Index: net/third_party/nss/ssl/ssl3con.c |
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c |
index d0eb0425d48522c9c3d7bb2e67a5ef18cf9cb3f4..53215e783a065d2930adaa942b14d45841838fe9 100644 |
--- a/net/third_party/nss/ssl/ssl3con.c |
+++ b/net/third_party/nss/ssl/ssl3con.c |
@@ -6086,11 +6086,9 @@ ssl3_CanFalseStart(sslSocket *ss) { |
rv = ss->opt.enableFalseStart && |
!ss->sec.isServer && |
!ss->ssl3.hs.isResuming && |
- ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn) && |
ss->ssl3.cwSpec && |
ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && |
- (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa || |
- ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || |
+ (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || |
ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh); |
wtc
2012/04/19 22:33:53
It would be nice to add a comment to briefly expla
agl
2012/04/20 18:30:29
Done.
|
ssl_ReleaseSpecReadLock(ss); |
return rv; |