| Index: net/third_party/nss/ssl/ssl3con.c
|
| diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
|
| index 5476fa5e28d8c88f66653d9754a12cea95a7487d..1465558a404381b7497fa9d01158ce70b6fa54bc 100644
|
| --- a/net/third_party/nss/ssl/ssl3con.c
|
| +++ b/net/third_party/nss/ssl/ssl3con.c
|
| @@ -6108,6 +6108,10 @@ ssl3_CanFalseStart(sslSocket *ss) {
|
| rv = ss->opt.enableFalseStart &&
|
| !ss->sec.isServer &&
|
| !ss->ssl3.hs.isResuming &&
|
| + /* This check for NPN is performed here because we can't call
|
| + * SSL_HandshakeNegotiatedExtension in the auth callback because of
|
| + * lock ordering issues. See crbug.com/125299 */
|
| + ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn) &&
|
| ss->ssl3.cwSpec &&
|
|
|
| /* An attacker can control the selected ciphersuite so we only wish to
|
|
|
Chromium Code Reviews
Issue 10221018:
net: don't set NSS options in a callback. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src