Chromium Code Reviews| Index: net/third_party/nss/ssl/sslsecur.c |
| diff --git a/net/third_party/nss/ssl/sslsecur.c b/net/third_party/nss/ssl/sslsecur.c |
| index e4804d01027efa6f1f1c3776178e2ad402eda1f5..cc8588b5154887f02900899135f646960943af5b 100644 |
| --- a/net/third_party/nss/ssl/sslsecur.c |
| +++ b/net/third_party/nss/ssl/sslsecur.c |
| @@ -1535,6 +1535,39 @@ SSL_RestartHandshakeAfterCertReq(PRFileDesc * fd, |
| return ret; |
| } |
| +SECStatus |
| +SSL_RestartHandshakeAfterChannelIDReq(PRFileDesc * fd, |
| + SECKEYPublicKey * channelIDPub, |
| + SECKEYPrivateKey *channelID) |
| +{ |
| + sslSocket * ss = ssl_FindSocket(fd); |
| + SECStatus ret; |
| + |
| + if (!ss) { |
| + SSL_DBG(("%d: SSL[%d]: bad socket in" |
| + " SSL_RestartHandshakeAfterChannelIDReq", |
| + SSL_GETPID(), fd)); |
| + goto loser; |
| + } |
| + |
| + if (ss->version < SSL_LIBRARY_VERSION_3_0) { |
|
wtc
2012/06/05 19:38:49
I think it's better to test ss->version while hold
agl
2012/06/05 19:58:43
Done.
|
| + PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2); |
| + goto loser; |
| + } |
| + |
| + ssl_Get1stHandshakeLock(ss); |
| + ret = ssl3_RestartHandshakeAfterChannelIDReq(ss, channelIDPub, |
| + channelID); |
| + ssl_Release1stHandshakeLock(ss); |
| + |
| + return ret; |
| + |
| +loser: |
| + SECKEY_DestroyPublicKey(channelIDPub); |
| + SECKEY_DestroyPrivateKey(channelID); |
| + return SECFailure; |
| +} |
| + |
| /* DO NOT USE. This function was exported in ssl.def with the wrong signature; |
| * this implementation exists to maintain link-time compatibility. |
| */ |