Do not crash if Server SID cache is uninitialized. Bug 237724 r=Julien
authornelsonb%netscape.com
Wed, 09 Mar 2005 05:20:44 +0000
changeset 5523 5666b52d3423044db3d5c3e1c060067c72b3a9b2
parent 5521 996e1c2994b309d0b68cf2dcd030da7057504492 (current diff)
parent 5522 ffdeff9fc3828824d6ba027bc489220f7288fa6a (diff)
child 5525 d678bd5c27dab5c93ffd31c1d0704a1bc9203e2d
push idunknown
push userunknown
push dateunknown
reviewersJulien
bugs237724
Do not crash if Server SID cache is uninitialized. Bug 237724 r=Julien Instead, if SSL_NO_CACHE is not set, return an error code.
security/nss/cmd/lib/SSLerrs.h
security/nss/lib/ssl/ssl3con.c
security/nss/lib/ssl/sslerr.h
security/nss/lib/ssl/sslsnce.c
--- a/security/nss/cmd/lib/SSLerrs.h
+++ b/security/nss/cmd/lib/SSLerrs.h
@@ -362,8 +362,11 @@ ER3(SSL_ERROR_INTERNAL_ERROR_ALERT      
 "Peer reports it experienced an internal error.")
 
 ER3(SSL_ERROR_USER_CANCELED_ALERT         , (SSL_ERROR_BASE + 101),
 "Peer user canceled handshake.")
 
 ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT      , (SSL_ERROR_BASE + 102),
 "Peer does not permit renegotiation of SSL security parameters.")
 
+ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103),
+"SSL server cache not configured and not disabled for this socket.")
+
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -5582,18 +5582,23 @@ ssl3_HandleClientHello(sslSocket *ss, SS
     }
 
     if (sidBytes.len > 0 && !ss->noCache) {
 	SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
                     SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
 		    ss->sec.ci.peer.pr_s6_addr32[1], 
 		    ss->sec.ci.peer.pr_s6_addr32[2],
 		    ss->sec.ci.peer.pr_s6_addr32[3]));
-	sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sidBytes.data, sidBytes.len,
-	                        ss->dbHandle);
+	if (ssl_sid_lookup) {
+	    sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sidBytes.data, 
+	                            sidBytes.len, ss->dbHandle);
+    	} else {
+	    errCode = SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED;
+	    goto loser;
+	}
     }
     SECITEM_FreeItem(&sidBytes, PR_FALSE);
 
     /* grab the list of cipher suites. */
     rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
     if (rv != SECSuccess) {
 	goto loser;		/* malformed */
     }
@@ -8016,17 +8021,22 @@ xmit_loser:
 	PK11_FreeSymKey(wrappingKey);
     }
     ssl_ReleaseSpecReadLock(ss);  /*************************************/
 
     /* If the wrap failed, we don't cache the sid.
      * The connection continues normally however.
      */
     if (!ss->noCache && rv == SECSuccess) {
-	(*ss->sec.cache)(sid);
+	if (ss->sec.cache) {
+	    (*ss->sec.cache)(sid);
+    	} else {
+	    PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
+	    return SECFailure;
+	}
     }
   }
     ss->ssl3->hs.ws = idle_handshake;
 
     /* Do the handshake callback for sslv3 here. */
     if (ss->handshakeCallback != NULL) {
 	(ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
     }
--- a/security/nss/lib/ssl/sslerr.h
+++ b/security/nss/lib/ssl/sslerr.h
@@ -179,13 +179,15 @@ SSL_ERROR_DECODE_ERROR_ALERT		= (SSL_ERR
 SSL_ERROR_DECRYPT_ERROR_ALERT		= (SSL_ERROR_BASE + 96),
 SSL_ERROR_EXPORT_RESTRICTION_ALERT	= (SSL_ERROR_BASE + 97),
 SSL_ERROR_PROTOCOL_VERSION_ALERT	= (SSL_ERROR_BASE + 98),
 SSL_ERROR_INSUFFICIENT_SECURITY_ALERT	= (SSL_ERROR_BASE + 99),
 SSL_ERROR_INTERNAL_ERROR_ALERT		= (SSL_ERROR_BASE + 100),
 SSL_ERROR_USER_CANCELED_ALERT		= (SSL_ERROR_BASE + 101),
 SSL_ERROR_NO_RENEGOTIATION_ALERT	= (SSL_ERROR_BASE + 102),
 
+SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED	= (SSL_ERROR_BASE + 103),
+
 SSL_ERROR_END_OF_LIST	/* let the c compiler determine the value of this. */
 } SSLErrorCodes;
 #endif /* NO_SECURITY_ERROR_ENUM */
 
 #endif /* __SSL_ERR_H_ */
--- a/security/nss/lib/ssl/sslsnce.c
+++ b/security/nss/lib/ssl/sslsnce.c
@@ -1524,16 +1524,20 @@ getSvrWrappingKey(PRInt32               
 	       cacheDesc *               cache,
 	       PRUint32                  lockTime)
 {
     PRUint32  ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
     SSLWrappedSymWrappingKey * pwswk = cache->keyCacheData + ndx;
     PRUint32  now = 0;
     PRBool    rv  = PR_FALSE;
 
+    if (!cache->cacheMem) { /* cache is uninitialized */
+	PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
+	return rv;
+    }
     if (!lockTime) {
 	lockTime = now = LockSidCacheLock(cache->keyCacheLock, now);
 	if (!lockTime) {
 	    return rv;
 	}
     }
     if (pwswk->exchKeyType      == exchKeyType && 
 	pwswk->symWrapMechIndex == symWrapMechIndex &&
@@ -1583,16 +1587,21 @@ ssl_SetWrappingKey(SSLWrappedSymWrapping
     PRBool        rv               = PR_FALSE;
     SSL3KEAType   exchKeyType      = wswk->exchKeyType;   
                                 /* type of keys used to wrap SymWrapKey*/
     PRInt32       symWrapMechIndex = wswk->symWrapMechIndex;
     PRUint32      ndx;
     PRUint32      now = 0;
     SSLWrappedSymWrappingKey myWswk;
 
+    if (!cache->cacheMem) { /* cache is uninitialized */
+	PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
+	return 0;
+    }
+
     PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
     if ((unsigned)exchKeyType >= kt_kea_size)
     	return 0;
 
     PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
     if ((unsigned)symWrapMechIndex >=  SSL_NUM_WRAP_MECHS)
     	return 0;