net: don't set NSS options in a callback.

net/third_party/nss/patches/falsestartnpn2.patch

Index: net/third_party/nss/patches/falsestartnpn2.patch
diff --git a/net/third_party/nss/patches/falsestartnpn2.patch b/net/third_party/nss/patches/falsestartnpn2.patch
new file mode 100644
index 0000000000000000000000000000000000000000..00b29343b0d798357363c4d68779ceeae849c960
--- /dev/null
+++ b/net/third_party/nss/patches/falsestartnpn2.patch
@@ -0,0 +1,15 @@
+diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
+index 5476fa5..1465558 100644
+--- a/net/third_party/nss/ssl/ssl3con.c
++++ b/net/third_party/nss/ssl/ssl3con.c
+@@ -6108,6 +6108,10 @@ ssl3_CanFalseStart(sslSocket *ss) {
+     rv = ss->opt.enableFalseStart &&
+ 	 !ss->sec.isServer &&
+ 	 !ss->ssl3.hs.isResuming &&
++	 /* This check for NPN is performed here because we can't call
++	  * SSL_HandshakeNegotiatedExtension in the auth callback because of
++	  * lock ordering issues. See crbug.com/125299 */
++	 ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn) &&
+ 	 ss->ssl3.cwSpec &&
+ 
+ 	 /* An attacker can control the selected ciphersuite so we only wish to