Bug 958916: Update to NSS 3.15.5 beta 3 (NSS_3_15_5_BETA3), r=me, a=sledru
authorBrian Smith <brian@briansmith.org>
Mon, 03 Feb 2014 13:34:34 -0800
changeset 182675 8e82d0db50ffc4114a78dc581dd5cfa830915114
parent 182674 c9d64c8f4710a71b72566de0b79a6a0de8fcd3af
child 182676 8563809a50e6fdaef9065c1f3ffbec00f551b9cd
push id3343
push userffxbld
push dateMon, 17 Mar 2014 21:55:32 +0000
treeherdermozilla-beta@2f7d3415f79f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersme, sledru
bugs958916
milestone29.0a2
Bug 958916: Update to NSS 3.15.5 beta 3 (NSS_3_15_5_BETA3), r=me, a=sledru
configure.in
security/nss/TAG-INFO
security/nss/coreconf/coreconf.dep
security/nss/lib/certdb/certi.h
security/nss/lib/certdb/certt.h
security/nss/lib/certhigh/ocsp.c
security/nss/lib/libpkix/pkix/top/pkix_build.c
security/nss/lib/libpkix/pkix/top/pkix_build.h
security/nss/lib/softoken/pkcs11c.c
security/nss/lib/ssl/sslsock.c
security/patches/README
security/patches/bug-950129.patch
--- a/configure.in
+++ b/configure.in
@@ -3670,17 +3670,17 @@ dnl = If NSS was not detected in the sys
 dnl = use the one in the source tree (mozilla/security/nss)
 dnl ========================================================
 
 MOZ_ARG_WITH_BOOL(system-nss,
 [  --with-system-nss       Use system installed NSS],
     _USE_SYSTEM_NSS=1 )
 
 if test -n "$_USE_SYSTEM_NSS"; then
-    AM_PATH_NSS(3.15.4, [MOZ_NATIVE_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])])
+    AM_PATH_NSS(3.15.5, [MOZ_NATIVE_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])])
 fi
 
 if test -n "$MOZ_NATIVE_NSS"; then
    NSS_LIBS="$NSS_LIBS -lcrmf"
 else
    NSS_CFLAGS='-I$(LIBXUL_DIST)/include/nss'
 
    if test -z "$GNU_CC" -a "$OS_ARCH" = "WINNT" -o "$OS_ARCH" = "OS2"; then
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-NSS_3_15_5_BETA2
+NSS_3_15_5_BETA3
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -5,9 +5,8 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
-
--- a/security/nss/lib/certdb/certi.h
+++ b/security/nss/lib/certdb/certi.h
@@ -258,33 +258,33 @@ void ReleaseDPCache(CRLDPCache* dpcache,
  * map Stan errors into NSS errors
  * This function examines the stan error stack and automatically sets
  * PORT_SetError(); to the appropriate SEC_ERROR value.
  */
 void CERT_MapStanError();
 
 /* Like CERT_VerifyCert, except with an additional argument, flags. The
  * flags are defined immediately below.
- *
- * OCSP checking is always skipped when certUsage is certUsageStatusResponder.
  */
 SECStatus
 cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
                          PRBool checkSig, SECCertUsage certUsage, PRTime t,
                          PRUint32 flags, void *wincx, CERTVerifyLog *log);
 
 /* Use the default settings.
- * cert_VerifyCertWithFlags(..., CERT_VERIFYCERT_USE_DEFAULTS) is equivalent
- * to CERT_VerifyCert(...);
+ * cert_VerifyCertWithFlags(..., CERT_VERIFYCERT_USE_DEFAULTS, ...) is
+ * equivalent to CERT_VerifyCert(...);
  */
 #define CERT_VERIFYCERT_USE_DEFAULTS 0
 
 /* Skip all the OCSP checks during certificate verification, regardless of
  * the global OCSP settings. By default, certificate |cert| will have its
  * revocation status checked via OCSP according to the global OCSP settings.
+ *
+ * OCSP checking is always skipped when certUsage is certUsageStatusResponder.
  */
 #define CERT_VERIFYCERT_SKIP_OCSP 1
 
 /* Interface function for libpkix cert validation engine:
  * cert_verify wrapper. */
 SECStatus
 cert_VerifyCertChainPkix(CERTCertificate *cert,
                          PRBool checkSig,
--- a/security/nss/lib/certdb/certt.h
+++ b/security/nss/lib/certdb/certt.h
@@ -337,16 +337,17 @@ struct CERTCertListNodeStr {
 };
 
 struct CERTCertListStr {
     PRCList list;
     PLArenaPool *arena;
 };
 
 #define CERT_LIST_HEAD(l) ((CERTCertListNode *)PR_LIST_HEAD(&l->list))
+#define CERT_LIST_TAIL(l) ((CERTCertListNode *)PR_LIST_TAIL(&l->list))
 #define CERT_LIST_NEXT(n) ((CERTCertListNode *)n->links.next)
 #define CERT_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
 #define CERT_LIST_EMPTY(l) CERT_LIST_END(CERT_LIST_HEAD(l), l)
 
 struct CERTCrlEntryStr {
     SECItem serialNumber;
     SECItem revocationDate;
     CERTCertExtension **extensions;    
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -5082,16 +5082,19 @@ CERT_CheckOCSPStatus(CERTCertDBHandle *h
         certID, time, PR_FALSE, /* ignoreGlobalOcspFailureSetting */
         &rvOcsp, &cachedErrorCode, &cachedResponseFreshness);
     if (rv != SECSuccess) {
         CERT_DestroyOCSPCertID(certID);
         return SECFailure;
     }
     if (cachedResponseFreshness == ocspFresh) {
         CERT_DestroyOCSPCertID(certID);
+        if (rvOcsp != SECSuccess) {
+            PORT_SetError(cachedErrorCode);
+        }
         return rvOcsp;
     }
 
