From 231f3c3fd6fe8922b159d82cb703446c51c0d0a9 Mon Sep 17 00:00:00 2001 From: Franziskus Kiefer Date: Fri, 23 Dec 2016 06:00:57 +0100 Subject: [PATCH] Bug 1317947 - land NSS 0x6353ce63e18f, r=me --- security/nss/TAG-INFO | 2 +- .../taskcluster/docker-fuzz/Dockerfile | 27 ++++ .../taskcluster/docker-fuzz/bin/checkout.sh | 20 +++ .../taskcluster/docker-fuzz/setup.sh | 54 +++++++ .../taskcluster/graph/src/extend.js | 5 +- .../taskcluster/windows/releng.manifest | 8 +- .../automation/taskcluster/windows/setup.sh | 6 +- security/nss/build.sh | 33 +++- security/nss/cmd/bltest/blapitest.c | 9 +- security/nss/cmd/certutil/certutil.c | 6 +- security/nss/cmd/crlutil/crlutil.c | 12 +- security/nss/cmd/smimetools/cmsutil.c | 1 + security/nss/coreconf/Linux.mk | 19 +-- security/nss/coreconf/arch.mk | 14 ++ security/nss/coreconf/check_cc_clang.py | 7 +- security/nss/coreconf/config.gypi | 133 ++++++++++------ security/nss/coreconf/coreconf.dep | 1 - security/nss/coreconf/nspr.sh | 7 +- security/nss/coreconf/sanitizers.py | 4 +- security/nss/coreconf/werror.py | 3 +- .../nss/gtests/ssl_gtest/libssl_internals.c | 25 +++ .../nss/gtests/ssl_gtest/libssl_internals.h | 2 + security/nss/gtests/ssl_gtest/ssl_gtest.gyp | 4 + .../gtests/ssl_gtest/ssl_loopback_unittest.cc | 8 + security/nss/gtests/ssl_gtest/tls_agent.cc | 16 +- security/nss/gtests/ssl_gtest/tls_agent.h | 3 + security/nss/lib/certhigh/certhigh.c | 5 +- security/nss/lib/certhigh/certvfy.c | 143 ++++++++++++++++++ security/nss/lib/freebl/freebl.gyp | 5 + security/nss/lib/freebl/unix_rand.c | 2 +- .../lib/libpkix/include/pkix_errorstrings.h | 3 +- .../nss/lib/libpkix/pkix/top/pkix_build.c | 12 ++ security/nss/lib/pk11wrap/pk11mech.c | 4 + security/nss/lib/pk11wrap/pk11pars.c | 12 +- security/nss/lib/pkcs12/p12d.c | 14 +- security/nss/lib/smime/cmssigdata.c | 6 +- security/nss/lib/softoken/lowpbe.c | 11 +- security/nss/lib/softoken/pkcs11.c | 4 + security/nss/lib/softoken/pkcs11c.c | 20 +++ security/nss/lib/softoken/softoken.h | 2 +- security/nss/lib/ssl/ssl.gyp | 5 + security/nss/lib/ssl/ssl.h | 2 +- security/nss/lib/ssl/ssl3con.c | 59 +++++--- security/nss/lib/ssl/ssl3ext.c | 3 + security/nss/lib/ssl/ssl3gthr.c | 29 +++- security/nss/lib/ssl/ssl3prot.h | 1 + security/nss/lib/ssl/sslimpl.h | 2 + security/nss/lib/ssl/sslinfo.c | 3 + security/nss/lib/ssl/sslmutex.c | 3 +- security/nss/lib/ssl/sslmutex.h | 3 +- security/nss/lib/ssl/sslsock.c | 7 +- security/nss/lib/ssl/sslt.h | 11 +- security/nss/lib/ssl/tls13con.c | 14 +- security/nss/lib/ssl/tls13exthandle.c | 98 ++++++++++++ security/nss/lib/ssl/tls13exthandle.h | 6 + security/nss/lib/util/pkcs11n.h | 6 + security/nss/lib/util/utilmod.c | 12 +- .../nss/tests/libpkix/certs/PayPalEE.cert | Bin 1382 -> 1376 bytes security/nss/tests/ssl/ssl.sh | 2 +- 59 files changed, 791 insertions(+), 147 deletions(-) create mode 100644 security/nss/automation/taskcluster/docker-fuzz/Dockerfile create mode 100644 security/nss/automation/taskcluster/docker-fuzz/bin/checkout.sh create mode 100644 security/nss/automation/taskcluster/docker-fuzz/setup.sh diff --git a/security/nss/TAG-INFO b/security/nss/TAG-INFO index 3316ea955760..b0b146e25cf5 100644 --- a/security/nss/TAG-INFO +++ b/security/nss/TAG-INFO @@ -1 +1 @@ -5e59e858012d +6353ce63e18f diff --git a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile new file mode 100644 index 000000000000..35777c0b7c28 --- /dev/null +++ b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile @@ -0,0 +1,27 @@ +FROM ubuntu:16.04 +MAINTAINER Tim Taubert + +RUN useradd -d /home/worker -s /bin/bash -m worker +WORKDIR /home/worker + +# Add build and test scripts. +ADD bin /home/worker/bin +RUN chmod +x /home/worker/bin/* + +# Install dependencies. +ADD setup.sh /tmp/setup.sh +RUN bash /tmp/setup.sh + +# Env variables. +ENV HOME /home/worker +ENV SHELL /bin/bash +ENV USER worker +ENV LOGNAME worker +ENV HOSTNAME taskcluster-worker +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 +ENV HOST localhost +ENV DOMSUF localdomain + +# Set a default command for debugging. +CMD ["/bin/bash", "--login"] diff --git a/security/nss/automation/taskcluster/docker-fuzz/bin/checkout.sh b/security/nss/automation/taskcluster/docker-fuzz/bin/checkout.sh new file mode 100644 index 000000000000..9167f6bda6b3 --- /dev/null +++ b/security/nss/automation/taskcluster/docker-fuzz/bin/checkout.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +set -v -e -x + +if [ $(id -u) = 0 ]; then + # Drop privileges by re-running this script. + exec su worker $0 +fi + +# Default values for testing. +REVISION=${NSS_HEAD_REVISION:-default} +REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} + +# Clone NSS. +for i in 0 2 5; do + sleep $i + hg clone -r $REVISION $REPOSITORY nss && exit 0 + rm -rf nss +done +exit 1 diff --git a/security/nss/automation/taskcluster/docker-fuzz/setup.sh b/security/nss/automation/taskcluster/docker-fuzz/setup.sh new file mode 100644 index 000000000000..569a64374c5a --- /dev/null +++ b/security/nss/automation/taskcluster/docker-fuzz/setup.sh @@ -0,0 +1,54 @@ +#!/usr/bin/env bash + +set -v -e -x + +# Update packages. +export DEBIAN_FRONTEND=noninteractive +apt-get -y update && apt-get -y upgrade + +# Need this to add keys for PPAs below. +apt-get install -y --no-install-recommends apt-utils + +apt_packages=() +apt_packages+=('build-essential') +apt_packages+=('ca-certificates') +apt_packages+=('curl') +apt_packages+=('git') +apt_packages+=('gyp') +apt_packages+=('ninja-build') +apt_packages+=('pkg-config') +apt_packages+=('zlib1g-dev') + +# ct-verif and sanitizers +apt_packages+=('valgrind') + +# Latest Mercurial. +apt_packages+=('mercurial') +apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE +echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list + +# Install packages. +apt-get -y update +apt-get install -y --no-install-recommends ${apt_packages[@]} + +# Install LLVM/clang-4.0. +mkdir clang-tmp +git clone -n --depth 1 https://chromium.googlesource.com/chromium/src/tools/clang clang-tmp/clang +git -C clang-tmp/clang checkout HEAD scripts/update.py +clang-tmp/clang/scripts/update.py +rm -fr clang-tmp + +# Link to LLVM binaries. +for b in clang clang++ llvm-symbolizer; do + ln -s /home/worker/third_party/llvm-build/Release+Asserts/bin/$b /usr/local/bin/$b +done + +locale-gen en_US.UTF-8 +dpkg-reconfigure locales + +# Cleanup. +rm -rf ~/.ccache ~/.cache +apt-get autoremove -y +apt-get clean +apt-get autoclean +rm $0 diff --git a/security/nss/automation/taskcluster/graph/src/extend.js b/security/nss/automation/taskcluster/graph/src/extend.js index d15f6b61eae0..876505b485fb 100644 --- a/security/nss/automation/taskcluster/graph/src/extend.js +++ b/security/nss/automation/taskcluster/graph/src/extend.js @@ -6,6 +6,7 @@ import merge from "./merge"; import * as queue from "./queue"; const LINUX_IMAGE = {name: "linux", path: "automation/taskcluster/docker"}; +const FUZZ_IMAGE = {name: "fuzz", path: "automation/taskcluster/docker-fuzz"}; const WINDOWS_CHECKOUT_CMD = "bash -c \"hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss || " + @@ -270,7 +271,7 @@ async function scheduleFuzzing() { }, platform: "linux64", collection: "fuzz", - image: LINUX_IMAGE + image: FUZZ_IMAGE }; // Build base definition. @@ -279,7 +280,7 @@ async function scheduleFuzzing() { "/bin/bash", "-c", "bin/checkout.sh && " + - "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz --ubsan" + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz" ], artifacts: { public: { diff --git a/security/nss/automation/taskcluster/windows/releng.manifest b/security/nss/automation/taskcluster/windows/releng.manifest index b3f4498540b8..403be2b04627 100644 --- a/security/nss/automation/taskcluster/windows/releng.manifest +++ b/security/nss/automation/taskcluster/windows/releng.manifest @@ -1,10 +1,10 @@ [ { - "version": "Visual Studio 2015 Update 2 / SDK 10.0.10586.0/212", - "size": 332442800, - "digest": "995394a4a515c7cb0f8595f26f5395361a638870dd0bbfcc22193fe1d98a0c47126057d5999cc494f3f3eac5cb49160e79757c468f83ee5797298e286ef6252c", + "version": "Visual Studio 2015 Update 3 14.0.25425.01 / SDK 10.0.14393.0", + "size": 326656969, + "digest": "babc414ffc0457d27f5a1ed24a8e4873afbe2f1c1a4075469a27c005e1babc3b2a788f643f825efedff95b79686664c67ec4340ed535487168a3482e68559bc7", "algorithm": "sha512", - "filename": "vs2015u2.zip", + "filename": "vs2015u3.zip", "unpack": true } ] diff --git a/security/nss/automation/taskcluster/windows/setup.sh b/security/nss/automation/taskcluster/windows/setup.sh index 80cee2850e15..32732774a488 100644 --- a/security/nss/automation/taskcluster/windows/setup.sh +++ b/security/nss/automation/taskcluster/windows/setup.sh @@ -18,7 +18,7 @@ hg_clone() { hg_clone https://hg.mozilla.org/build/tools tools default tools/scripts/tooltool/tooltool_wrapper.sh $(dirname $0)/releng.manifest https://api.pub.build.mozilla.org/tooltool/ non-existant-file.sh /c/mozilla-build/python/python.exe /c/builds/tooltool.py --authentication-file /c/builds/relengapi.tok -c /c/builds/tooltool_cache -VSPATH="$(pwd)/vs2015u2" +VSPATH="$(pwd)/vs2015u3" export WINDOWSSDKDIR="${VSPATH}/SDK" export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x64/Microsoft.VC140.CRT" @@ -26,5 +26,5 @@ export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x64" export PATH="${VSPATH}/VC/bin/amd64:${VSPATH}/VC/bin:${VSPATH}/SDK/bin/x64:${VSPATH}/VC/redist/x64/Microsoft.VC140.