Update NSS to 3.38

- Added HACL*Poly1305 32-bit (INRIA/Microsoft) - Updated to final TLS 1.3 draft version (28) - Removed TLS 1.3 prerelease draft limit check - Removed NPN code - Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments - Fixed several bugs with TLS 1.3 negotiation - Updated internal certificate store - Added support for the TLS Record Size Limit Extension. - Fixed CVE-2018-0495 - Various security fixes in the ASN.1 code.
author: wolfbeast <mcwerewolf@gmail.com> 2018-08-14 07:52:35 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-08-14 16:42:52 +0200
commit: 16695590ed53e6047689eb65d2160e2122960868 (patch)
tree: 5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/cmd/httpserv
parent: 61fbbabbd158f2322d68073f60d76a888d20e040 (diff)
download: uxp-16695590ed53e6047689eb65d2160e2122960868.tar.gz
1 files changed, 4 insertions, 6 deletions
diff --git a/security/nss/cmd/httpserv/httpserv.c b/security/nss/cmd/httpserv/httpserv.c
index 7cf28c65a0..71e2ab88d9 100644
--- a/security/nss/cmd/httpserv/httpserv.c
+++ b/security/nss/cmd/httpserv/httpserv.c
@@ -682,6 +682,7 @@ handle_connection(
                 }
                 if (arena) {
                     PORT_FreeArena(arena, PR_FALSE);
+                    arena = NULL;
                 }
                 if (!request || !request->tbsRequest ||
                     !request->tbsRequest->requestList ||
@@ -753,11 +754,11 @@ handle_connection(
 
                     {
                         PRTime now = PR_Now();
-                        PLArenaPool *arena = NULL;
                         CERTOCSPSingleResponse *sr;
                         CERTOCSPSingleResponse **singleResponses;
                         SECItem *ocspResponse;
 
+                        PORT_Assert(!arena);
                         arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
 
                         if (unknown) {
@@ -787,8 +788,8 @@ handle_connection(
                         } else {
                             PR_Write(ssl_sock, outOcspHeader, strlen(outOcspHeader));
                             PR_Write(ssl_sock, ocspResponse->data, ocspResponse->len);
-                            PORT_FreeArena(arena, PR_FALSE);
                         }
+                        PORT_FreeArena(arena, PR_FALSE);
                     }
                     CERT_DestroyOCSPRequest(request);
                     break;
@@ -1357,7 +1358,6 @@ main(int argc, char **argv)
             caRevoIter = &caRevoInfos->link;
             do {
                 PRFileDesc *inFile;
-                int rv = SECFailure;
                 SECItem crlDER;
                 crlDER.data = NULL;
 
@@ -1413,11 +1413,9 @@ main(int argc, char **argv)
 
     if (provideOcsp) {
         if (caRevoInfos) {
-            PRCList *caRevoIter;
-
             caRevoIter = &caRevoInfos->link;
             do {
-                caRevoInfo *revoInfo = (caRevoInfo *)caRevoIter;
+                revoInfo = (caRevoInfo *)caRevoIter;
                 if (revoInfo->nickname)
                     PORT_Free(revoInfo->nickname);
                 if (revoInfo->crlFilename)
author	wolfbeast <mcwerewolf@gmail.com>	2018-08-14 07:52:35 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-08-14 16:42:52 +0200
commit	16695590ed53e6047689eb65d2160e2122960868 (patch)
tree	5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/cmd/httpserv
parent	61fbbabbd158f2322d68073f60d76a888d20e040 (diff)
download	uxp-16695590ed53e6047689eb65d2160e2122960868.tar.gz