diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2018-08-14 07:52:35 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-08-14 16:42:52 +0200 |
| commit | ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9 (patch) | |
| tree | 5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/cmd/httpserv | |
| parent | f44e99950fc25d16a3cdaffe26dadf7b58a9d38c (diff) | |
| download | UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.gz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.lz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.xz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.zip | |
Update NSS to 3.38
- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.
Diffstat (limited to 'security/nss/cmd/httpserv')
| -rw-r--r-- | security/nss/cmd/httpserv/httpserv.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/security/nss/cmd/httpserv/httpserv.c b/security/nss/cmd/httpserv/httpserv.c index 7cf28c65a..71e2ab88d 100644 --- a/security/nss/cmd/httpserv/httpserv.c +++ b/security/nss/cmd/httpserv/httpserv.c @@ -682,6 +682,7 @@ handle_connection( } if (arena) { PORT_FreeArena(arena, PR_FALSE); + arena = NULL; } if (!request || !request->tbsRequest || !request->tbsRequest->requestList || @@ -753,11 +754,11 @@ handle_connection( { PRTime now = PR_Now(); - PLArenaPool *arena = NULL; CERTOCSPSingleResponse *sr; CERTOCSPSingleResponse **singleResponses; SECItem *ocspResponse; + PORT_Assert(!arena); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (unknown) { @@ -787,8 +788,8 @@ handle_connection( } else { PR_Write(ssl_sock, outOcspHeader, strlen(outOcspHeader)); PR_Write(ssl_sock, ocspResponse->data, ocspResponse->len); - PORT_FreeArena(arena, PR_FALSE); } + PORT_FreeArena(arena, PR_FALSE); } CERT_DestroyOCSPRequest(request); break; @@ -1357,7 +1358,6 @@ main(int argc, char **argv) caRevoIter = &caRevoInfos->link; do { PRFileDesc *inFile; - int rv = SECFailure; SECItem crlDER; crlDER.data = NULL; @@ -1413,11 +1413,9 @@ main(int argc, char **argv) if (provideOcsp) { if (caRevoInfos) { - PRCList *caRevoIter; - caRevoIter = &caRevoInfos->link; do { - caRevoInfo *revoInfo = (caRevoInfo *)caRevoIter; + revoInfo = (caRevoInfo *)caRevoIter; if (revoInfo->nickname) PORT_Free(revoInfo->nickname); if (revoInfo->crlFilename) |