Bug 403563: implement the TLS session ticket extension (rfc4507bis). The
authorwtc%google.com
Wed, 17 Aug 2011 05:01:55 +0000
changeset 10087 663c8f8733c2d88990db79401ed9f8ca5ddcfbe0
parent 10086 e3d0e9489874496c8a9f54e7dcb63b09dc92a849
child 10088 d3f188e356fb43f86c612fb4539cdf9d99b12b0e
push idunknown
push userunknown
push dateunknown
bugs403563
Bug 403563: implement the TLS session ticket extension (rfc4507bis). The patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>. A small portion (PKCS #11 code and tests) was written by Wan-Teh Chang <wtc@google.com>. r=nelson,wtc Modified Files: cmd/lib/SSLerrs.h cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/manifest.mn lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslerr.h lib/ssl/sslimpl.h lib/ssl/sslnonce.c lib/ssl/sslsnce.c lib/ssl/sslsock.c lib/ssl/sslt.h tests/ssl/sslstress.txt Added Files: lib/ssl/ssl3ext.c
security/nss/lib/ssl/SSLerrs.h
--- a/security/nss/lib/ssl/SSLerrs.h
+++ b/security/nss/lib/ssl/SSLerrs.h
@@ -379,8 +379,14 @@ ER3(SSL_ERROR_CERTIFICATE_UNOBTAINABLE_A
 ER3(SSL_ERROR_UNRECOGNIZED_NAME_ALERT        , (SSL_ERROR_BASE + 106),
 "SSL peer has no certificate for the requested DNS name.")
 
 ER3(SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT , (SSL_ERROR_BASE + 107),
 "SSL peer was unable to get an OCSP response for its certificate.")
 
 ER3(SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT      , (SSL_ERROR_BASE + 108),
 "SSL peer reported bad certificate hash value.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 109),
+"SSL received an unexpected New Session Ticket handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 110),
+"SSL received a malformed New Session Ticket handshake message.")