     rv = ocsp_GetOCSPStatusFromNetwork(handle, certID, cert, time, pwArg,
                                        &certIDWasConsumed, 
                                        &rvOcsp);
     if (rv != SECSuccess) {
         PRErrorCode err = PORT_GetError();
--- a/security/nss/lib/libpkix/pkix/top/pkix_build.c
+++ b/security/nss/lib/libpkix/pkix/top/pkix_build.c
@@ -60,17 +60,16 @@ pkix_ForwardBuilderState_Destroy(
         state->certIndex = 0;
         state->aiaIndex = 0;
         state->certCheckedIndex = 0;
         state->checkerIndex = 0;
         state->hintCertIndex = 0;
         state->numFanout = 0;
         state->numDepth = 0;
         state->reasonCode = 0;
-        state->revCheckDelayed = PKIX_FALSE;
         state->canBeCached = PKIX_FALSE;
         state->useOnlyLocal = PKIX_FALSE;
         state->revChecking = PKIX_FALSE;
         state->usingHintCerts = PKIX_FALSE;
         state->certLoopingDetected = PKIX_FALSE;
         PKIX_DECREF(state->validityDate);
         PKIX_DECREF(state->prevCert);
         PKIX_DECREF(state->candidateCert);
@@ -121,19 +120,16 @@ cleanup:
  *
  * PARAMETERS
  *  "traversedCACerts"
  *      Number of CA certificates traversed.
  *  "numFanout"
  *      Number of Certs that can be considered at this level (0 = no limit)
  *  "numDepth"
  *      Number of additional levels that can be searched (0 = no limit)
- *  "revCheckDelayed"
- *      Boolean value indicating whether rev check is delayed until after
- *      entire chain is built.
  *  "canBeCached"
  *      Boolean value indicating whether all certs on the chain can be cached.
  *  "validityDate"
  *      Address of Date at which build chain Certs' most restricted validity
  *      time is kept. May be NULL.
  *  "prevCert"
  *      Address of Cert just traversed. Must be non-NULL.
  *  "traversedSubjNames"
@@ -154,17 +150,16 @@ cleanup:
  *  Returns a Build Error if the function fails in a non-fatal way.
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 static PKIX_Error *
 pkix_ForwardBuilderState_Create(
         PKIX_Int32 traversedCACerts,
         PKIX_UInt32 numFanout,
         PKIX_UInt32 numDepth,
-        PKIX_Boolean revCheckDelayed,
         PKIX_Boolean canBeCached,
         PKIX_PL_Date *validityDate,
         PKIX_PL_Cert *prevCert,
         PKIX_List *traversedSubjNames,
         PKIX_List *trustChain,
         PKIX_ForwardBuilderState *parentState,
         PKIX_ForwardBuilderState **pState,
         void *plContext)
@@ -190,17 +185,16 @@ pkix_ForwardBuilderState_Create(
         state->aiaIndex = 0;
         state->certCheckedIndex = 0;
         state->checkerIndex = 0;
         state->hintCertIndex = 0;
         state->numFanout = numFanout;
         state->numDepth = numDepth;
         state->reasonCode = 0;
         state->revChecking = numDepth;
-        state->revCheckDelayed = revCheckDelayed;
         state->canBeCached = canBeCached;
         state->useOnlyLocal = PKIX_TRUE;
         state->revChecking = PKIX_FALSE;
         state->usingHintCerts = PKIX_FALSE;
         state->certLoopingDetected = PKIX_FALSE;
 
         PKIX_INCREF(validityDate);
         state->validityDate = validityDate;
@@ -366,17 +360,16 @@ pkix_ForwardBuilderState_ToString
                 "\tcertStoreIndex: \t%d\n"
                 "\tnumCerts: \t%d\n"
                 "\tnumAias: \t%d\n"
                 "\tcertIndex: \t%d\n"
                 "\taiaIndex: \t%d\n"
                 "\tnumFanout: \t%d\n"
                 "\tnumDepth:  \t%d\n"
                 "\treasonCode:  \t%d\n"
-                "\trevCheckDelayed: \t%d\n"
                 "\tcanBeCached: \t%d\n"
                 "\tuseOnlyLocal: \t%d\n"
                 "\trevChecking: \t%d\n"
                 "\tvalidityDate: \t%s\n"
                 "\tprevCert: \t%s\n"
                 "\tcandidateCert: \t%s\n"
                 "\ttraversedSubjNames: \t%s\n"
                 "\ttrustChain: \t%s\n"
@@ -411,30 +404,24 @@ pkix_ForwardBuilderState_ToString
             case BUILD_COLLECTINGCERTS: asciiStatus = "BUILD_COLLECTINGCERTS";
                                         break;
             case BUILD_GATHERPENDING:   asciiStatus = "BUILD_GATHERPENDING";
                                         break;
             case BUILD_CERTVALIDATING:  asciiStatus = "BUILD_CERTVALIDATING";
                                         break;
             case BUILD_ABANDONNODE:     asciiStatus = "BUILD_ABANDONNODE";
                                         break;
-            case BUILD_CRLPREP:         asciiStatus = "BUILD_CRLPREP";
-                                        break;
-            case BUILD_CRL1:            asciiStatus = "BUILD_CRL1";
-                                        break;
             case BUILD_DATEPREP:        asciiStatus = "BUILD_DATEPREP";
                                         break;
             case BUILD_CHECKTRUSTED:    asciiStatus = "BUILD_CHECKTRUSTED";
                                         break;
             case BUILD_CHECKTRUSTED2:   asciiStatus = "BUILD_CHECKTRUSTED2";
                                         break;
             case BUILD_ADDTOCHAIN:      asciiStatus = "BUILD_ADDTOCHAIN";
                                         break;
-            case BUILD_CRL2:            asciiStatus = "BUILD_CRL2";
-                                        break;
             case BUILD_VALCHAIN:        asciiStatus = "BUILD_VALCHAIN";
                                         break;
             case BUILD_VALCHAIN2:       asciiStatus = "BUILD_VALCHAIN2";
                                         break;
             case BUILD_EXTENDCHAIN:     asciiStatus = "BUILD_EXTENDCHAIN";
                                         break;
             case BUILD_GETNEXTCERT:     asciiStatus = "BUILD_GETNEXTCERT";
                                         break;
@@ -493,17 +480,16 @@ pkix_ForwardBuilderState_ToString
                 (PKIX_UInt32)state->certStoreIndex,
                 (PKIX_UInt32)state->numCerts,
                 (PKIX_UInt32)state->numAias,
                 (PKIX_UInt32)state->certIndex,
                 (PKIX_UInt32)state->aiaIndex,
                 (PKIX_UInt32)state->numFanout,
                 (PKIX_UInt32)state->numDepth,
                 (PKIX_UInt32)state->reasonCode,
-                state->revCheckDelayed,
                 state->canBeCached,
                 state->useOnlyLocal,
                 state->revChecking,
                 validityDateString,
                 prevCertString,
                 candidateCertString,
                 traversedSubjNamesString,
                 trustChainString,
@@ -651,18 +637,16 @@ pkix_ForwardBuilderState_IsIOPending(
         PKIX_ForwardBuilderState *state,
         PKIX_Boolean *pPending,
         void *plContext)
 {
         PKIX_ENTER(FORWARDBUILDERSTATE, "pkix_ForwardBuilderState_IsIOPending");
         PKIX_NULLCHECK_TWO(state, pPending);
 
