net: False Start only for NPN capable servers.

net/third_party/nss/ssl/ssl3con.c

 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
 /*
  * SSL3 Protocol
  *
  * ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
@@ skipping 6068 matching lines @@
     /* XXX: does not take into account whether we are waiting for
      * SSL_AuthCertificateComplete or SSL_RestartHandshakeAfterCertReq. If/when
      * that is done, this function could return different results each time it
      * would be called.
      */
 
     ssl_GetSpecReadLock(ss);
     rv = ss->opt.enableFalseStart &&
          !ss->sec.isServer &&
          !ss->ssl3.hs.isResuming &&
+         ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn) &&

[wtc, 2012/04/17 22:46:09]

If we do it this way, we need to update the documentation
of SSL_ENABLE_FALSE_START in the NSS ssl.h header file.

Alternatively, NSS can let applications control this.
Chrome would call
SSL_HandshakeNegotiatedExtension(fd, ssl_next_proto_nego_xtn)
in SSLClientSocketNSS::OwnAuthCertHandler, and call
SSL_OptionSet(fd, SSL_ENABLE_FALSE_START, PR_FALSE) to
set ss->opt.enableFalseStart to PR_FALSE.

          ss->ssl3.cwSpec &&
          ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 &&
         (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa ||
          ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh  ||
          ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh);
     ssl_ReleaseSpecReadLock(ss);
     return rv;
 }
 
 static SECStatus ssl3_SendClientSecondRound(sslSocket *ss);
@@ skipping 4332 matching lines @@
             PORT_Free(ss->ssl3.hs.recvdFragments.buf);
         }
     }
 
     ss->ssl3.initialized = PR_FALSE;
 
     SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
 }
 
 /* End of ssl3con.c */