1 files changed, 27 insertions, 15 deletions

diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c
index 0da41be12..271084cf7 100644
--- a/security/nss/lib/ssl/ssl3ext.c
+++ b/security/nss/lib/ssl/ssl3ext.c
@@ -87,6 +87,10 @@ static const ssl3ExtensionHandler serverCertificateHandlers[] = {
     { -1, NULL }
 };
 
+static const ssl3ExtensionHandler certificateRequestHandlers[] = {
+    { -1, NULL }
+};
+
 /* Tables of functions to format TLS hello extensions, one function per
  * extension.
  * These static tables are for the formatting of client hello extensions.
@@ -122,6 +126,7 @@ static const ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS]
       { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn },
       { ssl_tls13_psk_key_exchange_modes_xtn,
         &tls13_ClientSendPskKeyExchangeModesXtn },
+      { ssl_padding_xtn, &ssl3_ClientSendPaddingExtension },
       /* The pre_shared_key extension MUST be last. */
       { ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn },
       /* any extra entries will appear as { 0, NULL }    */
@@ -167,22 +172,22 @@ ssl3_ClientExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type)
  * buffer so they can only be used during ClientHello processing.
  */
 SECStatus
-ssl3_ParseExtensions(sslSocket *ss, SSL3Opaque **b, PRUint32 *length)
+ssl3_ParseExtensions(sslSocket *ss, PRUint8 **b, PRUint32 *length)
 {
     /* Clean out the extensions list. */
     ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
 
     while (*length) {
         SECStatus rv;
-        PRInt32 extension_type;
+        PRUint32 extension_type;
         SECItem extension_data = { siBuffer, NULL, 0 };
         TLSExtension *extension;
         PRCList *cursor;
 
         /* Get the extension's type field */
-        extension_type = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
-        if (extension_type < 0) { /* failure to decode extension_type */
-            return SECFailure;    /* alert already sent */
+        rv = ssl3_ConsumeHandshakeNumber(ss, &extension_type, 2, b, length);
+        if (rv != SECSuccess) {
+            return SECFailure; /* alert already sent */
         }
 
         SSL_TRC(10, ("%d: SSL3[%d]: parsing extension %d",
@@ -249,7 +254,10 @@ ssl3_HandleParsedExtensions(sslSocket *ss,
                             SSL3HandshakeType handshakeMessage)
 {
     const ssl3ExtensionHandler *handlers;
-    PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+    /* HelloRetryRequest doesn't set ss->version. It might be safe to
+     * do so, but we weren't entirely sure. TODO(ekr@rtfm.com). */
+    PRBool isTLS13 = (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) ||
+                     (handshakeMessage == hello_retry_request);
     PRCList *cursor;
 
     switch (handshakeMessage) {
@@ -277,6 +285,10 @@ ssl3_HandleParsedExtensions(sslSocket *ss,
             PORT_Assert(!ss->sec.isServer);
             handlers = serverCertificateHandlers;
             break;
+        case certificate_request:
+            PORT_Assert(!ss->sec.isServer);
+            handlers = certificateRequestHandlers;
+            break;
         default:
             PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
             PORT_Assert(0);
@@ -348,7 +360,7 @@ ssl3_HandleParsedExtensions(sslSocket *ss,
  * ssl3_HandleParsedExtensions. */
 SECStatus
 ssl3_HandleExtensions(sslSocket *ss,
-                      SSL3Opaque **b, PRUint32 *length,
+                      PRUint8 **b, PRUint32 *length,
                       SSL3HandshakeType handshakeMessage)
 {
     SECStatus rv;
@@ -488,7 +500,7 @@ ssl3_ExtAppendHandshakeNumber(const sslSocket *ss, PRInt32 num,
 
 SECStatus
 ssl3_ExtAppendHandshakeVariable(const sslSocket *ss,
-                                const SSL3Opaque *src, PRInt32 bytes,
+                                const PRUint8 *src, PRInt32 bytes,
                                 PRInt32 lenSize)
 {
     return ssl3_AppendHandshakeVariable((sslSocket *)ss, src, bytes, lenSize);
@@ -508,22 +520,22 @@ ssl3_ExtDecodeError(const sslSocket *ss)
 }
 
 SECStatus
-ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRInt32 bytes,
-                         SSL3Opaque **b, PRUint32 *length)
+ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRUint32 bytes,
+                         PRUint8 **b, PRUint32 *length)
 {
     return ssl3_ConsumeHandshake((sslSocket *)ss, v, bytes, b, length);
 }
 
-PRInt32
-ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRInt32 bytes,
-                               SSL3Opaque **b, PRUint32 *length)
+SECStatus
+ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRUint32 *num,
+                               PRUint32 bytes, PRUint8 **b, PRUint32 *length)
 {
-    return ssl3_ConsumeHandshakeNumber((sslSocket *)ss, bytes, b, length);
+    return ssl3_ConsumeHandshakeNumber((sslSocket *)ss, num, bytes, b, length);
 }
 
 SECStatus
 ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i,
-                                 PRInt32 bytes, SSL3Opaque **b,
+                                 PRUint32 bytes, PRUint8 **b,
                                  PRUint32 *length)
 {
     return ssl3_ConsumeHandshakeVariable((sslSocket *)ss, i, bytes, b, length);