         if ((state->status == BUILD_GATHERPENDING) ||
-            (state->status == BUILD_CRL1) ||
-            (state->status == BUILD_CRL2) ||
             (state->status == BUILD_CHECKTRUSTED2) ||
             (state->status == BUILD_VALCHAIN2) ||
             (state->status == BUILD_AIAPENDING)) {
                 *pPending = PKIX_TRUE;
         } else {
                 *pPending = PKIX_FALSE;
         }
 
@@ -775,60 +759,48 @@ cleanup:
 
 /*
  * FUNCTION: pkix_Build_VerifyCertificate
  * DESCRIPTION:
  *
  *  Checks whether the previous Cert stored in the ForwardBuilderState pointed
  *  to by "state" successfully chains, including signature verification, to the
  *  candidate Cert also stored in "state", using the Boolean value in "trusted"
- *  to determine whether "candidateCert" is trusted. Using the Boolean value in
- *  "revocationChecking" for the existence of revocation checking, it sets
- *  "pNeedsCRLChecking" to PKIX_TRUE if the candidate Cert needs to be checked
- *  against Certificate Revocation Lists.
+ *  to determine whether "candidateCert" is trusted.
  *
  *  First it checks whether "candidateCert" has already been traversed by
- *  determining whether it is contained in the List of traversed Certs. It
+ *  determining whether it is contained in the List of traversed Certs. It then
  *  checks the candidate Cert with user checkers, if any, in the List pointed to
- *  by "userCheckers". It then runs the signature validation. Finally, it
- *  determines the appropriate value for "pNeedsCRLChecking".
+ *  by "userCheckers". Finally, it runs the signature validation.
  *
  *  If this Certificate fails verification, and state->verifyNode is non-NULL,
  *  this function sets the Error code into the verifyNode.
  *
  * PARAMETERS:
  *  "state"
  *      Address of ForwardBuilderState to be used. Must be non-NULL.
  *  "userCheckers"
  *      Address of a List of CertChainCheckers to be used, if present, to
  *      validate the candidateCert.
- *  "revocationChecking"
- *      Boolean indication of whether revocation checking is available, either
- *      as a CertChainChecker or a List of RevocationCheckers.
  *  "trusted"
  *      Boolean value of trust for the candidate Cert
- *  "pNeedsCRLChecking"
- *      Address where Boolean CRL-checking-needed value is stored.
- *      Must be non-NULL.
  *  "plContext"
  *      Platform-specific context pointer.
  * THREAD SAFETY:
  *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
  * RETURNS:
  *  Returns NULL if the function succeeds.
  *  Returns a Build Error if the function fails in a non-fatal way
  *  Returns a Fatal Error if the function fails in an unrecoverable way.
  */
 static PKIX_Error *
 pkix_Build_VerifyCertificate(
         PKIX_ForwardBuilderState *state,
         PKIX_List *userCheckers,
-        PKIX_Boolean revocationChecking,
         PKIX_Boolean *pTrusted,
-        PKIX_Boolean *pNeedsCRLChecking,
         PKIX_VerifyNode *verifyNode,
         void *plContext)
 {
         PKIX_UInt32 numUserCheckers = 0;
         PKIX_UInt32 i = 0;
         PKIX_Boolean loopFound = PKIX_FALSE;
         PKIX_Boolean supportForwardChecking = PKIX_FALSE;
         PKIX_Boolean trusted = PKIX_FALSE;
@@ -836,22 +808,20 @@ pkix_Build_VerifyCertificate(
         PKIX_PL_PublicKey *candidatePubKey = NULL;
         PKIX_CertChainChecker *userChecker = NULL;
         PKIX_CertChainChecker_CheckCallback checkerCheck = NULL;
         PKIX_PL_TrustAnchorMode trustAnchorMode =
                 PKIX_PL_TrustAnchorMode_Ignore;
         void *nbioContext = NULL;
         
