[exchKeyType])) &&
+                    PK11_TokenExists(kea_alg_defs[exchKeyType]))) &&
 		((cipher_alg == calg_null) || PK11_TokenExists(cipher_alg)));
 	    if (suite->isPresent)
 	    	++numPresent;
 	}
     }
     PORT_Assert(numPresent > 0 || numEnabled == 0);
     if (numPresent <= 0) {
 	PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
@@ -2917,16 +2917,20 @@ ssl_UnwrapSymWrappingKey(
 	PK11_FreeSymKey(Ks);
 	break;
 
     case kt_rsa:
 	unwrappedWrappingKey =
 	    PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
 				 masterWrapMech, CKA_UNWRAP, 0);
 	break;
+    default:
+        /* Assert? */
+        SET_ERROR_CODE
+        goto loser;
     }
 loser:
     return unwrappedWrappingKey;
 }
 
 /* Each process sharing the server session ID cache has its own array of
  * SymKey pointers for the symmetric wrapping keys that are used to wrap
  * the master secrets.  There is one key for each KEA type.  These Symkeys
@@ -2949,17 +2953,17 @@ getWrappingKey( sslSocket *       ss,
                 CK_MECHANISM_TYPE masterWrapMech,
 	        void *            pwArg)
 {
     CERTCertificate *        svrCert;
     SECKEYPrivateKey *       svrPrivKey;
     SECKEYPublicKey *        svrPubKey             = NULL;
     PK11SymKey *             unwrappedWrappingKey  = NULL;
     PK11SymKey **            pSymWrapKey;
-    CK_MECHANISM_TYPE        asymWrapMechanism;
+    CK_MECHANISM_TYPE        asymWrapMechanism = CKM_INVALID_MECHANISM;
     int                      length;
     int                      symWrapMechIndex;
     SECStatus                rv;
     SECItem                  wrappedKey;
     SSLWrappedSymWrappingKey wswk;
 
     static PZLock *          symWrapKeysLock;
     static ssl3SymWrapKey    symWrapKeys[SSL_NUM_WRAP_MECHS];
@@ -3085,16 +3089,18 @@ no_wrapped_key:
 	break;
     }
 
     if (rv != SECSuccess) {
 	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
 	goto loser;
     }
 
+    PORT_Assert(asymWrapMechanism != CKM_INVALID_MECHANISM);
+
     wswk.symWrapMechanism  = masterWrapMech;
     wswk.symWrapMechIndex  = symWrapMechIndex;
     wswk.asymWrapMechanism = asymWrapMechanism;
     wswk.exchKeyType       = exchKeyType;
     wswk.wrappedSymKeyLen  = wrappedKey.len;
 
     /* put it on disk. */
     /* If the wrapping key for this KEA type has already been set, 
@@ -3481,17 +3487,17 @@ loser:
 	CERT_DestroyCertificate(ccert);
     return privKeaKey;
 }
 
 /* Called from ssl3_SendClientKeyExchange().  */
 static SECStatus
 sendFortezzaClientKeyExchange(sslSocket * ss, SECKEYPublicKey * serverKey)
 {
-    ssl3CipherSpec *	pwSpec;
+    ssl3CipherSpec *    pwSpec = NULL;
     sslSessionID *	sid 		= ss->sec->ci.sid;
     PK11SlotInfo *	slot		= NULL;
     PK11SymKey *	pms 		= NULL;
     PK11SymKey *	tek		= NULL;
     PK11SymKey *	client_write_key = NULL;
     PK11SymKey *	server_write_key = NULL;
     SECKEYPrivateKey *	privKeaKey 	= NULL;
     void *		pwArg 		= ss->pkcs11PinArg;
--- a/security/nss/lib/ssl/ssldef.c
+++ b/security/nss/lib/ssl/ssldef.c
@@ -36,18 +36,20 @@
  */
 
 #include "cert.h"
 #include "ssl.h"
 #include "sslimpl.h"
 
 #if defined(WIN32)
 #define MAP_ERROR(from,to) if (err == from) { PORT_SetError(to); }
+#define DEFINE_ERROR       PRErrorCode err = PR_GetError();
 #else
 #define MAP_ERROR(from,to)
+#define DEFINE_ERROR
 #endif
 
 int ssl_DefConnect(sslSocket *ss, const PRNetAddr *sa)
 {
     PRFileDesc *lower = ss->fd->lower;
     int rv;
 
     rv = lower->methods->connect(lower, sa, ss->cTimeout);
@@ -83,17 +85,17 @@ int ssl_DefShutdown(sslSocket *ss, int h
 
 int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
 {
     PRFileDesc *lower = ss->fd->lower;
     int rv;
 
     rv = lower->methods->recv(lower, (void *)buf, len, flags, ss->rTimeout);
     if (rv < 0) {
-	PRErrorCode err = PR_GetError();
+        DEFINE_ERROR
 	MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
     } else if (rv > len) {
 	PORT_Assert(rv <= len);
 	PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
 	rv = SECFailure;
     }
     return rv;
 }
@@ -147,17 +149,17 @@ int ssl_DefSend(sslSocket *ss, const uns
 
 int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len)
 {
     PRFileDesc *lower = ss->fd->lower;
     int rv;
 
     rv = lower->methods->read(lower, (void *)buf, len);
     if (rv < 0) {
-	PRErrorCode err = PR_GetError();
+        DEFINE_ERROR
 	MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
     }
     return rv;
 }
 
 int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len)
 {
     PRFileDesc *lower = ss->fd->lower;
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -301,17 +301,19 @@ void
 ssl_FreeSocket(sslSocket *ss)
 {
     /* "i" should be of type SSLKEAType, but CC on IRIX complains during
      * the for loop.
      */
     int        i;
 
     sslSocket *fs;
+#ifdef DEBUG
     sslSocket  lSock;
+#endif
 
 /* Get every lock you can imagine!
 ** Caller already holds these:
 **  SSL_LOCK_READER(ss);
 **  SSL_LOCK_WRITER(ss);
 */
     ssl_Get1stHandshakeLock(ss);
     ssl_GetRecvBufLock(ss);