Fix bug 129218, bug 367037, and bug 370957 on BYPASS branch.

author: nelson%bolyard.com <devnull@localhost> 2007-03-14 02:08:54 +0000
committer: nelson%bolyard.com <devnull@localhost> 2007-03-14 02:08:54 +0000
commit: e7cc50ae123d7353cb60b65c552da65a7bed80c6 (patch)
tree: 609e2e6bb71b842d2a1cf8fb77cb946e604e3557
parent: 2e894b7c5e3cbc49267a650022f3766e81b83441 (diff)
parent: 260540541c7c5df40b6fe09d6f39dc20d9c5bfa8 (diff)
download: nss-hg-e7cc50ae123d7353cb60b65c552da65a7bed80c6.tar.gz
1 files changed, 62 insertions, 45 deletions
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
index 5b456d817..94a8b9ba6 100644
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ b/security/nss/cmd/strsclnt/strsclnt.c
@@ -115,6 +115,7 @@ int ssl3CipherSuites[] = {
     TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    	/* w */
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       	/* x */
     TLS_RSA_WITH_AES_256_CBC_SHA,     	    	/* y */
+    SSL_RSA_WITH_NULL_SHA,			/* z */
     0
 };
 
@@ -1093,16 +1094,18 @@ StressClient_GetClientAuthData(void * arg,
     }
 }
 
-#define HEXCHAR_TO_INT(c, i) \
-    if (((c) >= '0') && ((c) <= '9')) { \
-	i = (c) - '0'; \
-    } else if (((c) >= 'a') && ((c) <= 'f')) { \
-	i = (c) - 'a' + 10; \
-    } else if (((c) >= 'A') && ((c) <= 'F')) { \
-	i = (c) - 'A' + 10; \
-    } else { \
-	Usage("strsclnt"); \
-    }
+int 
+hexchar_to_int(int c) 
+{
+    if (((c) >= '0') && ((c) <= '9'))
+	return (c) - '0'; 
+    if (((c) >= 'a') && ((c) <= 'f'))
+	return (c) - 'a' + 10;
+    if (((c) >= 'A') && ((c) <= 'F'))
+	return (c) - 'A' + 10; 
+    failed_already = 1;
+    return -1;
+}
 
 void
 client_main(
@@ -1134,46 +1137,48 @@ client_main(
         /* disable all the ciphers, then enable the ones we want. */
         disableAllSSLCiphers();
 
-        while (0 != (ndx = *cipherString++)) {
-            int  cipher;
+        while (0 != (ndx = *cipherString)) {
+	    const char * startCipher = cipherString++;
+            int  cipher = 0;
+	    SECStatus rv;
 
 	    if (ndx == ':') {
-		int ctmp;
-
-		cipher = 0;
-		HEXCHAR_TO_INT(*cipherString, ctmp)
-		cipher |= (ctmp << 12);
-		cipherString++;
-		HEXCHAR_TO_INT(*cipherString, ctmp)
-		cipher |= (ctmp << 8);
-		cipherString++;
-		HEXCHAR_TO_INT(*cipherString, ctmp)
-		cipher |= (ctmp << 4);
-		cipherString++;
-		HEXCHAR_TO_INT(*cipherString, ctmp)
-		cipher |= ctmp;
-		cipherString++;
+		cipher  = hexchar_to_int(*cipherString++);
+		cipher <<= 4;
+		cipher |= hexchar_to_int(*cipherString++);
+		cipher <<= 4;
+		cipher |= hexchar_to_int(*cipherString++);
+		cipher <<= 4;
+		cipher |= hexchar_to_int(*cipherString++);
+		if (cipher <= 0) {
+		    fprintf(stderr, "strsclnt: Invalid cipher value: %-5.5s\n",
+		                    startCipher);
+		    failed_already = 1;
+		    return;
+		}
 	    } else {
-		const int *cptr;
+		if (isalpha(ndx)) {
+		    const int *cptr;
 
-		if (! isalpha(ndx))
-		    Usage("strsclnt");
-		cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-		for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
-		    /* do nothing */;
-	    }
-            if (cipher > 0) {
-		SECStatus rv;
-                rv = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		if (rv != SECSuccess) {
-		    fprintf(stderr, 
-		"strsclnt: SSL_CipherPrefSetDefault failed with value 0x%04x\n",
-			    cipher);
-		    exit(1);
+		    cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
+		    for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
+			/* do nothing */;
 		}
-            } else {
-		Usage("strsclnt");
-            }
+	    	if (cipher <= 0) {
+		    fprintf(stderr, "strsclnt: Invalid cipher letter: %c\n", 
+		                    *startCipher);
+		    failed_already = 1;
+		    return;
+		}
+	    }
+	    rv = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
+	    if (rv != SECSuccess) {
+		fprintf(stderr, 
+			"strsclnt: SSL_CipherPrefSetDefault(0x%04x) failed\n",
+			cipher);
+		failed_already = 1;
+		return;
+	    }
         }
     }
 
@@ -1410,6 +1415,8 @@ main(int argc, char **argv)
 
 	}
     }
+    PL_DestroyOptState(optstate);
+
     if (!hostName || status == PL_OPT_BAD)
     	Usage(progName);
 
@@ -1474,8 +1481,18 @@ main(int argc, char **argv)
     if (Cert_And_Key.key) {
 	SECKEY_DestroyPrivateKey(Cert_And_Key.key);
     }
+
     PR_DestroyLock(Cert_And_Key.lock);
 
+    if (Cert_And_Key.password) {
+        PL_strfree(Cert_And_Key.password);
+    }
+    if (Cert_And_Key.nickname) {
+        PL_strfree(Cert_And_Key.nickname);
+    }
+
+    PL_strfree(hostName);
+
     /* some final stats. */
     if (ssl3stats->hsh_sid_cache_hits + ssl3stats->hsh_sid_cache_misses +
         ssl3stats->hsh_sid_cache_not_ok == 0) {
author	nelson%bolyard.com <devnull@localhost>	2007-03-14 02:08:54 +0000
committer	nelson%bolyard.com <devnull@localhost>	2007-03-14 02:08:54 +0000
commit	e7cc50ae123d7353cb60b65c552da65a7bed80c6 (patch)
tree	609e2e6bb71b842d2a1cf8fb77cb946e604e3557
parent	2e894b7c5e3cbc49267a650022f3766e81b83441 (diff)
parent	260540541c7c5df40b6fe09d6f39dc20d9c5bfa8 (diff)
download	nss-hg-e7cc50ae123d7353cb60b65c552da65a7bed80c6.tar.gz