         PKIX_ENTER(BUILD, "pkix_Build_VerifyCertificate");
-        PKIX_NULLCHECK_THREE(state, pTrusted, pNeedsCRLChecking);
+        PKIX_NULLCHECK_TWO(state, pTrusted);
         PKIX_NULLCHECK_THREE
                 (state->candidateCerts, state->prevCert, state->trustChain);
 
-        *pNeedsCRLChecking = PKIX_FALSE;
-
         PKIX_INCREF(state->candidateCert);
         candidateCert = state->candidateCert;
 
         if (state->buildConstants.numAnchors) {
             if (state->buildConstants.trustOnlyUserAnchors) {
                 trustAnchorMode = PKIX_PL_TrustAnchorMode_Exclusive;
             } else {
                 trustAnchorMode = PKIX_PL_TrustAnchorMode_Additive;
@@ -939,36 +909,16 @@ pkix_Build_VerifyCertificate(
                        PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
             PKIX_CHECK(PKIX_PL_PublicKey_NeedsDSAParameters
                        (candidatePubKey, &paramsNeeded, plContext),
                        PKIX_PUBLICKEYNEEDSDSAPARAMETERSFAILED);
             if (paramsNeeded) {
                 PKIX_ERROR(PKIX_MISSINGDSAPARAMETERS);
             }
         }
-        
-        
-        if (revocationChecking) {
-            if (!trusted) {
-                if (state->revCheckDelayed) {
-                    goto cleanup;
-                } else {
-                    PKIX_Boolean isSelfIssued = PKIX_FALSE;
-                    PKIX_CHECK(
-                        pkix_IsCertSelfIssued(candidateCert, &isSelfIssued,
-                                              plContext),
-                        PKIX_ISCERTSELFISSUEDFAILED);
-                    if (isSelfIssued) {
-                        state->revCheckDelayed = PKIX_TRUE;
-                        goto cleanup;
-                    }
-                }
-            }
-            *pNeedsCRLChecking = PKIX_TRUE;
-        }
 
 cleanup:
         PKIX_DECREF(candidateCert);
         PKIX_DECREF(candidatePubKey);
         PKIX_DECREF(userChecker);
 
         PKIX_RETURN(BUILD);
 }
@@ -2074,18 +2024,16 @@ pkix_BuildForwardDepthFirstSearch(
         PKIX_ForwardBuilderState *state,
         PKIX_ValidateResult **pValResult,
         void *plContext)
 {
         PKIX_Boolean outOfOptions = PKIX_FALSE;
         PKIX_Boolean trusted = PKIX_FALSE;
         PKIX_Boolean isSelfIssued = PKIX_FALSE;
         PKIX_Boolean canBeCached = PKIX_FALSE;
-        PKIX_Boolean revocationCheckingExists = PKIX_FALSE;
-        PKIX_Boolean needsCRLChecking = PKIX_FALSE;
         PKIX_Boolean ioPending = PKIX_FALSE;
         PKIX_PL_Date *validityDate = NULL;
         PKIX_PL_Date *currTime  = NULL;
         PKIX_Int32 childTraversedCACerts = 0;
         PKIX_UInt32 numSubjectNames = 0;
         PKIX_UInt32 numChained = 0;
         PKIX_Int32 cmpTimeResult = 0;
         PKIX_UInt32 i = 0;
@@ -2386,19 +2334,16 @@ pkix_BuildForwardDepthFirstSearch(
             /* ****Phase 2 - Chain building***** */
 
 #if PKIX_FORWARDBUILDERSTATEDEBUG
             PKIX_CHECK(pkix_ForwardBuilderState_DumpState(state, plContext),
                     PKIX_FORWARDBUILDERSTATEDUMPSTATEFAILED);
 #endif
 
             if (state->status == BUILD_CERTVALIDATING) {
-                    revocationCheckingExists =
-                        (state->buildConstants.revChecker != NULL);
-
                     PKIX_DECREF(state->candidateCert);
                     PKIX_CHECK(PKIX_List_GetItem
                             (state->candidateCerts,
                             state->certIndex,
                             (PKIX_PL_Object **)&(state->candidateCert),
                             plContext),
                             PKIX_LISTGETITEMFAILED);
 
@@ -2411,19 +2356,17 @@ pkix_BuildForwardDepthFirstSearch(
                                     plContext),
                                     PKIX_VERIFYNODECREATEFAILED);
                     }
 
                     /* If failure, this function sets Error in verifyNode */
                     verifyError = pkix_Build_VerifyCertificate
                             (state,
                             state->buildConstants.userCheckers,
-                            revocationCheckingExists,
                             &trusted,
-                            &needsCRLChecking,
                             verifyNode,
                             plContext);
 
                     if (verifyError) {
                             pkixTempErrorReceived = PKIX_TRUE;
                             pkixErrorClass = verifyError->errClass;
                             if (pkixErrorClass == PKIX_FATAL_ERROR) {
                                 pkixErrorResult = verifyError;
@@ -2448,73 +2391,21 @@ pkix_BuildForwardDepthFirstSearch(
                             PKIX_DECREF(finalError);
                             finalError = verifyError;
                             verifyError = NULL;
                             if (state->certLoopingDetected) {
                                 PKIX_ERROR
                                     (PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED);
                             }
                             state->status = BUILD_GETNEXTCERT;
-                    } else if (needsCRLChecking) {
-                            state->status = BUILD_CRLPREP;
                     } else {
                             state->status = BUILD_DATEPREP;
                     }
             }
 