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x64:${PATH}" -export INCLUDE="${VSPATH}/VC/include:${VSPATH}/SDK/Include/10.0.10586.0/ucrt:${VSPATH}/SDK/Include/10.0.10586.0/shared:${VSPATH}/SDK/Include/10.0.10586.0/um" -export LIB="${VSPATH}/VC/lib/amd64:${VSPATH}/SDK/lib/10.0.10586.0/ucrt/x64:${VSPATH}/SDK/lib/10.0.10586.0/um/x64" +export INCLUDE="${VSPATH}/VC/include:${VSPATH}/SDK/Include/10.0.14393.0/ucrt:${VSPATH}/SDK/Include/10.0.14393.0/shared:${VSPATH}/SDK/Include/10.0.14393.0/um" +export LIB="${VSPATH}/VC/lib/amd64:${VSPATH}/SDK/lib/10.0.14393.0/ucrt/x64:${VSPATH}/SDK/lib/10.0.14393.0/um/x64" diff --git a/security/nss/build.sh b/security/nss/build.sh index 9c215eb59e0a..feee2a923eac 100755 --- a/security/nss/build.sh +++ b/security/nss/build.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # This script builds NSS with gyp and ninja. # # This build system is still under development. It does not yet support all @@ -36,6 +36,7 @@ NSS build tool options: --opt|-o do an opt build --asan do an asan build --ubsan do an ubsan build + --ubsan=bool,shift,... sets specific UB sanitizers --msan do an msan build --sancov do sanitize coverage builds --sancov=func sets coverage to function level for example @@ -54,11 +55,11 @@ rebuild_gyp=0 target=Debug verbose=0 fuzz=0 -sancov_default=edge,indirect-calls,8bit-counters +ubsan_default=bool,signed-integer-overflow,shift,vptr # parse parameters to store in config params=$(echo "$*" | perl -pe 's/-c|-v|-g|-j [0-9]*|-h//g' | perl -pe 's/^\s*(.*?)\s*$/\1/') -params=$(echo "$params $CC $CCC" | tr " " "\n" | perl -pe '/^\s*$/d') +params=$(echo "$params $CC $CCC" | tr " " "\n" | perl -pe 's/^\s*$//') params=$(echo "${params[*]}" | sort) cwd=$(cd $(dirname $0); pwd -P) @@ -74,13 +75,30 @@ gyp_params=() ninja_params=() scanbuild=() +sancov_default() +{ + clang_version=$($CC --version | grep -oE 'clang version (3\.9\.|4\.)') + if [ -z "$clang_version" ]; then + echo "Need at least clang-3.9 (better 4.0) for sancov." 1>&2 + exit 1 + fi + + if [ "$clang_version" = "clang version 3.9." ]; then + echo edge,indirect-calls,8bit-counters + else + echo trace-pc-guard + fi +} + enable_fuzz() { fuzz=1 nspr_sanitizer asan - nspr_sanitizer sancov $sancov_default + nspr_sanitizer ubsan $ubsan_default + nspr_sanitizer sancov $(sancov_default) gyp_params+=(-Duse_asan=1) - gyp_params+=(-Duse_sancov=$sancov_default) + gyp_params+=(-Duse_ubsan=$ubsan_default) + gyp_params+=(-Duse_sancov=$(sancov_default)) # Adding debug symbols even for opt builds. nspr_opt+=(--enable-debug-symbols) @@ -100,8 +118,9 @@ while [ $# -gt 0 ]; do --opt|-o) opt_build=1 ;; -m32|--m32) build_64=0 ;; --asan) gyp_params+=(-Duse_asan=1); nspr_sanitizer asan ;; - --ubsan) gyp_params+=(-Duse_ubsan=1); nspr_sanitizer ubsan ;; - --sancov) gyp_params+=(-Duse_sancov=$sancov_default); nspr_sanitizer sancov $sancov_default ;; + --ubsan) gyp_params+=(-Duse_ubsan=$ubsan_default); nspr_sanitizer ubsan $ubsan_default ;; + --ubsan=?*) gyp_params+=(-Duse_ubsan="${1#*=}"); nspr_sanitizer ubsan "${1#*=}" ;; + --sancov) gyp_params+=(-Duse_sancov=$(sancov_default)); nspr_sanitizer sancov $(sancov_default) ;; --sancov=?*) gyp_params+=(-Duse_sancov="${1#*=}"); nspr_sanitizer sancov "${1#*=}" ;; --pprof) gyp_params+=(-Duse_pprof=1) ;; --msan) gyp_params+=(-Duse_msan=1); nspr_sanitizer msan ;; diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c index b0e7c840bbff..6a178ada8cbc 100644 --- a/security/nss/cmd/bltest/blapitest.c +++ b/security/nss/cmd/bltest/blapitest.c @@ -917,6 +917,7 @@ setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file, SECItem *in; unsigned char *tok; unsigned int i, j; + PRBool needToFreeFile = PR_FALSE; if (file && (numBytes == 0 || file == PR_STDIN)) { /* grabbing data from a file */ @@ -924,6 +925,7 @@ setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file, if (rv != SECSuccess) return SECFailure; in = &fileData; + needToFreeFile = PR_TRUE; } else if (str) { /* grabbing data from command line */ fileData.data = (unsigned char *)str; @@ -957,10 +959,7 @@ setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file, --in->len; if (in->data[in->len - 1] == '\r') --in->len; - SECITEM_CopyItem(arena, &input->buf, in); - if (rv != SECSuccess) { - return SECFailure; - } + rv = SECITEM_CopyItem(arena, &input->buf, in); break; case bltestHexSpaceDelim: SECITEM_AllocItem(arena, &input->buf, in->len / 5); @@ -986,7 +985,7 @@ setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file, break; } - if (file) + if (needToFreeFile) SECITEM_FreeItem(&fileData, PR_FALSE); return rv; } diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index f79a02a90b65..24acdbcb4192 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -49,7 +49,7 @@ char *progName; static CERTCertificateRequest * -GetCertRequest(const SECItem *reqDER) +GetCertRequest(const SECItem *reqDER, void *pwarg) { CERTCertificateRequest *certReq = NULL; CERTSignedData signedData; @@ -83,7 +83,7 @@ GetCertRequest(const SECItem *reqDER) break; } rv = CERT_VerifySignedDataWithPublicKeyInfo(&signedData, - &certReq->subjectPublicKeyInfo, NULL /* wincx */); + &certReq->subjectPublicKeyInfo, pwarg); } while (0); if (rv) { @@ -2000,7 +2000,7 @@ CreateCert( do { /* Create a certrequest object from the input cert request der */ - certReq = GetCertRequest(certReqDER); + certReq = GetCertRequest(certReqDER, pwarg); if (certReq == NULL) { GEN_BREAK(SECFailure) } diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c index f31b0eaf37eb..c008ecc01a0d 100644 --- a/security/nss/cmd/crlutil/crlutil.c +++ b/security/nss/cmd/crlutil/crlutil.c @@ -66,8 +66,11 @@ FindCRL(CERTCertDBHandle *certHandle, char *name, int type) return ((CERTSignedCrl *)NULL); } } else { - SECITEM_CopyItem(NULL, &derName, &cert->derSubject); + SECStatus rv = SECITEM_CopyItem(NULL, &derName, &cert->derSubject); CERT_DestroyCertificate(cert); + if (rv != SECSuccess) { + return ((CERTSignedCrl *)NULL); + } } crl = SEC_FindCrlByName(certHandle, &derName, type); @@ -373,7 +376,7 @@ static CERTSignedCrl * CreateModifiedCRLCopy(PLArenaPool *arena, CERTCertDBHandle *certHandle, CERTCertificate **cert, char *certNickName, PRFileDesc *inFile, PRInt32 decodeOptions, - PRInt32 importOptions) + PRInt32 importOptions, secuPWData *pwdata) { SECItem crlDER = { 0, NULL, 0 }; CERTSignedCrl *signCrl = NULL; @@ -419,7 +422,7 @@ CreateModifiedCRLCopy(PLArenaPool *arena, CERTCertDBHandle *certHandle, } rv = CERT_VerifySignedData(&modCrl->signatureWrap, *cert, - PR_Now(), NULL); + PR_Now(), pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "fail to verify signed data\n"); goto loser; @@ -707,7 +710,8 @@ GenerateCRL(CERTCertDBHandle *certHandle, char *certNickName, if (modifyFlag == PR_TRUE) { signCrl = CreateModifiedCRLCopy(arena, certHandle, &cert, certNickName, - inFile, decodeOptions, importOptions); + inFile, decodeOptions, importOptions, + pwdata); if (signCrl == NULL) { rv = SECFailure; goto loser; diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c index e01fc4c7b5ad..f3587d0162df 100644 --- a/security/nss/cmd/smimetools/cmsutil.c +++ b/security/nss/cmd/smimetools/cmsutil.c @@ -473,6 +473,7 @@ signed_data(struct signOptionsStr *signOptions) fprintf(stderr, "Created CMS message, added signed data w/ signerinfo\n"); } + signerinfo->cmsg->pwfn_arg = pwcb_arg; /* we want the cert chain included for this one */ if (NSS_CMSSignerInfo_IncludeCerts(signerinfo, NSSCMSCM_CertChain, signOptions->options->certUsage) != diff --git a/security/nss/coreconf/Linux.mk b/security/nss/coreconf/Linux.mk index 438dab48afc0..fdb41b2ec6b3 100644 --- a/security/nss/coreconf/Linux.mk +++ b/security/nss/coreconf/Linux.mk @@ -106,16 +106,6 @@ ifneq ($(OS_TARGET),Android) LIBC_TAG = _glibc endif -ifeq ($(OS_RELEASE),2.0) - OS_REL_CFLAGS += -DLINUX2_0 - MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) $(RPATH) - ifdef MAPFILE - MKSHLIB += -Wl,--version-script,$(MAPFILE) - endif - PROCESS_MAP_FILE = grep -v ';-' $< | \ - sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@ -endif - ifdef BUILD_OPT ifeq (11,$(ALLOW_OPT_CODE_SIZE)$(OPT_CODE_SIZE)) OPTIMIZER = -Os @@ -139,15 +129,16 @@ ifeq ($(USE_PTHREADS),1) OS_PTHREAD = -lpthread endif -OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) $(ARCHFLAG) -pipe -ffunction-sections -fdata-sections -DLINUX -Dlinux -DHAVE_STRERROR +OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) $(ARCHFLAG) -pipe -ffunction-sections -fdata-sections -DHAVE_STRERROR +ifeq ($(KERNEL),Linux) + OS_CFLAGS += -DLINUX -Dlinux +endif OS_LIBS = $(OS_PTHREAD) -ldl -lc ifdef USE_PTHREADS DEFINES += -D_REENTRANT endif -ARCH = linux - DSO_CFLAGS = -fPIC DSO_LDOPTS = -shared $(ARCHFLAG) -Wl,--gc-sections # The linker on Red Hat Linux 7.2 and RHEL 2.1 (GNU ld version 2.11.90.0.8) @@ -167,7 +158,6 @@ ifdef _SBOX_DIR LDFLAGS += -Wl,-rpath-link,/usr/lib:/lib endif -# INCLUDES += -I/usr/include -Y/usr/include/linux G++INCLUDES = -I/usr/include/g++ # @@ -202,7 +192,6 @@ RPATH = -Wl,-rpath,'$$ORIGIN:/opt/sun/private/lib' endif endif -OS_REL_CFLAGS += -DLINUX2_1 MKSHLIB = $(CC) $(DSO_LDOPTS) -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) $(RPATH) ifdef MAPFILE diff --git a/security/nss/coreconf/arch.mk b/security/nss/coreconf/arch.mk index 06c276f80db7..18f9aaccee17 100644 --- a/security/nss/coreconf/arch.mk +++ b/security/nss/coreconf/arch.mk @@ -115,6 +115,20 @@ ifeq ($(OS_ARCH),Linux) ifneq ($(words $(OS_RELEASE)),1) OS_RELEASE := $(word 1,$(OS_RELEASE)).$(word 2,$(OS_RELEASE)) endif + KERNEL = Linux +endif + +# Since all uses of OS_ARCH that follow affect only userland, we can +# merge other Glibc systems with Linux here. +ifeq ($(OS_ARCH),GNU) + OS_ARCH = Linux + OS_RELEASE = 2.6 + KERNEL = GNU +endif +ifeq ($(OS_ARCH),GNU_kFreeBSD) + OS_ARCH = Linux + OS_RELEASE = 2.6 + KERNEL = FreeBSD endif # diff --git a/security/nss/coreconf/check_cc_clang.py b/security/nss/coreconf/check_cc_clang.py index 145ec0a72580..4b9541195487 100644 --- a/security/nss/coreconf/check_cc_clang.py +++ b/security/nss/coreconf/check_cc_clang.py @@ -6,15 +6,16 @@ import sys def main(): if sys.platform == 'win32': - print 0 + print(0) else: cc = os.environ.get('CC', 'cc') try: - cc_is_clang = 'clang' in subprocess.check_output([cc, '--version']) + cc_is_clang = 'clang' in subprocess.check_output( + [cc, '--version'], universal_newlines=True) except OSError: # We probably just don't have CC/cc. cc_is_clang = False - print int(cc_is_clang) + print(int(cc_is_clang)) if __name__ == '__main__': main() diff --git a/security/nss/coreconf/config.gypi b/security/nss/coreconf/config.gypi index 1e4b27b3c2b1..3f5aa253ec47 100644 --- a/security/nss/coreconf/config.gypi +++ b/security/nss/coreconf/config.gypi @@ -24,39 +24,45 @@ # building on. 'target_arch%': '<(host_arch)', }], + ['OS=="linux"', { + # FIPS-140 LOWHASH + 'freebl_name': 'freeblpriv3', + }, { + 'freebl_name': 'freebl3', + }], + ['OS=="mac"', { + 'use_system_sqlite%': 1, + },{ + 'use_system_sqlite%': 0, + }], + ['OS=="mac" or OS=="win"', { + 'cc_use_gnu_ld%': 0, + }, { + 'cc_use_gnu_ld%': 1, + }], ['OS=="win"', { 'use_system_zlib%': 0, - 'nspr_libs%': ['nspr4.lib', 'plc4.lib', 'plds4.lib'], + 'nspr_libs%': ['libnspr4.lib', 'libplc4.lib', 'libplds4.lib'], 'zlib_libs%': [], #TODO 'moz_debug_flags%': '', 'dll_prefix': '', 'dll_suffix': 'dll', }, { - 'nspr_libs%': ['-lplds4', '-lplc4', '-lnspr4'], 'use_system_zlib%': 1, - }], - ['OS=="linux" or OS=="android"', { + 'nspr_libs%': ['-lplds4', '-lplc4', '-lnspr4'], 'zlib_libs%': ['-lz'], - 'moz_debug_flags%': '-gdwarf-2', 'optimize_flags%': '-O2', 'dll_prefix': 'lib', - 'dll_suffix': 'so', - }], - ['OS=="linux"', { - 'freebl_name': 'freeblpriv3', - }, { - 'freebl_name': 'freebl3', - }], - ['OS=="mac"', { - 'zlib_libs%': ['-lz'], - 'use_system_sqlite%': 1, - 'moz_debug_flags%': '-gdwarf-2 -gfull', - 'optimize_flags%': '-O2', - 'dll_prefix': 'lib', - 'dll_suffix': 'dylib', - }, { - 'use_system_sqlite%': 0, + 'conditions': [ + ['OS=="mac"', { + 'moz_debug_flags%': '-gdwarf-2 -gfull', + 'dll_suffix': 'dylib', + }, { + 'moz_debug_flags%': '-gdwarf-2', + 'dll_suffix': 'so', + }], + ], }], ['"<(GENERATOR)"=="ninja"', { 'cc_is_clang%': '(mapfile)', ], @@ -195,11 +206,19 @@ # Shared library specific settings. [ '_type=="shared_library"', { 'conditions': [ - [ 'OS=="linux" or OS=="android"', { + [ 'cc_use_gnu_ld==1', { 'ldflags': [ '-Wl,--gc-sections', '-Wl,-z,defs', ], + 'conditions': [ + ['OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd"', { + # Bug 1321317 - unix_rand.c:880: undefined reference to `environ' + 'ldflags': [ + '-Wl,--warn-unresolved-symbols', + ], + }], + ], }], ], 'xcode_settings': { @@ -251,10 +270,36 @@ 'LINUX2_1', 'LINUX', 'linux', + ], + }], + [ 'OS=="dragonfly" or OS=="freebsd"', { + 'defines': [ + 'FREEBSD', + ], + }], + [ 'OS=="netbsd"', { + 'defines': [ + 'NETBSD', + ], + }], + [ 'OS=="openbsd"', { + 'defines': [ + 'OPENBSD', + ], + }], + ['OS=="mac" or OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd"', { + 'defines': [ + 'HAVE_BSD_FLOCK', + ], + }], + [ 'OS!="win"', { + 'defines': [ 'HAVE_STRERROR', 'XP_UNIX', '_REENTRANT', ], + }], + [ 'OS!="mac" and OS!="win"', { 'cflags': [ '-fPIC', '-pipe', @@ -275,18 +320,23 @@ }], ], }], - [ 'use_pprof==1 and OS=="linux"', { - 'ldflags': [ '-lprofiler' ], - }], - [ 'use_pprof==1 and OS=="mac"', { - 'xcode_settings': { - 'OTHER_LDFLAGS': [ '-lprofiler' ], - }, - 'library_dirs': [ - '/usr/local/lib/', + [ 'use_pprof==1 and OS!="android" and OS!="win"', { + 'conditions': [ + [ 'OS=="mac"', { + 'xcode_settings': { + 'OTHER_LDFLAGS': [ '-lprofiler' ], + }, + }, { + 'ldflags': [ '-lprofiler' ], + }], + [ 'OS!="linux"', { + 'library_dirs': [ + '/usr/local/lib/', + ], + }], ], }], - [ 'disable_werror==0 and (OS=="linux" or OS=="mac")', { + [ 'disable_werror==0 and OS!="android" and OS!="win"', { 'cflags': [ '(mapfile) | sed -e "s,;+,," -e "s; DATA ;;" -e "s,;;,," -e "s,;.*,;," > >@(_outputs)'], + 'process_map_file': ['/bin/sh', '-c', '/usr/bin/env grep -v ";-" >(mapfile) | sed -e "s,;+,," -e "s; DATA ;;" -e "s,;;,," -e "s,;.*,;," > >@(_outputs)'], }, }], [ 'OS=="mac"', { diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 590d1bfaeee3..5182f75552c8 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,4 +10,3 @@ */ #error "Do not include this header file." - diff --git a/security/nss/coreconf/nspr.sh b/security/nss/coreconf/nspr.sh index ff5e3836303e..33671c37c0d0 100644 --- a/security/nss/coreconf/nspr.sh +++ b/security/nss/coreconf/nspr.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # This script builds NSPR for NSS. # # This build system is still under development. It does not yet support all @@ -10,6 +10,11 @@ nspr_cflags= nspr_cxxflags= nspr_ldflags= +# Try to avoid bmake on OS X and BSD systems +if hash gmake 2>/dev/null; then + make() { command gmake "$@"; } +fi + nspr_sanitizer() { nspr_cflags="$nspr_cflags $(python $cwd/coreconf/sanitizers.py $1 $2)" diff --git a/security/nss/coreconf/sanitizers.py b/security/nss/coreconf/sanitizers.py index 2f62d00bba20..ed00c4921773 100644 --- a/security/nss/coreconf/sanitizers.py +++ b/security/nss/coreconf/sanitizers.py @@ -9,7 +9,9 @@ def main(): sanitizer = sys.argv[1] if sanitizer == "ubsan": - print('-fsanitize=undefined -fno-sanitize-recover=undefined ', end='') + if len(sys.argv) < 3: + raise Exception('ubsan requires another argument.') + print('-fsanitize='+sys.argv[2]+' -fno-sanitize-recover=undefined ', end='') return if sanitizer == "asan": print('-fsanitize=address ', end='') diff --git a/security/nss/coreconf/werror.py b/security/nss/coreconf/werror.py index 77420a14443b..0d3843f64ec2 100644 --- a/security/nss/coreconf/werror.py +++ b/security/nss/coreconf/werror.py @@ -7,7 +7,8 @@ def main(): cc = os.environ.get('CC', 'cc') sink = open(os.devnull, 'wb') try: - cc_is_clang = 'clang' in subprocess.check_output([cc, '--version'], stderr=sink) + cc_is_clang = 'clang' in subprocess.check_output( + [cc, '--version'], universal_newlines=True, stderr=sink) except OSError: # We probably just don't have CC/cc. return diff --git a/security/nss/gtests/ssl_gtest/libssl_internals.c b/security/nss/gtests/ssl_gtest/libssl_internals.c index 3eec0184cd71..08af9af0ec68 100644 --- a/security/nss/gtests/ssl_gtest/libssl_internals.c +++ b/security/nss/gtests/ssl_gtest/libssl_internals.c @@ -345,3 +345,28 @@ SSLCipherAlgorithm SSLInt_CipherSpecToAlgorithm(PRBool isServer, unsigned char *SSLInt_CipherSpecToIv(PRBool isServer, ssl3CipherSpec *spec) { return GetKeyingMaterial(isServer, spec)->write_iv; } + +SECStatus SSLInt_EnableShortHeaders(PRFileDesc *fd) { + sslSocket *ss; + + ss = ssl_FindSocket(fd); + if (!ss) { + return SECFailure; + } + + ss->opt.enableShortHeaders = PR_TRUE; + return SECSuccess; +} + +SECStatus SSLInt_UsingShortHeaders(PRFileDesc *fd, PRBool *result) { + sslSocket *ss; + + ss = ssl_FindSocket(fd); + if (!ss) { + return SECFailure; + } + + *result = ss->ssl3.hs.shortHeaders; + + return SECSuccess; +} diff --git a/security/nss/gtests/ssl_gtest/libssl_internals.h b/security/nss/gtests/ssl_gtest/libssl_internals.h index 36332485a1db..342c3040a880 100644 --- a/security/nss/gtests/ssl_gtest/libssl_internals.h +++ b/security/nss/gtests/ssl_gtest/libssl_internals.h @@ -47,5 +47,7 @@ PK11SymKey *SSLInt_CipherSpecToKey(PRBool isServer, ssl3CipherSpec *spec); SSLCipherAlgorithm SSLInt_CipherSpecToAlgorithm(PRBool isServer, ssl3CipherSpec *spec); unsigned char *SSLInt_CipherSpecToIv(PRBool isServer, ssl3CipherSpec *spec); +SECStatus SSLInt_EnableShortHeaders(PRFileDesc *fd); +SECStatus SSLInt_UsingShortHeaders(PRFileDesc *fd, PRBool *result); #endif // ndef libssl_internals_h_ diff --git a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp index 0e2e8e413745..3c8ddec9749f 100644 --- a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp +++ b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp @@ -96,8 +96,12 @@ '../../gtests/common', '../../lib/ssl' ], + 'defines': [ + 'NSS_USE_STATIC_LIBS' + ], }, 'variables': { 'module': 'nss', + 'use_static_libs': 1, } } diff --git a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc index 5ed63df6cd02..1bbf85b53071 100644 --- a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc @@ -220,6 +220,14 @@ TEST_F(TlsConnectStreamTls13, Tls13FailedWriteSecondFlight) { client_->CheckErrorCode(SSL_ERROR_SOCKET_WRITE_FAILURE); } +TEST_F(TlsConnectStreamTls13, NegotiateShortHeaders) { + client_->SetShortHeadersEnabled(); + server_->SetShortHeadersEnabled(); + client_->ExpectShortHeaders(); + server_->ExpectShortHeaders(); + Connect(); +} + INSTANTIATE_TEST_CASE_P(GenericStream, TlsConnectGeneric, ::testing::Combine(TlsConnectTestBase::kTlsModesStream, TlsConnectTestBase::kTlsVAll)); diff --git a/security/nss/gtests/ssl_gtest/tls_agent.cc b/security/nss/gtests/ssl_gtest/tls_agent.cc index 746b878718b1..7b81260fb578 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.cc +++ b/security/nss/gtests/ssl_gtest/tls_agent.cc @@ -68,7 +68,8 @@ TlsAgent::TlsAgent(const std::string& name, Role role, Mode mode) expect_readwrite_error_(false), handshake_callback_(), auth_certificate_callback_(), - sni_callback_() { + sni_callback_(), + expect_short_headers_(false) { memset(&info_, 0, sizeof(info_)); memset(&csinfo_, 0, sizeof(csinfo_)); SECStatus rv = SSL_VersionRangeGetDefault( @@ -365,6 +366,13 @@ void TlsAgent::Set0RttEnabled(bool en) { EXPECT_EQ(SECSuccess, rv); } +void TlsAgent::SetShortHeadersEnabled() { + EXPECT_TRUE(EnsureTlsSetup()); + + SECStatus rv = SSLInt_EnableShortHeaders(ssl_fd_); + EXPECT_EQ(SECSuccess, rv); +} + void TlsAgent::SetVersionRange(uint16_t minver, uint16_t maxver) { vrange_.min = minver; vrange_.max = maxver; @@ -388,6 +396,8 @@ void TlsAgent::SetServerKeyBits(uint16_t bits) { server_key_bits_ = bits; } void TlsAgent::ExpectReadWriteError() { expect_readwrite_error_ = true; } +void TlsAgent::ExpectShortHeaders() { expect_short_headers_ = true; } + void TlsAgent::SetSignatureSchemes(const SSLSignatureScheme* schemes, size_t count) { EXPECT_TRUE(EnsureTlsSetup()); @@ -658,6 +668,10 @@ void TlsAgent::Connected() { } } + PRBool short_headers; + rv = SSLInt_UsingShortHeaders(ssl_fd_, &short_headers); + EXPECT_EQ(SECSuccess, rv); + EXPECT_EQ((PRBool)expect_short_headers_, short_headers); SetState(STATE_CONNECTED); } diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h index 58756e26f951..4b302eab599f 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.h +++ b/security/nss/gtests/ssl_gtest/tls_agent.h @@ -129,6 +129,7 @@ class TlsAgent : public PollTarget { void SetSessionTicketsEnabled(bool en); void SetSessionCacheEnabled(bool en); void Set0RttEnabled(bool en); + void SetShortHeadersEnabled(); void SetVersionRange(uint16_t minver, uint16_t maxver); void GetVersionRange(uint16_t* minver, uint16_t* maxver); void CheckPreliminaryInfo(); @@ -138,6 +139,7 @@ class TlsAgent : public PollTarget { void ExpectReadWriteError(); void EnableFalseStart(); void ExpectResumption(); + void ExpectShortHeaders(); void SetSignatureSchemes(const SSLSignatureScheme* schemes, size_t count); void EnableAlpn(const uint8_t* val, size_t len); void CheckAlpn(SSLNextProtoState expected_state, @@ -369,6 +371,7 @@ class TlsAgent : public PollTarget { HandshakeCallbackFunction handshake_callback_; AuthCertificateCallbackFunction auth_certificate_callback_; SniCallbackFunction sni_callback_; + bool expect_short_headers_; }; inline std::ostream& operator<<(std::ostream& stream, diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c index 55259898b6f8..24d02149819f 100644 --- a/security/nss/lib/certhigh/certhigh.c +++ b/security/nss/lib/certhigh/certhigh.c @@ -1080,7 +1080,10 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage, derCert.len = (unsigned int)stanCert->encoding.size; derCert.data = (unsigned char *)stanCert->encoding.data; derCert.type = siBuffer; - SECITEM_CopyItem(arena, &chain->certs[i], &derCert); + if (SECITEM_CopyItem(arena, &chain->certs[i], &derCert) != SECSuccess) { + CERT_DestroyCertificate(cCert); + goto loser; + } stanCert = stanChain[++i]; if (!stanCert && !cCert->isRoot) { /* reached the end of the chain, but the final cert is diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c index a4693e835167..ccd38e660d78 100644 --- a/security/nss/lib/certhigh/certvfy.c +++ b/security/nss/lib/certhigh/certvfy.c @@ -398,6 +398,142 @@ cert_AddToVerifyLog(CERTVerifyLog *log, CERTCertificate *cert, long error, (void *)(PRWord)arg); \ } +/* /C=CN/O=WoSign CA Limited/CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6 + * Using a consistent naming convention, this would actually be called + * 'CA沃通根证书DN', but since GCC 6.2.1 apparently can't handle UTF-8 + * identifiers, this will have to do. + */ +static const unsigned char CAWoSignRootDN[72] = { + 0x30, 0x46, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, + 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, + 0x69, 0x74, 0x65, 0x64, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x12, 0x43, 0x41, 0x20, 0xE6, 0xB2, 0x83, 0xE9, 0x80, 0x9A, 0xE6, 0xA0, + 0xB9, 0xE8, 0xAF, 0x81, 0xE4, 0xB9, 0xA6, +}; + +/* /C=CN/O=WoSign CA Limited/CN=CA WoSign ECC Root */ +static const unsigned char CAWoSignECCRootDN[72] = { + 0x30, 0x46, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, + 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, + 0x69, 0x74, 0x65, 0x64, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x13, 0x12, 0x43, 0x41, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x45, + 0x43, 0x43, 0x20, 0x52, 0x6F, 0x6F, 0x74, +}; + +/* /C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign */ +static const unsigned char CertificationAuthorityofWoSignDN[87] = { + 0x30, 0x55, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, + 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, + 0x69, 0x74, 0x65, 0x64, 0x31, 0x2A, 0x30, 0x28, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x13, 0x21, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, + 0x6F, 0x66, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, +}; + +/* /C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign G2 */ +static const unsigned char CertificationAuthorityofWoSignG2DN[90] = { + 0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11, + 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D, + 0x69, 0x74, 0x65, 0x64, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x13, 0x24, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, + 0x6F, 0x66, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x47, 0x32, +}; + +/* /C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority */ +static const unsigned char StartComCertificationAuthorityDN[127] = { + 0x30, 0x7D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x49, 0x4C, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0D, + 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x4C, 0x74, 0x64, 0x2E, + 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x53, 0x65, + 0x63, 0x75, 0x72, 0x65, 0x20, 0x44, 0x69, 0x67, 0x69, 0x74, 0x61, 0x6C, 0x20, + 