OLD | NEW |
(Empty) | |
| 1 diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con
.c |
| 2 index e8a7f01..53215e7 100644 |
| 3 --- a/net/third_party/nss/ssl/ssl3con.c |
| 4 +++ b/net/third_party/nss/ssl/ssl3con.c |
| 5 @@ -6088,8 +6088,7 @@ ssl3_CanFalseStart(sslSocket *ss) { |
| 6 !ss->ssl3.hs.isResuming && |
| 7 ss->ssl3.cwSpec && |
| 8 ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && |
| 9 - (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa || |
| 10 - ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || |
| 11 + (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || |
| 12 ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh); |
| 13 ssl_ReleaseSpecReadLock(ss); |
| 14 return rv; |
| 15 diff --git a/net/third_party/nss/ssl/ssl3ext.c b/net/third_party/nss/ssl/ssl3ext
.c |
| 16 index 80c1f7f..6d5866b 100644 |
| 17 --- a/net/third_party/nss/ssl/ssl3ext.c |
| 18 +++ b/net/third_party/nss/ssl/ssl3ext.c |
| 19 @@ -567,6 +567,12 @@ ssl3_ServerHandleNextProtoNegoXtn(sslSocket * ss, PRUint16
ex_type, SECItem *dat |
| 20 return SECFailure; |
| 21 } |
| 22 |
| 23 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 24 + |
| 25 + /* TODO: server side NPN support would require calling |
| 26 + * ssl3_RegisterServerHelloExtensionSender here in order to echo the |
| 27 + * extension back to the client. */ |
| 28 + |
| 29 return SECSuccess; |
| 30 } |
| 31 |
| 32 @@ -635,6 +641,8 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, PRUint16 ex
_type, |
| 33 return SECFailure; |
| 34 } |
| 35 |
| 36 + ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 37 + |
| 38 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 39 return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result); |
| 40 } |
OLD | NEW |