-            if (state->status == BUILD_CRLPREP) {
-                PKIX_RevocationStatus revStatus;
-                PKIX_UInt32 reasonCode;
-
-                verifyError =
-                    PKIX_RevocationChecker_Check(
-                             state->prevCert, state->candidateCert,
-                             state->buildConstants.revChecker,
-                             state->buildConstants.procParams,
-                             PKIX_FALSE,
-                             (state->parentState == NULL) ?
-                                              PKIX_TRUE : PKIX_FALSE,
-                             &revStatus, &reasonCode,
-                             &nbio, plContext);
-                if (nbio != NULL) {
-                    *pNBIOContext = nbio;
-                    goto cleanup;
-                }
-                if (revStatus == PKIX_RevStatus_Revoked || verifyError) {
-                    if (!verifyError) {
-                        /* if verifyError is returned then use it as
-                         * it has a detailed revocation error code.
-                         * Otherwise create a new error */
-                        PKIX_ERROR_CREATE(VALIDATE, PKIX_CERTIFICATEREVOKED,
-                                          verifyError);
-                    }
-                    if (state->verifyNode != NULL) {
-                            PKIX_CHECK_FATAL(pkix_VerifyNode_SetError
-                                    (verifyNode, verifyError, plContext),
-                                    PKIX_VERIFYNODESETERRORFAILED);
-                            PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
-                                    (state->verifyNode,
-                                    verifyNode,
-                                    plContext),
-                                    PKIX_VERIFYNODEADDTOTREEFAILED);
-                            PKIX_DECREF(verifyNode);
-                    }
-                    PKIX_DECREF(finalError);
-                    finalError = verifyError;
-                    verifyError = NULL;
-                    if (state->certLoopingDetected) {
-                            PKIX_ERROR
-                                (PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED);
-                    }
-                    state->status = BUILD_GETNEXTCERT;
-                } else {
-                    state->status = BUILD_DATEPREP;
-                }
-            }
-
             if (state->status == BUILD_DATEPREP) {
                     /* Keep track of whether this chain can be cached */
                     PKIX_CHECK(pkix_Build_UpdateDate(state, plContext),
                             PKIX_BUILDUPDATEDATEFAILED);
     
                     canBeCached = state->canBeCached;
                     PKIX_DECREF(validityDate);
                     PKIX_INCREF(state->validityDate);
@@ -2706,17 +2597,16 @@ pkix_BuildForwardDepthFirstSearch(
                             }
                             PKIX_DECREF(subjectNames);
                         }
             
                         PKIX_CHECK(pkix_ForwardBuilderState_Create
                             (childTraversedCACerts,
                             state->buildConstants.maxFanout,
                             state->numDepth - 1,
-                            state->revCheckDelayed,
                             canBeCached,
                             validityDate,
                             state->candidateCert,
                             childTraversedSubjNames,
                             state->trustChain,
                             state,
                             &childState,
                             plContext),
@@ -3516,17 +3406,16 @@ pkix_Build_InitiateBuildChain(
 
             PKIX_CHECK(pkix_Build_GetResourceLimits(&buildConstants, plContext),
                     PKIX_BUILDGETRESOURCELIMITSFAILED);
     
             PKIX_CHECK(pkix_ForwardBuilderState_Create
                     (0,              /* PKIX_UInt32 traversedCACerts */
                     buildConstants.maxFanout,
                     buildConstants.maxDepth,
-                    PKIX_FALSE,      /* PKIX_Boolean revCheckDelayed */
                     PKIX_TRUE,       /* PKIX_Boolean canBeCached */
                     NULL,            /* PKIX_Date *validityDate */
                     targetCert,      /* PKIX_PL_Cert *prevCert */
                     targetSubjNames, /* PKIX_List *traversedSubjNames */
                     tentativeChain,  /* PKIX_List *trustChain */
                     NULL,            /* PKIX_ForwardBuilderState *parent */
                     &state,          /* PKIX_ForwardBuilderState **pState */
                     plContext),
--- a/security/nss/lib/libpkix/pkix/top/pkix_build.h
+++ b/security/nss/lib/libpkix/pkix/top/pkix_build.h
@@ -22,24 +22,20 @@ typedef enum {
         BUILD_SHORTCUTPENDING,
         BUILD_INITIAL,
         BUILD_TRYAIA,
         BUILD_AIAPENDING,
         BUILD_COLLECTINGCERTS,
         BUILD_GATHERPENDING,
         BUILD_CERTVALIDATING,
         BUILD_ABANDONNODE,
-        BUILD_CRLPREP,
-        BUILD_CRL1,
         BUILD_DATEPREP,
         BUILD_CHECKTRUSTED,
         BUILD_CHECKTRUSTED2,
         BUILD_ADDTOCHAIN,
-        BUILD_CRL2PREP,
-        BUILD_CRL2,
         BUILD_VALCHAIN,
         BUILD_VALCHAIN2,
         BUILD_EXTENDCHAIN,
         BUILD_GETNEXTCERT
 } BuildStatus;
 
 typedef struct BuildConstantsStruct BuildConstants;
 
@@ -80,17 +76,16 @@ struct PKIX_ForwardBuilderStateStruct{
         PKIX_UInt32 certIndex;
         PKIX_UInt32 aiaIndex;
         PKIX_UInt32 certCheckedIndex;
         PKIX_UInt32 checkerIndex;
         PKIX_UInt32 hintCertIndex;
         PKIX_UInt32 numFanout;
         PKIX_UInt32 numDepth;
         PKIX_UInt32 reasonCode;
-        PKIX_Boolean revCheckDelayed;
         PKIX_Boolean canBeCached;
         PKIX_Boolean useOnlyLocal;
         PKIX_Boolean revChecking;
         PKIX_Boolean usingHintCerts;
         PKIX_Boolean certLoopingDetected;
         PKIX_PL_Date *validityDate;
         PKIX_PL_Cert *prevCert;
         PKIX_PL_Cert *candidateCert;
--- a/security/nss/lib/softoken/pkcs11c.c
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -5652,16 +5652,17 @@ sftk_MapKeySize(CK_KEY_TYPE keyType)
 	return 24;
     /* IDEA and CAST need to be added */
     default:
 	break;
     }
     return 0;
 }
 