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x53, + 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, 0x31, 0x29, 0x30, 0x27, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x13, 0x20, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, + 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, + 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, +}; + +/* /C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2 */ +static const unsigned char StartComCertificationAuthorityG2DN[85] = { + 0x30, 0x53, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x49, 0x4C, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0D, + 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x4C, 0x74, 0x64, 0x2E, + 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x23, 0x53, 0x74, + 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, + 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, + 0x72, 0x69, 0x74, 0x79, 0x20, 0x47, 0x32, +}; + +struct DataAndLength { + const unsigned char *data; + PRUint32 len; +}; + +static const struct DataAndLength StartComAndWoSignDNs[] = { + { CAWoSignRootDN, + sizeof(CAWoSignRootDN) }, + { CAWoSignECCRootDN, + sizeof(CAWoSignECCRootDN) }, + { CertificationAuthorityofWoSignDN, + sizeof(CertificationAuthorityofWoSignDN) }, + { CertificationAuthorityofWoSignG2DN, + sizeof(CertificationAuthorityofWoSignG2DN) }, + { StartComCertificationAuthorityDN, + sizeof(StartComCertificationAuthorityDN) }, + { StartComCertificationAuthorityG2DN, + sizeof(StartComCertificationAuthorityG2DN) }, +}; + +static PRBool +CertIsStartComOrWoSign(const CERTCertificate *cert) +{ + int i; + const struct DataAndLength *dn = StartComAndWoSignDNs; + + for (i = 0; i < sizeof(StartComAndWoSignDNs) / sizeof(struct DataAndLength); ++i, dn++) { + if (cert->derSubject.len == dn->len && + memcmp(cert->derSubject.data, dn->data, dn->len) == 0) { + return PR_TRUE; + } + } + return PR_FALSE; +} + +SECStatus +isIssuerCertAllowedAtCertIssuanceTime(CERTCertificate *issuerCert, + CERTCertificate *referenceCert) +{ + if (!issuerCert || !referenceCert) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if (CertIsStartComOrWoSign(issuerCert)) { + /* PRTime is microseconds since the epoch, whereas JS time is milliseconds. + * (new Date("2016-10-21T00:00:00Z")).getTime() * 1000 + */ + static const PRTime OCTOBER_21_2016 = 1477008000000000; + + PRTime notBefore, notAfter; + SECStatus rv; + + rv = CERT_GetCertTimes(referenceCert, ¬Before, ¬After); + if (rv != SECSuccess) + return rv; + + if (notBefore > OCTOBER_21_2016) { + return SECFailure; + } + } + + return SECSuccess; +} + static SECStatus cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert, PRBool checkSig, PRBool *sigerror, @@ -615,6 +751,13 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert, goto loser; } + rv = isIssuerCertAllowedAtCertIssuanceTime(issuerCert, cert); + if (rv != SECSuccess) { + PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER); + LOG_ERROR(log, issuerCert, count + 1, 0); + goto loser; + } + /* XXX - the error logging may need to go down into CRL stuff at some * point */ diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp index 6a7dbe5c0d7f..060bc794856a 100644 --- a/security/nss/lib/freebl/freebl.gyp +++ b/security/nss/lib/freebl/freebl.gyp @@ -406,6 +406,11 @@ 'SHA_NO_LONG_LONG', ], }], + [ 'target_arch=="arm64"', { + 'defines': [ + 'NSS_USE_64', + ], + }], ], }], ], diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c index ea3b6af3de5e..dbdccd672546 100644 --- a/security/nss/lib/freebl/unix_rand.c +++ b/security/nss/lib/freebl/unix_rand.c @@ -160,7 +160,7 @@ RNG_kstat(PRUint32 *fed) #endif -#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) || defined(NETBSD) || defined(DARWIN) || defined(OPENBSD) || defined(NTO) || defined(__riscos__) +#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) || defined(NETBSD) || defined(DARWIN) || defined(OPENBSD) || defined(NTO) || defined(__riscos__) || defined(__GNU__) || defined(__FreeBSD_kernel__) || defined(__NetBSD_kernel__) #include #define getdtablesize() sysconf(_SC_OPEN_MAX) diff --git a/security/nss/lib/libpkix/include/pkix_errorstrings.h b/security/nss/lib/libpkix/include/pkix_errorstrings.h index d3fea945411d..e7e898f60094 100755 --- a/security/nss/lib/libpkix/include/pkix_errorstrings.h +++ b/security/nss/lib/libpkix/include/pkix_errorstrings.h @@ -1095,4 +1095,5 @@ PKIX_ERRORENTRY(X500NAMEMATCHFAILED,PKIX_PL_X500Name_Match failed,0), PKIX_ERRORENTRY(X500NAMETOSTRINGFAILED,PKIX_PL_X500Name_ToString failed,0), PKIX_ERRORENTRY(ZEROLENGTHBYTEARRAYFORCRLENCODING,Zero-length ByteArray for CRL encoding,0), PKIX_ERRORENTRY(INVALIDOCSPHTTPMETHOD,Unsupported HTTP Method for OCSP retrieval,0), -PKIX_ERRORENTRY(OCSPGETREQUESTTOOBIG,OCSP request too big for HTTP GET method,0) +PKIX_ERRORENTRY(OCSPGETREQUESTTOOBIG,OCSP request too big for HTTP GET method,0), +PKIX_ERRORENTRY(CERTISBLACKLISTEDATISSUANCETIME,Issuer Certificate is distrusted at the time the subordinate certifiate was issued,SEC_ERROR_UNTRUSTED_ISSUER) diff --git a/security/nss/lib/libpkix/pkix/top/pkix_build.c b/security/nss/lib/libpkix/pkix/top/pkix_build.c index 94515785b49b..0c87ba3f3b33 100755 --- a/security/nss/lib/libpkix/pkix/top/pkix_build.c +++ b/security/nss/lib/libpkix/pkix/top/pkix_build.c @@ -1943,6 +1943,10 @@ pkix_PrepareForwardBuilderStateForAIA( state->status = BUILD_TRYAIA; } +extern SECStatus +isIssuerCertAllowedAtCertIssuanceTime(CERTCertificate *issuerCert, + CERTCertificate *referenceCert); + /* * FUNCTION: pkix_BuildForwardDepthFirstSearch * DESCRIPTION: @@ -2057,6 +2061,7 @@ pkix_BuildForwardDepthFirstSearch( PKIX_ComCertSelParams *certSelParams = NULL; PKIX_TrustAnchor *trustAnchor = NULL; PKIX_PL_Cert *trustedCert = NULL; + PKIX_PL_Cert *targetCert = NULL; PKIX_VerifyNode *verifyNode = NULL; PKIX_Error *verifyError = NULL; PKIX_Error *finalError = NULL; @@ -2072,6 +2077,7 @@ pkix_BuildForwardDepthFirstSearch( validityDate = state->validityDate; canBeCached = state->canBeCached; PKIX_DECREF(*pValResult); + targetCert = state->buildConstants.targetCert; /* * We return if successful; if we fall off the end @@ -2354,6 +2360,12 @@ pkix_BuildForwardDepthFirstSearch( plContext), PKIX_LISTGETITEMFAILED); + if (isIssuerCertAllowedAtCertIssuanceTime( + state->candidateCert->nssCert, targetCert->nssCert) + != SECSuccess) { + PKIX_ERROR(PKIX_CERTISBLACKLISTEDATISSUANCETIME); + } + if ((state->verifyNode) != NULL) { PKIX_CHECK_FATAL(pkix_VerifyNode_Create (state->candidateCert, diff --git a/security/nss/lib/pk11wrap/pk11mech.c b/security/nss/lib/pk11wrap/pk11mech.c index 4db05ff39235..48e50dff458d 100644 --- a/security/nss/lib/pk11wrap/pk11mech.c +++ b/security/nss/lib/pk11wrap/pk11mech.c @@ -612,6 +612,10 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size) case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN: case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN: case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN: case CKM_NETSCAPE_PBE_SHA1_DES_CBC: case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC: case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC: diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c index cbba8b4437e1..ee20789cc012 100644 --- a/security/nss/lib/pk11wrap/pk11pars.c +++ b/security/nss/lib/pk11wrap/pk11pars.c @@ -1014,6 +1014,10 @@ secmod_getConfigDir(const char *spec, char **certPrefix, char **keyPrefix, *certPrefix = NULL; *keyPrefix = NULL; *readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", spec); + if (NSSUTIL_ArgHasFlag("flags", "nocertdb", spec) || + NSSUTIL_ArgHasFlag("flags", "nokeydb", spec)) { + return NULL; + } spec = NSSUTIL_ArgStrip(spec); while (*spec) { @@ -1133,6 +1137,13 @@ secmod_matchConfig(char *configDir1, char *configDir2, char *keyPrefix1, char *keyPrefix2, PRBool isReadOnly1, PRBool isReadOnly2) { + /* TODO: Document the answer to the question: + * "Why not allow them to match if they are both NULL?" + * See: https://bugzilla.mozilla.org/show_bug.cgi?id=1318633#c1 + */ + if ((configDir1 == NULL) || (configDir2 == NULL)) { + return PR_FALSE; + } if (strcmp(configDir1, configDir2) != 0) { return PR_FALSE; } @@ -1169,7 +1180,6 @@ secmod_MatchConfigList(const char *spec, SECMODConfigList *conflist, int count) config = secmod_getConfigDir(spec, &certPrefix, &keyPrefix, &isReadOnly); if (!config) { - ret = PR_TRUE; goto done; } diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c index d0b647615bfe..56ce893bec83 100644 --- a/security/nss/lib/pkcs12/p12d.c +++ b/security/nss/lib/pkcs12/p12d.c @@ -1335,11 +1335,23 @@ sec_pkcs12_decoder_verify_mac(SEC_PKCS12DecoderContext *p12dcx) case SEC_OID_MD2: integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break; + case SEC_OID_SHA224: + integrityMech = CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN; + break; + case SEC_OID_SHA256: + integrityMech = CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN; + break; + case SEC_OID_SHA384: + integrityMech = CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN; + break; + case SEC_OID_SHA512: + integrityMech = CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN; + break; default: goto loser; } - symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL); + symKey = PK11_KeyGen(NULL, integrityMech, params, 0, NULL); PK11_DestroyPBEParams(params); params = NULL; if (!symKey) diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c index e8cb13c7bb49..7dd6ea4e54b1 100644 --- a/security/nss/lib/smime/cmssigdata.c +++ b/security/nss/lib/smime/cmssigdata.c @@ -706,6 +706,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, int i; int count; PRTime now; + void *pwarg = NULL; if (!sigd || !certdb || !sigd->rawCerts) { PORT_SetError(SEC_ERROR_INVALID_ARGS); @@ -724,8 +725,11 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, break; } } + if (sigd->cmsg) { + pwarg = sigd->cmsg->pwfn_arg; + } rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, now, - NULL, NULL); + pwarg, NULL); CERT_DestroyCertificate(cert); } diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c index b78302ed7aaf..0a47804bf18c 100644 --- a/security/nss/lib/softoken/lowpbe.c +++ b/security/nss/lib/softoken/lowpbe.c @@ -408,7 +408,6 @@ loser: return result; } -#define HMAC_BUFFER 64 #define NSSPBE_ROUNDUP(x, y) ((((x) + ((y)-1)) / (y)) * (y)) #define NSSPBE_MIN(x, y) ((x) < (y) ? (x) : (y)) /* @@ -430,6 +429,7 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, int iter; unsigned char *iterBuf; void *hash = NULL; + unsigned int bufferLength; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { @@ -439,8 +439,11 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, /* how many hash object lengths are needed */ c = (bytesNeeded + (hashLength - 1)) / hashLength; + /* 64 if 0 < hashLength <= 32, 128 if 32 < hashLength <= 64 */ + bufferLength = NSSPBE_ROUNDUP(hashLength * 2, 64); + /* initialize our buffers */ - D.len = HMAC_BUFFER; + D.len = bufferLength; /* B and D are the same length, use one alloc go get both */ D.data = (unsigned char *)PORT_ArenaZAlloc(arena, D.len * 2); B.len = D.len; @@ -452,8 +455,8 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, goto loser; } - SLen = NSSPBE_ROUNDUP(salt->len, HMAC_BUFFER); - PLen = NSSPBE_ROUNDUP(pwitem->len, HMAC_BUFFER); + SLen = NSSPBE_ROUNDUP(salt->len, bufferLength); + PLen = NSSPBE_ROUNDUP(pwitem->len, bufferLength); I.len = SLen + PLen; I.data = (unsigned char *)PORT_ArenaZAlloc(arena, I.len); if (I.data == NULL) { diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index 77212f774a44..114c9d84f9bc 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -480,6 +480,10 @@ static const struct mechanismList mechanisms[] = { { CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, { 20, 20, CKF_GENERATE }, PR_TRUE }, { CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE }, { CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE }, + { CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN, { 28, 28, CKF_GENERATE }, PR_TRUE }, + { CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN, { 32, 32, CKF_GENERATE }, PR_TRUE }, + { CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN, { 48, 48, CKF_GENERATE }, PR_TRUE }, + { CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, { 64, 64, CKF_GENERATE }, PR_TRUE }, /* ------------------ AES Key Wrap (also encrypt) ------------------- */ { CKM_NETSCAPE_AES_KEY_WRAP, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE }, { CKM_NETSCAPE_AES_KEY_WRAP_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE }, diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index d7b4bb910697..7454ed44bd6c 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -3971,6 +3971,22 @@ nsc_SetupHMACKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe) params->hashType = HASH_AlgMD2; params->keyLen = 16; break; + case CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN: + params->hashType = HASH_AlgSHA224; + params->keyLen = 28; + break; + case CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN: + params->hashType = HASH_AlgSHA256; + params->keyLen = 32; + break; + case CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN: + params->hashType = HASH_AlgSHA384; + params->keyLen = 48; + break; + case CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN: + params->hashType = HASH_AlgSHA512; + params->keyLen = 64; + break; default: PORT_FreeArena(arena, PR_TRUE); return CKR_MECHANISM_INVALID; @@ -4189,6 +4205,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSession, case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN: case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN: case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN: + case CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN: key_gen_type = nsc_pbe; key_type = CKK_GENERIC_SECRET; crv = nsc_SetupHMACKeyGen(pMechanism, &pbe_param); diff --git a/security/nss/lib/softoken/softoken.h b/security/nss/lib/softoken/softoken.h index 0e943d3cbca1..8a47fb7bd662 100644 --- a/security/nss/lib/softoken/softoken.h +++ b/security/nss/lib/softoken/softoken.h @@ -183,7 +183,7 @@ extern PRBool sftk_fatalError; #define CHECK_FORK_MIXED -#elif defined(LINUX) +#elif defined(LINUX) || defined(__GLIBC__) #define CHECK_FORK_PTHREAD diff --git a/security/nss/lib/ssl/ssl.gyp b/security/nss/lib/ssl/ssl.gyp index 0306ab66706c..df18d2fab406 100644 --- a/security/nss/lib/ssl/ssl.gyp +++ b/security/nss/lib/ssl/ssl.gyp @@ -68,6 +68,11 @@ 'UNSAFE_FUZZER_MODE', ], }], + [ 'mozilla_client==1', { + 'defines': [ + 'NSS_ENABLE_TLS13_SHORT_HEADERS', + ], + }], ], 'dependencies': [ '<(DEPTH)/exports.gyp:nss_exports', diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h index b4af0e1f2f35..8dbe7ab729f0 100644 --- a/security/nss/lib/ssl/ssl.h +++ b/security/nss/lib/ssl/ssl.h @@ -228,7 +228,7 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd); * on the server to read that data. Calls to * SSL_GetPreliminaryChannelInfo() and SSL_GetNextProto() * can be made used during this period to learn about the channel - * parameters [TODO(ekr@rtfm.com): This hasn't landed yet]. + * parameters. * * The transition between the 0-RTT and 1-RTT modes is marked by the * handshake callback. diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index e5e32a9500db..1a8bea04bfab 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -2577,12 +2577,24 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, const SSL3Opaque *pIn, PRUint32 contentLen, sslBuffer *wrBuf) { const ssl3BulkCipherDef *cipher_def = cwSpec->cipher_def; - PRUint16 headerLen = IS_DTLS(ss) ? DTLS_RECORD_HEADER_LENGTH : SSL3_RECORD_HEADER_LENGTH; - sslBuffer protBuf = { wrBuf->buf + headerLen, 0, wrBuf->space - headerLen }; + PRUint16 headerLen; + sslBuffer protBuf; SSL3ProtocolVersion version = cwSpec->version; PRBool isTLS13; + PRUint8 *ptr = wrBuf->buf; SECStatus rv; + if (ss->ssl3.hs.shortHeaders) { + PORT_Assert(!IS_DTLS(ss)); + PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3); + headerLen = TLS13_RECORD_HEADER_LENGTH_SHORT; + } else { + headerLen = IS_DTLS(ss) ? DTLS_RECORD_HEADER_LENGTH : SSL3_RECORD_HEADER_LENGTH; + } + protBuf.buf = wrBuf->buf + headerLen; + protBuf.len = 0; + protBuf.space = wrBuf->space - headerLen; + PORT_Assert(cipher_def->max_records <= RECORD_SEQ_MAX); if ((cwSpec->write_seq_num & RECORD_SEQ_MAX) >= cipher_def->max_records) { SSL_TRC(3, ("%d: SSL[-]: write sequence number at limit 0x%0llx", @@ -2612,29 +2624,32 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, PORT_Assert(protBuf.len <= MAX_FRAGMENT_LENGTH + (isTLS13 ? 