summaryrefslogtreecommitdiff
path: root/lib/ssl/ssl3con.c
diff options
context:
space:
mode:
authorSergei Chernov <sergei.cv@ndivi.com>2015-12-08 17:11:24 -0500
committerSergei Chernov <sergei.cv@ndivi.com>2015-12-08 17:11:24 -0500
commitd38cf7ddfbc3f615f2af916dba06c8e87f2b0c61 (patch)
tree675ef6045d3ba6b138103c529359fb46f63f8d98 /lib/ssl/ssl3con.c
parent4aab1ad9f2863caf05e8358a9bbb317abd72116f (diff)
downloadnss-hg-d38cf7ddfbc3f615f2af916dba06c8e87f2b0c61.tar.gz
Bug 944175 - Implement Certificate Transparency [part 1, client side]. r=wtc
Diffstat (limited to 'lib/ssl/ssl3con.c')
-rw-r--r--lib/ssl/ssl3con.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
index 67f58d403..93e7d53ed 100644
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -6787,6 +6787,17 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
sid->u.ssl3.keys.extendedMasterSecretUsed =
ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn);
+ /* Copy Signed Certificate Timestamps, if any. */
+ if (ss->xtnData.signedCertTimestamps.data) {
+ rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps,
+ &ss->xtnData.signedCertTimestamps);
+ if (rv != SECSuccess)
+ goto loser;
+ /* Clean up the temporary pointer to the handshake buffer. */
+ ss->xtnData.signedCertTimestamps.data = NULL;
+ ss->xtnData.signedCertTimestamps.len = 0;
+ }
+
ss->ssl3.hs.isResuming = PR_FALSE;
if (ss->ssl3.hs.kea_def->signKeyType != sign_null) {
/* All current cipher suites other than those with sign_null (i.e.,
@@ -6805,6 +6816,9 @@ alert_loser:
(void)SSL3_SendAlert(ss, alert_fatal, desc);
loser:
+ /* Clean up the temporary pointer to the handshake buffer. */
+ ss->xtnData.signedCertTimestamps.data = NULL;
+ ss->xtnData.signedCertTimestamps.len = 0;
ssl_MapLowLevelError(errCode);
return SECFailure;
}
View Lorry Controller Status