+#ifdef NSS_ENABLE_ECC
 /* Inputs:
  *  key_len: Length of derived key to be generated.
  *  SharedSecret: a shared secret that is the output of a key agreement primitive.
  *  SharedInfo: (Optional) some data shared by the entities computing the secret key.
  *  SharedInfoLen: the length in octets of SharedInfo
  *  Hash: The hash function to be used in the KDF
  *  HashLen: the length in octets of the output of Hash
  * Output:
@@ -5670,79 +5671,83 @@ sftk_MapKeySize(CK_KEY_TYPE keyType)
 static CK_RV sftk_compute_ANSI_X9_63_kdf(CK_BYTE **key, CK_ULONG key_len, SECItem *SharedSecret,
 		CK_BYTE_PTR SharedInfo, CK_ULONG SharedInfoLen,
 		SECStatus Hash(unsigned char *, const unsigned char *, PRUint32),
 		CK_ULONG HashLen)
 {
     unsigned char *buffer = NULL, *output_buffer = NULL;
     PRUint32 buffer_len, max_counter, i;
     SECStatus rv;
+    CK_RV crv;
 
     /* Check that key_len isn't too long.  The maximum key length could be
      * greatly increased if the code below did not limit the 4-byte counter
      * to a maximum value of 255. */
     if (key_len > 254 * HashLen)
-	return SEC_ERROR_INVALID_ARGS;
+	return CKR_ARGUMENTS_BAD;
 
     if (SharedInfo == NULL)
 	SharedInfoLen = 0;
 
     buffer_len = SharedSecret->len + 4 + SharedInfoLen;
     buffer = (CK_BYTE *)PORT_Alloc(buffer_len);
     if (buffer == NULL) {
-	rv = SEC_ERROR_NO_MEMORY;
+	crv = CKR_HOST_MEMORY;
 	goto loser;
     }
 
     max_counter = key_len/HashLen;
     if (key_len > max_counter * HashLen)
 	max_counter++;
 
     output_buffer = (CK_BYTE *)PORT_Alloc(max_counter * HashLen);
     if (output_buffer == NULL) {
-	rv = SEC_ERROR_NO_MEMORY;
+	crv = CKR_HOST_MEMORY;
 	goto loser;
     }
 
     /* Populate buffer with SharedSecret || Counter || [SharedInfo]
      * where Counter is 0x00000001 */
     PORT_Memcpy(buffer, SharedSecret->data, SharedSecret->len);
     buffer[SharedSecret->len] = 0;
     buffer[SharedSecret->len + 1] = 0;
     buffer[SharedSecret->len + 2] = 0;
     buffer[SharedSecret->len + 3] = 1;
     if (SharedInfo) {
 	PORT_Memcpy(&buffer[SharedSecret->len + 4], SharedInfo, SharedInfoLen);
     }
 
     for(i=0; i < max_counter; i++) {
 	rv = Hash(&output_buffer[i * HashLen], buffer, buffer_len);
-	if (rv != SECSuccess)
+	if (rv != SECSuccess) {
+	    /* 'Hash' should not fail. */
+	    crv = CKR_FUNCTION_FAILED;
 	    goto loser;
+	}
 
 	/* Increment counter (assumes max_counter < 255) */
 	buffer[SharedSecret->len + 3]++;
     }
 
     PORT_ZFree(buffer, buffer_len);
     if (key_len < max_counter * HashLen) {
 	PORT_Memset(output_buffer + key_len, 0, max_counter * HashLen - key_len);
     }
     *key = output_buffer;
 
-    return SECSuccess;
+    return CKR_OK;
 
     loser:
 	if (buffer) {
 	    PORT_ZFree(buffer, buffer_len);
 	}
 	if (output_buffer) {
 	    PORT_ZFree(output_buffer, max_counter * HashLen);
 	}
-	return rv;
+	return crv;
 }
 
 static CK_RV sftk_ANSI_X9_63_kdf(CK_BYTE **key, CK_ULONG key_len,
 		SECItem *SharedSecret,
 		CK_BYTE_PTR SharedInfo, CK_ULONG SharedInfoLen,
 		CK_EC_KDF_TYPE kdf)
 {
     if (kdf == CKD_SHA1_KDF)
@@ -5756,18 +5761,19 @@ static CK_RV sftk_ANSI_X9_63_kdf(CK_BYTE
 		   		 SharedInfoLen, SHA256_HashBuf, SHA256_LENGTH);
     else if (kdf == CKD_SHA384_KDF)
 	return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
 		   		 SharedInfoLen, SHA384_HashBuf, SHA384_LENGTH);
     else if (kdf == CKD_SHA512_KDF)
 	return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
 		   		 SharedInfoLen, SHA512_HashBuf, SHA512_LENGTH);
     else
-	return SEC_ERROR_INVALID_ALGORITHM;
+	return CKR_MECHANISM_INVALID;
 }
+#endif
 
 /*
  * SSL Key generation given pre master secret
  */
 #define NUM_MIXERS 9
 static const char * const mixers[NUM_MIXERS] = { 
     "A", 
     "BB", 
@@ -6809,22 +6815,21 @@ key_and_mac_derive_fail:
 	     * tmp is the raw data created by ECDH_Derive,
 	     * secret and secretlen are the values we will
 	     * eventually pass as our generated key.
 	     */
 	    secret = tmp.data;
 	    secretlen = tmp.len;
 	} else {
 	    secretlen = keySize;
-	    rv = sftk_ANSI_X9_63_kdf(&secret, keySize,
+	    crv = sftk_ANSI_X9_63_kdf(&secret, keySize,
 			&tmp, mechParams->pSharedData,
 			mechParams->ulSharedDataLen, mechParams->kdf);
 	    PORT_ZFree(tmp.data, tmp.len);
-	    if (rv != SECSuccess) {
-		crv = CKR_HOST_MEMORY;
+	    if (crv != CKR_OK) {
 		break;
 	    }
 	    tmp.data = secret;
 	    tmp.len = secretlen;
 	}
 
