Bug 866362: Revert changeset 60da07951c17 because it caused selfserv
authorWan-Teh Chang <wtc@google.com>
Tue, 21 May 2013 22:21:37 -0700
changeset 10785 c499082b9a15f22dc9a4c882ea8769b16ac82234
parent 10784 60da07951c1702a35e3b8a3bab4f9a6beadc9742
child 10786 94a1e80e5f71893dfc34be134ac589558e6e0f73
push id94
push userwtc@google.com
push dateWed, 22 May 2013 05:22:05 +0000
bugs866362
Bug 866362: Revert changeset 60da07951c17 because it caused selfserv to crash (dereferencing a null ss->ssl3.hs.kea_def) in ssl3_ServerSendStatusRequestXtn.
lib/ssl/ssl3con.c
lib/ssl/ssl3ext.c
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -8462,19 +8462,20 @@ ssl3_SendCertificateStatus(sslSocket *ss
 
     /* Use certStatus based on the cert being used. */
     if ((ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) ||
 	(ss->ssl3.hs.kea_def->kea == kea_dhe_rsa)) {
 	certIndex = kt_rsa;
     } else {
 	certIndex = ss->ssl3.hs.kea_def->exchKeyType;
     }
-
-    statusToSend = ss->certStatusArray[certIndex];
-    if (!statusToSend || !statusToSend->len)
+    if (ss->certStatusArray[certIndex] && ss->certStatusArray[certIndex]->len) {
+	statusToSend = ss->certStatusArray[certIndex];
+    }
+    if (!statusToSend)
 	return SECSuccess;
 
     /* Use the array's first item only (single stapling) */
     len = 1 + statusToSend->items[0].len + 3;
 
     rv = ssl3_AppendHandshakeHeader(ss, certificate_status, len);
     if (rv != SECSuccess) {
 	return rv; 		/* err set by AppendHandshake. */
--- a/lib/ssl/ssl3ext.c
+++ b/lib/ssl/ssl3ext.c
@@ -677,30 +677,30 @@ static PRInt32
 ssl3_ServerSendStatusRequestXtn(
 			sslSocket * ss,
 			PRBool      append,
 			PRUint32    maxBytes)
 {
     PRInt32 extension_length;
     SECStatus rv;
     int i;
-    SECItemArray *statusToSend = NULL;
-    SSL3KEAType certIndex;
-
-    PORT_Assert(ss->sec.isServer);
+    PRBool haveStatus = PR_FALSE;
 
-    if ((ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) ||
-	(ss->ssl3.hs.kea_def->kea == kea_dhe_rsa)) {
-	certIndex = kt_rsa;
-    } else {
-	certIndex = ss->ssl3.hs.kea_def->exchKeyType;
+    for (i = kt_null; i < kt_kea_size; i++) {
+	/* TODO: This is a temporary workaround.
+	 *       The correct code needs to see if we have an OCSP response for
+	 *       the server certificate being used, rather than if we have any
+	 *       OCSP response. See also ssl3_SendCertificateStatus.
+	 */
+	if (ss->certStatusArray[i] && ss->certStatusArray[i]->len) {
+	    haveStatus = PR_TRUE;
+	    break;
+	}
     }
-
-    statusToSend = ss->certStatusArray[certIndex];
-    if (!statusToSend || !statusToSend->len)
+    if (!haveStatus)
 	return 0;
 
     extension_length = 2 + 2;
     if (append && maxBytes >= extension_length) {
 	/* extension_type */
 	rv = ssl3_AppendHandshakeNumber(ss, ssl_cert_status_xtn, 2);
 	if (rv != SECSuccess)
 	    return -1;