Index: net/socket/ssl_client_socket_nss.cc |
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc |
index 5fd5f112b24d5c34a5806615f5f84c8d31617317..5b24440aef35ef9604d1a46c068a9995e1c4ada3 100644 |
--- a/net/socket/ssl_client_socket_nss.cc |
+++ b/net/socket/ssl_client_socket_nss.cc |
@@ -2101,6 +2101,16 @@ SECStatus SSLClientSocketNSS::OwnAuthCertHandler(void* arg, |
PRFileDesc* socket, |
PRBool checksig, |
PRBool is_server) { |
+#ifdef SSL_ENABLE_FALSE_START |
+ PRBool npn; |
+ SECStatus rv = |
+ SSL_HandshakeNegotiatedExtension(socket, ssl_next_proto_nego_xtn, &npn); |
+ if (rv != SECSuccess || !npn) { |
+ // If the server doesn't support NPN, then we don't do False Start with it. |
+ SSL_OptionSet(socket, SSL_ENABLE_FALSE_START, PR_FALSE); |
+ } |
+#endif |
+ |
// Tell NSS to not verify the certificate. |
return SECSuccess; |
} |