 	/*
 	 * if keySize is supplied, then we are generating a key of a specific 
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -149,16 +149,21 @@ ssl_GetPrivate(PRFileDesc *fd)
 
     if (fd->methods->file_type != PR_DESC_LAYERED ||
         fd->identity != ssl_layer_id) {
 	PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
 	return NULL;
     }
 
     ss = (sslSocket *)fd->secret;
+    /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
+     * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
+     * contents of the PRFileDesc pointed by ss->fd and the new layer.
+     * See bug 807250.
+     */
     ss->fd = fd;
     return ss;
 }
 
 /* This function tries to find the SSL layer in the stack. 
  * It searches for the first SSL layer at or below the argument fd,
  * and failing that, it searches for the nearest SSL layer above the 
  * argument fd.  It returns the private sslSocket from the found layer.
@@ -174,16 +179,21 @@ ssl_FindSocket(PRFileDesc *fd)
 
     layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
     if (layer == NULL) {
 	PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
 	return NULL;
     }
 
     ss = (sslSocket *)layer->secret;
+    /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
+     * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
+     * contents of the PRFileDesc pointed by ss->fd and the new layer.
+     * See bug 807250.
+     */
     ss->fd = layer;
     return ss;
 }
 
 static sslSocket *
 ssl_DupSocket(sslSocket *os)
 {
     sslSocket *ss;
@@ -2392,30 +2402,41 @@ ssl_SocketIsBlocking(sslSocket *ss)
 
 PRInt32  sslFirstBufSize = 8 * 1024;
 PRInt32  sslCopyLimit    = 1024;
 
 static PRInt32 PR_CALLBACK
 ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors, 
            PRIntervalTime timeout)
 {
+    PRInt32            i;
     PRInt32            bufLen;
     PRInt32            left;
     PRInt32            rv;
     PRInt32            sent      =  0;
     const PRInt32      first_len = sslFirstBufSize;
     const PRInt32      limit     = sslCopyLimit;
     PRBool             blocking;
     PRIOVec            myIov	 = { 0, 0 };
     char               buf[MAX_FRAGMENT_LENGTH];
 
+    if (vectors < 0) {
+    	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+	return -1;
+    }
     if (vectors > PR_MAX_IOVECTOR_SIZE) {
     	PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
 	return -1;
     }
+    for (i = 0; i < vectors; i++) {
+	if (iov[i].iov_len < 0) {
+	    PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+	    return -1;
+	}
+    }
     blocking = ssl_FdIsBlocking(fd);
 
