rather than being pointed to by the sslSocket. This reduces the number
of malloc/free calls, and greatly reduces pointer fetches, and null
pointer checks. sslGather and sslSecurityInfo are separately initialized.
2. SSL_ResetHandshake no longer deallocates and reallocates the sslSecurityInfo and all its subcomponents.
3. Many places that formerly did not check for memory allocation failures
now do check, and do the right thing when allocation failed.
1) Implicit declaration of function.
2) Possibly unitialized variables.
These warnings have indicated some real problems in the code, so many changes
are not just to silence the warnings, but to fix the problems. Others were
inocuous, but the warnings were silenced to reduce the noise.
and data is now buffered for sending and the application calls PR_Poll
to poll on read, poll on write also. This way, if the socket becomes
writable, the application's read attempt will send (more of) the buffered
write data.
cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
prelib.c sslauth.c sslsecur.c sslsock.c
reading and writing) call PR_Send and PR_Recv with a non-infinite timeout
value, use that value for both underlying read and write operations.
Fixes bug 67402. Reviewed by Wan-Teh.
record of application data into a single write, when possible, to avoid
TCP's "Nagle" delays. Fixes bug 67898. r&a: wtc. Modified Files:
ssl3con.c sslimpl.h sslsecur.c sslsock.c
SECHashObjects[] is no longer exported.
New function HASH_GetHashObject returns pointer to selected const object.
SSL statistics are now in a structure whose address is obtained via a
call to SSL_GetStatistics().
On NT, the new symbol NSS_USE_STATIC_LIBS must be declared in programs
that use the static SSL library.
Also, propagate "const" declaration for SECHashObjects.
CERT_CertChainFromCert in ssl_DupSocket(). This is MUCH faster. This is
the first approximation of the right fix. The next step is to consider
doing ref counting instead of actual duplication. Fixes bug 51425 .
rolling back from TLS (SSL 3.1) to SSL 3.0. Provide a new SSL socket
option to disable roll-back detection in servers, since certain TLS
clients are doing it incorrectly.
