commit 6cb68a4ec0990509273a939c2034c20aa26ff69d Author: Mike Perry <mikeperry-git@torproject.org> Date: Thu Oct 23 17:45:47 2014 -0700 fixup! Bug 13028: Prevent potential proxy bypass cases. This fixes MSVC compilation. --- security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index 5bb6dd3..68ba2f4 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1433,15 +1433,15 @@ pkix_pl_Socket_CreateByName( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByName"); PKIX_NULLCHECK_TWO(serverName, pSocket); + localCopyName = PL_strdup(serverName); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but // we want to ensure nothing can ever hit this code in production. #if 1 printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); - return PR_FAILURE; + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); #endif - localCopyName = PL_strdup(serverName); - sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1596,7 +1596,7 @@ pkix_pl_Socket_CreateByHostAndPort( #if 1 printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, portnum); - return PR_FAILURE; + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); #endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);