 #define K16 sizeof(buf)
 #define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; }
 #define GET_VECTOR   do { myIov = *iov++; --vectors; KILL_VECTORS } while (0)
 #define HANDLE_ERR(rv, len) \
     if (rv != len) { \
 	if (rv < 0) { \
--- a/security/patches/README
+++ b/security/patches/README
@@ -1,5 +1,2 @@
 This directory contains patches that were added locally
 on top of the NSS release.
-
-bug-950129.patch  Make OCSP fetching policy for OCSP response signing
-                  certificates consistent.
deleted file mode 100644
--- a/security/patches/bug-950129.patch
+++ /dev/null
@@ -1,195 +0,0 @@
-# HG changeset patch
-# Parent 352d188c67d9fefd82524c4439a5d04679687945
-# User Brian Smith <brian@briansmith.org>
-diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h
---- a/security/nss/lib/certdb/certi.h
-+++ b/security/nss/lib/certdb/certi.h
-@@ -256,16 +256,38 @@ void ReleaseDPCache(CRLDPCache* dpcache,
- 
- /*
-  * map Stan errors into NSS errors
-  * This function examines the stan error stack and automatically sets
-  * PORT_SetError(); to the appropriate SEC_ERROR value.
-  */
- void CERT_MapStanError();
- 
-+/* Like CERT_VerifyCert, except with an additional argument, flags. The
-+ * flags are defined immediately below.
-+ *
-+ * OCSP checking is always skipped when certUsage is certUsageStatusResponder.
-+ */
-+SECStatus
-+cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
-+                         PRBool checkSig, SECCertUsage certUsage, PRTime t,
-+                         PRUint32 flags, void *wincx, CERTVerifyLog *log);
-+
-+/* Use the default settings.
-+ * cert_VerifyCertWithFlags(..., CERT_VERIFYCERT_USE_DEFAULTS) is equivalent
-+ * to CERT_VerifyCert(...);
-+ */
-+#define CERT_VERIFYCERT_USE_DEFAULTS 0
-+
-+/* Skip all the OCSP checks during certificate verification, regardless of
-+ * the global OCSP settings. By default, certificate |cert| will have its
-+ * revocation status checked via OCSP according to the global OCSP settings.
-+ */
-+#define CERT_VERIFYCERT_SKIP_OCSP 1
-+
- /* Interface function for libpkix cert validation engine:
-  * cert_verify wrapper. */
- SECStatus
- cert_VerifyCertChainPkix(CERTCertificate *cert,
-                          PRBool checkSig,
-                          SECCertUsage     requiredUsage,
-                          PRTime           time,
-                          void            *wincx,
-diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
---- a/security/nss/lib/certhigh/certvfy.c
-+++ b/security/nss/lib/certhigh/certvfy.c
-@@ -1195,17 +1195,17 @@ CERT_VerifyCertificate(CERTCertDBHandle 
- 
-         if (rv != SECSuccess) {
-             /* EXIT_IF_NOT_LOGGING(log); XXX ???? */
-             INVALID_USAGE();
-         }
- 
-         /*
-          * Check OCSP revocation status, but only if the cert we are checking
--         * is not a status reponder itself.  We only do this in the case
-+         * is not a status responder itself. We only do this in the case
-          * where we checked the cert chain (above); explicit trust "wins"
-          * (avoids status checking, just as it avoids CRL checking) by
-          * bypassing this code.
-          */
- 
-         if (PR_FALSE == checkedOCSP) {
-             checkedOCSP = PR_TRUE; /* only check OCSP once */
-             statusConfig = CERT_GetStatusConfig(handle);
-@@ -1230,20 +1230,29 @@ loser:
-     return(valid);
- }
- 
- SECStatus
- CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- 		PRBool checkSig, SECCertUsage certUsage, PRTime t,
- 		void *wincx, CERTVerifyLog *log)
- {
-+    return cert_VerifyCertWithFlags(handle, cert, checkSig, certUsage, t,
-+                                    CERT_VERIFYCERT_USE_DEFAULTS, wincx, log);
-+}
-+
-+SECStatus
-+cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
-+                         PRBool checkSig, SECCertUsage certUsage, PRTime t,
-+                         PRUint32 flags, void *wincx, CERTVerifyLog *log)
-+{
-     SECStatus rv;
-     unsigned int requiredKeyUsage;
-     unsigned int requiredCertType;
--    unsigned int flags;
-+    unsigned int failedFlags;
-     unsigned int certType;
-     PRBool       trusted;
-     PRBool       allowOverride;
-     SECCertTimeValidity validity;
-     CERTStatusConfig *statusConfig;
-    
- #ifdef notdef 
-     /* check if this cert is in the Evil list */
-@@ -1302,41 +1311,43 @@ CERT_VerifyCert(CERTCertDBHandle *handle
- 	PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- 	LOG_ERROR_OR_EXIT(log,cert,0,requiredKeyUsage);
-     }
-     if ( !( certType & requiredCertType ) ) {
- 	PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
- 	LOG_ERROR_OR_EXIT(log,cert,0,requiredCertType);
-     }
- 
--    rv = cert_CheckLeafTrust(cert,certUsage, &flags, &trusted);
-+    rv = cert_CheckLeafTrust(cert, certUsage, &failedFlags, &trusted);
-     if (rv  == SECFailure) {
- 	PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
--	LOG_ERROR_OR_EXIT(log,cert,0,flags);
-+	LOG_ERROR_OR_EXIT(log, cert, 0, failedFlags);
-     } else if (trusted) {
- 	goto done;
-     }
- 
- 
-     rv = CERT_VerifyCertChain(handle, cert, checkSig, certUsage,
- 			      t, wincx, log);
-     if (rv != SECSuccess) {
- 	EXIT_IF_NOT_LOGGING(log);
-     }
- 
-     /*
--     * Check revocation status, but only if the cert we are checking
--     * is not a status reponder itself.  We only do this in the case
--     * where we checked the cert chain (above); explicit trust "wins"
--     * (avoids status checking, just as it avoids CRL checking, which
--     * is all done inside VerifyCertChain) by bypassing this code.
-+     * Check revocation status, but only if the cert we are checking is not a
-+     * status responder itself and the caller did not ask us to skip the check.
-+     * We only do this in the case where we checked the cert chain (above);
-+     * explicit trust "wins" (avoids status checking, just as it avoids CRL
-+     * checking, which is all done inside VerifyCertChain) by bypassing this
-+     * code.
-      */
--    statusConfig = CERT_GetStatusConfig(handle);
--    if (certUsage != certUsageStatusResponder && statusConfig != NULL) {
--	if (statusConfig->statusChecker != NULL) {
-+    if (!(flags & CERT_VERIFYCERT_SKIP_OCSP) &&
-+	certUsage != certUsageStatusResponder) {
-+	statusConfig = CERT_GetStatusConfig(handle);
-+	if (statusConfig && statusConfig->statusChecker) {
- 	    rv = (* statusConfig->statusChecker)(handle, cert,
- 							 t, wincx);
- 	    if (rv != SECSuccess) {
- 		LOG_ERROR_OR_EXIT(log,cert,0,0);
- 	    }
- 	}
-     }
- 
-diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
---- a/security/nss/lib/certhigh/ocsp.c
-+++ b/security/nss/lib/certhigh/ocsp.c
-@@ -13,16 +13,17 @@
- #include "prnetdb.h"
- 
- #include "seccomon.h"
- #include "secitem.h"
- #include "secoidt.h"
- #include "secasn1.h"
- #include "secder.h"
- #include "cert.h"
-+#include "certi.h"
- #include "xconst.h"
- #include "secerr.h"
- #include "secoid.h"
- #include "hasht.h"
- #include "sechash.h"
- #include "secasn1.h"
- #include "plbase64.h"
- #include "keyhi.h"
-@@ -4179,18 +4180,19 @@ CERT_VerifyOCSPResponseSignature(CERTOCS
-         rv = SECSuccess;
-     } else {
-         SECCertUsage certUsage;
-         if (CERT_IsCACert(signerCert, NULL)) {
-             certUsage = certUsageAnyCA;
-         } else {
-             certUsage = certUsageStatusResponder;
-         }
--        rv = CERT_VerifyCert(handle, signerCert, PR_TRUE,
--                             certUsage, producedAt, pwArg, NULL);
-+        rv = cert_VerifyCertWithFlags(handle, signerCert, PR_TRUE, certUsage,
-+                                      producedAt, CERT_VERIFYCERT_SKIP_OCSP,
-+                                      pwArg, NULL);
-         if (rv != SECSuccess) {
-             PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
-             goto finish;
-         }
-     }
- 
-     rv = ocsp_VerifyResponseSignature(signerCert, signature,
-                                       tbsResponseDataDER,