net/third_party/nss/patches/secretexporterlocks.patch

   1 diff -pu a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c
   2 --- a/nss/lib/ssl/sslinfo.c     2014-01-03 19:28:03.550814608 -0800
   3 +++ b/nss/lib/ssl/sslinfo.c     2014-01-03 19:40:13.512748975 -0800
   4 @@ -350,8 +350,13 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd,
   5         return SECFailure;
   6      }
   7
   8 +    ssl_GetRecvBufLock(ss);
   9 +    ssl_GetSSL3HandshakeLock(ss);
  10 +
  11      if (ss->version < SSL_LIBRARY_VERSION_3_1_TLS) {
  12         PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION);
  13 +       ssl_ReleaseSSL3HandshakeLock(ss);
  14 +       ssl_ReleaseRecvBufLock(ss);
  15         return SECFailure;
  16      }
  17
  18 @@ -362,13 +367,17 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd,
  19      }
  20      val = PORT_Alloc(valLen);
  21      if (!val) {
  22 +       ssl_ReleaseSSL3HandshakeLock(ss);
  23 +       ssl_ReleaseRecvBufLock(ss);
  24         return SECFailure;
  25      }
  26      i = 0;
  27 +
  28      PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH);
  29      i += SSL3_RANDOM_LENGTH;
  30      PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH);
  31      i += SSL3_RANDOM_LENGTH;
  32 +
  33      if (hasContext) {
  34         val[i++] = contextLen >> 8;
  35         val[i++] = contextLen;
  36 @@ -389,6 +398,8 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd,
  37                                          valLen, out, outLen);
  38      }
  39      ssl_ReleaseSpecReadLock(ss);
  40 +    ssl_ReleaseSSL3HandshakeLock(ss);
  41 +    ssl_ReleaseRecvBufLock(ss);
  42
  43      PORT_ZFree(val, valLen);
  44      return rv;