256 : 1024)); wrBuf->len = protBuf.len + headerLen; -#ifndef UNSAFE_FUZZER_MODE - if (isTLS13 && cipher_def->calg != ssl_calg_null) { - wrBuf->buf[0] = content_application_data; - } else -#endif - { - wrBuf->buf[0] = type; - } - - if (IS_DTLS(ss)) { - version = isTLS13 ? SSL_LIBRARY_VERSION_TLS_1_1 : version; - version = dtls_TLSVersionToDTLSVersion(version); - - (void)ssl_EncodeUintX(version, 2, &wrBuf->buf[1]); - (void)ssl_EncodeUintX(cwSpec->write_seq_num, 8, &wrBuf->buf[3]); - (void)ssl_EncodeUintX(protBuf.len, 2, &wrBuf->buf[11]); + if (ss->ssl3.hs.shortHeaders) { + PORT_Assert(!IS_DTLS(ss)); /* Decoder not yet implemented. */ + (void)ssl_EncodeUintX(0x8000 | protBuf.len, 2, ptr); } else { - if (capRecordVersion || isTLS13) { - version = PR_MIN(SSL_LIBRARY_VERSION_TLS_1_0, version); +#ifndef UNSAFE_FUZZER_MODE + if (isTLS13 && cipher_def->calg != ssl_calg_null) { + *ptr++ = content_application_data; + } else +#endif + { + *ptr++ = type; } - (void)ssl_EncodeUintX(version, 2, &wrBuf->buf[1]); - (void)ssl_EncodeUintX(protBuf.len, 2, &wrBuf->buf[3]); + if (IS_DTLS(ss)) { + version = isTLS13 ? SSL_LIBRARY_VERSION_TLS_1_1 : version; + version = dtls_TLSVersionToDTLSVersion(version); + + ptr = ssl_EncodeUintX(version, 2, ptr); + ptr = ssl_EncodeUintX(cwSpec->write_seq_num, 8, ptr); + } else { + if (capRecordVersion || isTLS13) { + version = PR_MIN(SSL_LIBRARY_VERSION_TLS_1_0, version); + } + ptr = ssl_EncodeUintX(version, 2, ptr); + } + (void)ssl_EncodeUintX(protBuf.len, 2, ptr); } ++cwSpec->write_seq_num; diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c index 2ccdc0a06a0e..abead99e6c2c 100644 --- a/security/nss/lib/ssl/ssl3ext.c +++ b/security/nss/lib/ssl/ssl3ext.c @@ -39,6 +39,7 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = { { ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ServerHandlePskKeyExchangeModesXtn }, + { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn }, { -1, NULL } }; @@ -58,6 +59,7 @@ static const ssl3ExtensionHandler serverHelloHandlersTLS[] = { { ssl_tls13_key_share_xtn, &tls13_ClientHandleKeyShareXtn }, { ssl_tls13_pre_shared_key_xtn, &tls13_ClientHandlePreSharedKeyXtn }, { ssl_tls13_early_data_xtn, &tls13_ClientHandleEarlyDataXtn }, + { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn }, { -1, NULL } }; @@ -115,6 +117,7 @@ static const ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] * client hello is empty. They are not intolerant of TLS 1.2, so list * signature_algorithms at the end. See bug 1243641. */ { ssl_tls13_supported_versions_xtn, &tls13_ClientSendSupportedVersionsXtn }, + { ssl_tls13_short_header_xtn, &tls13_SendShortHeaderXtn }, { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c index 3a4a72962009..2bcc1d0aada1 100644 --- a/security/nss/lib/ssl/ssl3gthr.c +++ b/security/nss/lib/ssl/ssl3gthr.c @@ -97,7 +97,7 @@ ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs) PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss)); if (gs->state == GS_INIT) { gs->state = GS_HEADER; - gs->remainder = 5; + gs->remainder = ss->ssl3.hs.shortHeaders ? 2 : 5; gs->offset = 0; gs->writeOffset = 0; gs->readOffset = 0; @@ -149,10 +149,22 @@ ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs) /* Check for SSLv2 handshakes. Always assume SSLv3 on clients, * support SSLv2 handshakes only when ssl2gs != NULL. */ if (!ssl2gs || ssl3_isLikelyV3Hello(gs->hdr)) { - /* Should have an SSLv3 record header in gs->hdr. Extract + /* Should have a non-SSLv2 record header in gs->hdr. Extract * the length of the following encrypted data, and then - * read in the rest of the SSL3 record into gs->inbuf. */ - gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4]; + * read in the rest of the record into gs->inbuf. */ + if (ss->ssl3.hs.shortHeaders) { + PRUint16 len = (gs->hdr[0] << 8) | gs->hdr[1]; + if (!(len & 0x8000)) { + SSL_DBG(("%d: SSL3[%d]: incorrectly formatted header")); + SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + gs->state = GS_INIT; + PORT_SetError(SSL_ERROR_BAD_MAC_READ); + return SECFailure; + } + gs->remainder = len & ~0x8000; + } else { + gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4]; + } } else { /* Probably an SSLv2 record header. No need to handle any * security escapes (gs->hdr[0] & 0x40) as we wouldn't get @@ -458,8 +470,13 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * If it's a change cipher spec, alert, or handshake message, * ss->gs.buf.len will be 0 when ssl3_HandleRecord returns SECSuccess. */ - cText.type = (SSL3ContentType)ss->gs.hdr[0]; - cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2]; + if (ss->ssl3.hs.shortHeaders) { + cText.type = content_application_data; + cText.version = SSL_LIBRARY_VERSION_TLS_1_0; + } else { + cText.type = (SSL3ContentType)ss->gs.hdr[0]; + cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2]; + } if (IS_DTLS(ss)) { sslSequenceNumber seq_num; diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h index ec6d29f2e4ec..2088c54bb69c 100644 --- a/security/nss/lib/ssl/ssl3prot.h +++ b/security/nss/lib/ssl/ssl3prot.h @@ -32,6 +32,7 @@ typedef PRUint16 ssl3CipherSuite; #define SSL3_RANDOM_LENGTH 32 #define SSL3_RECORD_HEADER_LENGTH 5 +#define TLS13_RECORD_HEADER_LENGTH_SHORT 2 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ #define DTLS_RECORD_HEADER_LENGTH 13 diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 36d7c04a139c..7dfde126b36a 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -296,6 +296,7 @@ typedef struct sslOptionsStr { unsigned int enableSignedCertTimestamps : 1; unsigned int requireDHENamedGroups : 1; unsigned int enable0RttData : 1; + unsigned int enableShortHeaders : 1; } sslOptions; typedef enum { sslHandshakingUndetermined = 0, @@ -874,6 +875,7 @@ typedef struct SSL3HandshakeStateStr { * or received. */ ssl3KEADef kea_def_mutable; /* Used to hold the writable kea_def * we use for TLS 1.3 */ + PRBool shortHeaders; /* Assigned if we are doing short headers. */ } SSL3HandshakeState; /* diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c index d23f569b6d7e..0bbacad244e6 100644 --- a/security/nss/lib/ssl/sslinfo.c +++ b/security/nss/lib/ssl/sslinfo.c @@ -140,6 +140,9 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd, inf.valuesSet = ss->ssl3.hs.preliminaryInfo; inf.protocolVersion = ss->version; inf.cipherSuite = ss->ssl3.hs.cipher_suite; + inf.canSendEarlyData = !ss->sec.isServer && + (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent) && + !ss->firstHsDone; memcpy(info, &inf, inf.length); return SECSuccess; diff --git a/security/nss/lib/ssl/sslmutex.c b/security/nss/lib/ssl/sslmutex.c index 560a9e823b4f..10b6cf55f995 100644 --- a/security/nss/lib/ssl/sslmutex.c +++ b/security/nss/lib/ssl/sslmutex.c @@ -60,7 +60,8 @@ single_process_sslMutex_Lock(sslMutex* pMutex) return SECSuccess; } -#if defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD) +#if defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || \ + (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD) || defined(__GLIBC__) #include #include diff --git a/security/nss/lib/ssl/sslmutex.h b/security/nss/lib/ssl/sslmutex.h index 7611148adcef..3f63ed80dad6 100644 --- a/security/nss/lib/ssl/sslmutex.h +++ b/security/nss/lib/ssl/sslmutex.h @@ -49,7 +49,8 @@ typedef struct { typedef int sslPID; -#elif defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD) +#elif defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || \ + (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD) || defined(__GLIBC__) #include #include "prtypes.h" diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index 8f7a792f4d58..626f4a92acd9 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -78,7 +78,12 @@ static sslOptions ssl_defaults = { PR_FALSE, /* enableExtendedMS */ PR_FALSE, /* enableSignedCertTimestamps */ PR_FALSE, /* requireDHENamedGroups */ - PR_FALSE /* enable0RttData */ + PR_FALSE, /* enable0RttData */ +#ifdef NSS_ENABLE_TLS13_SHORT_HEADERS + PR_TRUE /* enableShortHeaders */ +#else + PR_FALSE /* enableShortHeaders */ +#endif }; /* diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h index df58296101db..2342d62251d2 100644 --- a/security/nss/lib/ssl/sslt.h +++ b/security/nss/lib/ssl/sslt.h @@ -298,6 +298,12 @@ typedef struct SSLPreliminaryChannelInfoStr { /* Cipher suite: test (valuesSet & ssl_preinfo_cipher_suite) */ PRUint16 cipherSuite; + /* The following fields were added in NSS 3.29. */ + /* |canSendEarlyData| is true when a 0-RTT is enabled. This can only be + * true after sending the ClientHello and before the handshake completes. + */ + PRBool canSendEarlyData; + /* When adding new fields to this structure, please document the * NSS version in which they were added. */ } SSLPreliminaryChannelInfo; @@ -388,7 +394,8 @@ typedef enum { ssl_tls13_psk_key_exchange_modes_xtn = 45, ssl_tls13_ticket_early_data_info_xtn = 46, ssl_next_proto_nego_xtn = 13172, - ssl_renegotiation_info_xtn = 0xff01 + ssl_renegotiation_info_xtn = 0xff01, + ssl_tls13_short_header_xtn = 0xff03 } SSLExtensionType; /* This is the old name for the supported_groups extensions. */ @@ -398,7 +405,7 @@ typedef enum { * number of extensions that are supported for any single message type. That * is, a ClientHello; ServerHello and TLS 1.3 NewSessionTicket and * HelloRetryRequest extensions