Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(322)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/ssl3ext.c

Issue 10136001: net: only False Start with forward secret servers. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/ssl/ssl3con.c ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * SSL3 Protocol 2 * SSL3 Protocol
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 551 matching lines...) Expand 10 before | Expand all | Expand 10 after
562 ssl3_ServerHandleNextProtoNegoXtn(sslSocket * ss, PRUint16 ex_type, SECItem *dat a) 562 ssl3_ServerHandleNextProtoNegoXtn(sslSocket * ss, PRUint16 ex_type, SECItem *dat a)
563 { 563 {
564 if (ss->firstHsDone || data->len != 0) { 564 if (ss->firstHsDone || data->len != 0) {
565 /* Clients MUST send an empty NPN extension, if any. */ 565 /* Clients MUST send an empty NPN extension, if any. */
566 PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); 566 PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
567 return SECFailure; 567 return SECFailure;
568 } 568 }
569 569
570 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; 570 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
571 571
572 /* TODO: server side NPN support would require calling
573 * ssl3_RegisterServerHelloExtensionSender here in order to echo the
574 * extension back to the client. */
575
572 return SECSuccess; 576 return SECSuccess;
573 } 577 }
574 578
575 /* ssl3_ValidateNextProtoNego checks that the given block of data is valid: none 579 /* ssl3_ValidateNextProtoNego checks that the given block of data is valid: none
576 * of the lengths may be 0 and the sum of the lengths must equal the length of 580 * of the lengths may be 0 and the sum of the lengths must equal the length of
577 * the block. */ 581 * the block. */
578 SECStatus 582 SECStatus
579 ssl3_ValidateNextProtoNego(const unsigned char* data, unsigned int length) 583 ssl3_ValidateNextProtoNego(const unsigned char* data, unsigned int length)
580 { 584 {
581 unsigned int offset = 0; 585 unsigned int offset = 0;
(...skipping 1283 matching lines...) Expand 10 before | Expand all | Expand 10 after
1865 1869
1866 /* The echoed extension must be empty. */ 1870 /* The echoed extension must be empty. */
1867 if (data->len != 0) 1871 if (data->len != 0)
1868 return SECFailure; 1872 return SECFailure;
1869 1873
1870 /* Keep track of negotiated extensions. */ 1874 /* Keep track of negotiated extensions. */
1871 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; 1875 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
1872 1876
1873 return SECSuccess; 1877 return SECSuccess;
1874 } 1878 }
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/ssl3con.c ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698