diff options
| author | christophe.ravel.bugs%sun.com <devnull@localhost> | 2005-08-18 19:16:45 +0000 |
|---|---|---|
| committer | christophe.ravel.bugs%sun.com <devnull@localhost> | 2005-08-18 19:16:45 +0000 |
| commit | 5a214953b6a2c1ec561261509de1084c39334e56 (patch) | |
| tree | ebb9daa44cd384e417e79dad583bea4d623ba18c | |
| parent | ac20248b6a226b273d2e4629b7492d3b048afd19 (diff) | |
| download | nss-hg-5a214953b6a2c1ec561261509de1084c39334e56.tar.gz | |
Checking again for:
Backport from NSS 3.4 to NSS 3.3.4.x. Checkins to directory mozilla/security/nss
/lib/ssl by relyea* between 2001-12-05 00:00 and 2001-12-07 00:00
r+: Saul Edwards
sr+: Nelson Bolyard
Note: there is no bug for this fix on Bugzilla.
6289081
| -rw-r--r-- | security/nss/lib/ssl/sslcon.c | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c index 53575bf68..d0005d269 100644 --- a/security/nss/lib/ssl/sslcon.c +++ b/security/nss/lib/ssl/sslcon.c @@ -1457,10 +1457,10 @@ loser: static SECStatus ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient) { - sslSecurityInfo * sec; + sslSecurityInfo * sec = NULL; sslConnectInfo * ci; - SECItem * rk; - SECItem * wk; + SECItem * rk = NULL; + SECItem * wk = NULL; SECItem * param; SECStatus rv; int cipherType = sid->u.ssl2.cipherType; @@ -1495,7 +1495,7 @@ ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient) SSL_DBG(("%d: SSL[%d]: ssl2_CreateSessionCypher: unknown cipher=%d", SSL_GETPID(), ss->fd, cipherType)); PORT_SetError(isClient ? SSL_ERROR_BAD_SERVER : SSL_ERROR_BAD_CLIENT); - goto loser; + goto sec_loser; } sec = ss->sec; @@ -1580,8 +1580,12 @@ ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient) rv = SECFailure; done: - SECITEM_ZfreeItem(rk, PR_FALSE); - SECITEM_ZfreeItem(wk, PR_FALSE); + if (rk) { + SECITEM_ZfreeItem(rk, PR_FALSE); + } + if (wk) { + SECITEM_ZfreeItem(wk, PR_FALSE); + } return rv; } @@ -1613,7 +1617,7 @@ ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits, PRUint8 *ek, unsigned int ekLen, PRUint8 *ca, unsigned int caLen) { - PRUint8 *kk; + PRUint8 *kk = NULL; sslSecurityInfo * sec; sslSessionID * sid; PRUint8 * kbuf = 0; /* buffer for RSA decrypted data. */ @@ -1729,6 +1733,9 @@ hide_loser: * Instead, Generate a completely bogus master key . */ PK11_GenerateRandom(kbuf, ekLen); + if (!kk) { + kk = kbuf + ekLen - (keySize - ckLen); + } } /* @@ -2967,7 +2974,7 @@ ssl2_BeginClientHandshake(sslSocket *ss) PRUint8 *localCipherSpecs = NULL; unsigned int localCipherSize; unsigned int i; - int sendLen, sidLen; + int sendLen, sidLen = 0; SECStatus rv; PORT_Assert( ssl_Have1stHandshakeLock(ss) ); @@ -3747,8 +3754,6 @@ NSSSSL_VersionCheck(const char *importedVersion) * not compatible with future major, minor, or * patch releases. */ - int vmajor = 0, vminor = 0, vpatch = 0; - const char *ptr = importedVersion; volatile char c; /* force a reference that won't get optimized away */ c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; |