are smaller. */ -#define SSL_MAX_EXTENSIONS 18 +#define SSL_MAX_EXTENSIONS 19 /* Deprecated */ typedef enum { diff --git a/security/nss/lib/ssl/tls13con.c b/security/nss/lib/ssl/tls13con.c index 0d5d6bdd191f..7680998dc39b 100644 --- a/security/nss/lib/ssl/tls13con.c +++ b/security/nss/lib/ssl/tls13con.c @@ -1450,6 +1450,7 @@ tls13_HandleClientHelloPart2(sslSocket *ss, return SECFailure; } } + ssl_GetXmitBufLock(ss); rv = tls13_SendServerHelloSequence(ss); ssl_ReleaseXmitBufLock(ss); @@ -1860,6 +1861,9 @@ tls13_SendEncryptedServerSequence(sslSocket *ss) return SECFailure; } + ss->ssl3.hs.shortHeaders = ssl3_ExtensionNegotiated( + ss, ssl_tls13_short_header_xtn); + if (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) { rv = ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_tls13_early_data_xtn, tls13_ServerSendEarlyDataXtn); @@ -2066,6 +2070,9 @@ tls13_HandleServerHelloPart2(sslSocket *ss) return SECFailure; /* error code is set. */ } + ss->ssl3.hs.shortHeaders = ssl3_ExtensionNegotiated( + ss, ssl_tls13_short_header_xtn); + rv = tls13_SetCipherSpec(ss, TrafficKeyHandshake, CipherSpecRead, PR_FALSE); if (rv != SECSuccess) { @@ -4025,7 +4032,8 @@ static const struct { { ssl_signed_cert_timestamp_xtn, ExtensionSendCertificate }, { ssl_cert_status_xtn, ExtensionSendCertificate }, { ssl_tls13_ticket_early_data_info_xtn, ExtensionNewSessionTicket }, - { ssl_tls13_cookie_xtn, ExtensionSendHrr } + { ssl_tls13_cookie_xtn, ExtensionSendHrr }, + { ssl_tls13_short_header_xtn, ExtensionSendClear } }; PRBool @@ -4297,6 +4305,7 @@ tls13_MaybeDo0RTTHandshake(sslSocket *ss) if (!ssl3_ClientExtensionAdvertised(ss, ssl_tls13_early_data_xtn)) { return SECSuccess; } + ss->ssl3.hs.zeroRttState = ssl_0rtt_sent; ss->ssl3.hs.zeroRttSuite = ss->ssl3.hs.cipher_suite; @@ -4319,8 +4328,7 @@ tls13_MaybeDo0RTTHandshake(sslSocket *ss) ssl_ReleaseSpecReadLock(ss); /* Cipher suite already set in tls13_SetupClientHello. */ - ss->ssl3.hs.preliminaryInfo = 0; /* TODO(ekr@rtfm.com) Fill this in. - * bug 1281255. */ + ss->ssl3.hs.preliminaryInfo = 0; rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret, kHkdfLabelClient, diff --git a/security/nss/lib/ssl/tls13exthandle.c b/security/nss/lib/ssl/tls13exthandle.c index 707297434d02..41072a766d0f 100644 --- a/security/nss/lib/ssl/tls13exthandle.c +++ b/security/nss/lib/ssl/tls13exthandle.c @@ -1071,3 +1071,101 @@ tls13_ServerHandlePskKeyExchangeModesXtn(const sslSocket *ss, return SECSuccess; } + +PRInt32 +tls13_SendShortHeaderXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + PRBool append, PRUint32 maxBytes) +{ + PRUint32 extension_len = 2 + 2; /* Type + length (0). */ + + if (!ss->opt.enableShortHeaders) { + return 0; + } + + /* Presently this is incompatible with 0-RTT. We will fix if + * it becomes more than an experiment. */ + if (ss->opt.enable0RttData) { + return 0; + } + + if (IS_DTLS(ss)) { + return 0; + } + + SSL_TRC(3, ("%d: TLS13[%d]: send short_header extension", + SSL_GETPID(), ss->fd)); + + if (maxBytes < extension_len) { + PORT_Assert(0); + return 0; + } + + if (append) { + SECStatus rv; + + rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_short_header_xtn, 2); + if (rv != SECSuccess) + return -1; + + rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2); + if (rv != SECSuccess) + return -1; + + xtnData->advertised[xtnData->numAdvertised++] = + ssl_tls13_short_header_xtn; + } + + return extension_len; +} + +SECStatus +tls13_HandleShortHeaderXtn( + const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, + SECItem *data) +{ + SSL_TRC(3, ("%d: TLS13[%d]: handle early_data extension", + SSL_GETPID(), ss->fd)); + + /* If we are doing < TLS 1.3, then ignore this. */ + if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { + return SECSuccess; + } + + /* Presently this is incompatible with 0-RTT. We will fix if + * it becomes more than an experiment. */ + if (ss->opt.enable0RttData) { + return SECSuccess; + } + + if (IS_DTLS(ss)) { + PORT_SetError(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION); + return SECFailure; + } + + if (data->len) { + PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; + } + + if (!ss->opt.enableShortHeaders) { + /* Ignore. */ + return SECSuccess; + } + + /* Keep track of negotiated extensions. */ + xtnData->negotiated[xtnData->numNegotiated++] = ex_type; + + if (ss->sec.isServer) { + SECStatus rv; + + rv = ssl3_RegisterExtensionSender(ss, xtnData, + ssl_tls13_short_header_xtn, + tls13_SendShortHeaderXtn); + if (rv != SECSuccess) { + return SECFailure; + } + } + + return SECSuccess; +} diff --git a/security/nss/lib/ssl/tls13exthandle.h b/security/nss/lib/ssl/tls13exthandle.h index 41794b6eb3c2..b798c6b5526a 100644 --- a/security/nss/lib/ssl/tls13exthandle.h +++ b/security/nss/lib/ssl/tls13exthandle.h @@ -64,5 +64,11 @@ PRInt32 tls13_ClientSendPskKeyExchangeModesXtn(const sslSocket *ss, SECStatus tls13_ServerHandlePskKeyExchangeModesXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data); +PRInt32 tls13_SendShortHeaderXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + PRBool append, PRUint32 maxBytes); +SECStatus tls13_HandleShortHeaderXtn( + const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, + SECItem *data); #endif diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h index ebb812222d4e..0d5ca295ed27 100644 --- a/security/nss/lib/util/pkcs11n.h +++ b/security/nss/lib/util/pkcs11n.h @@ -222,6 +222,12 @@ #define CKM_NSS_CHACHA20_KEY_GEN (CKM_NSS + 27) #define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 28) +/* Additional PKCS #12 PBE algorithms defined in v1.1 */ +#define CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN (CKM_NSS + 29) +#define CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN (CKM_NSS + 30) +#define CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN (CKM_NSS + 31) +#define CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN (CKM_NSS + 32) + /* * HISTORICAL: * Do not attempt to use these. They are only used by NETSCAPE's internal diff --git a/security/nss/lib/util/utilmod.c b/security/nss/lib/util/utilmod.c index e05680675ebe..971b6c1dcaa7 100644 --- a/security/nss/lib/util/utilmod.c +++ b/security/nss/lib/util/utilmod.c @@ -232,10 +232,15 @@ nssutil_ReadSecmodDB(const char *appName, internal = PR_FALSE; /* is this an internal module */ skipParams = PR_FALSE; /* did we find an override parameter block*/ paramsValue = NULL; /* the current parameter block value */ - while (fgets(line, sizeof(line), fd) != NULL) { - int len = PORT_Strlen(line); + do { + int len; + + if (fgets(line, sizeof(line), fd) == NULL) { + goto endloop; + } /* remove the ending newline */ + len = PORT_Strlen(line); if (len && line[len - 1] == '\n') { len--; line[len] = 0; @@ -344,6 +349,7 @@ nssutil_ReadSecmodDB(const char *appName, continue; } + endloop: /* * if we are here, we have found a complete stanza. Now write out * any param section we may have found. @@ -379,7 +385,7 @@ nssutil_ReadSecmodDB(const char *appName, moduleString = NULL; internal = PR_FALSE; skipParams = PR_FALSE; - } + } while (!feof(fd)); if (moduleString) { PORT_Free(moduleString); diff --git a/security/nss/tests/libpkix/certs/PayPalEE.cert b/security/nss/tests/libpkix/certs/PayPalEE.cert index a826a1da252f02cf2d1612d88b5e85356cce7810..d71fbb5016b2ac180a61303d2aa2732910aa7a4b 100644 GIT binary patch delta 677 zcmV;W0$Tm%3g8MKFoFeKFoFa`paTK{0s;^M+VGvD`aJH86lDaYJ;pDQABGe*F)=VS zFfcGMFfdvd4KX+|F)%Taxu<{1esfwy#%Y35RSe&ES+{#06Qj0_W=Gi$^K(eJ{zOiG zZ;AqzBX2lJpvGE}g0r!~X7mc_BW7Yl_K?_BK z%XpN0zpxI+`)Y*TD9c5ACaZ3bw zaujWDrD_#gNe}$P_I^&`$4hNa6$A|0^b5^FE(hnlrrLPSN#%5fv;nHWX}?|%XNSN68FU1+*W>N@R4S)aL5!rs7D>HjT6&q z=b=AWl0+`OK*9W0p2T;V0^8%*kAFTpriKRlST>o998B6FRe@@fB^@;BkibHZjf&|< zmM)Hv>YHWFsYv&xA3nZg_eQeHz0TE21je~!Bnks!3lggmq zS-9ai7_zcap~h=!xkgRZ`r7$veq1;*$$O8ZT#-)#?2KY;u= zx=d5SZAc<$dhKon00E|J{$?ENj8Jtt z0gv7=B?bdk9T5Z`FdTvkaAA3HVQemAZ*77OcXxL#lez+R0W*^@12qscE@N_RFhT|c zRUIG%J1{wubptw+xdW$vJ$Y$JUG}_7UxD+NonhsiM!9nUW(o0%28k4-CF;7OU95LH zk7|k$o5M9{nV+4)z^tF^Bv{Bwz6UWdjA;kF|G-+&7sdtmb;|zDn0P}$tQ2+k$q@7h zI9PLPgjgS`F?}dUaG2gd*8qa1TrOQPmP!VKqM!nm{crDPN>@;S!y1H0CP#B_$k#CY zbrII?XMWTbvP2c{?yI_i!u16N(erS-mO%sS(ct7gS3!+Edf)KDXm3Mk;f)>{epjkV zLntcojQ0(sYK$0lYoyGlFXbW8fsE9=^Z-ouHv^+#GqUOxG)Pl}NLOq#^0)i*{OaEg R(Beq}v?Iwqdh|j9PnZrpIq(1g diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh index b34c9c09763a..972cd07caa18 100755 --- a/security/nss/tests/ssl/ssl.sh +++ b/security/nss/tests/ssl/ssl.sh @@ -1006,7 +1006,7 @@ ssl_run() do case "${SSL_RUN}" in "stapling") - if [ -nz "$NSS_DISABLE_LIBPKIX" ]; then + if [ -z "$NSS_DISABLE_LIBPKIX" ]; then ssl_stapling fi ;;