Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(88)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/falsestart.patch

Issue 2808075: Update the TLS False Start patch. Replace TABs by spaces... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 Index: mozilla/security/nss/cmd/strsclnt/strsclnt.c 1 Index: mozilla/security/nss/cmd/strsclnt/strsclnt.c
2 =================================================================== 2 ===================================================================
3 RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v 3 RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v
4 retrieving revision 1.66 4 retrieving revision 1.67
5 diff -u -p -r1.66 strsclnt.c 5 diff -u -p -r1.67 strsclnt.c
6 --- mozilla/security/nss/cmd/strsclnt/strsclnt.c» 10 Feb 2010 18:07:20 -00 00» 1.66 6 --- mozilla/security/nss/cmd/strsclnt/strsclnt.c» 3 Apr 2010 18:27:28 -000 0» 1.67
7 +++ mozilla/security/nss/cmd/strsclnt/strsclnt.c» 16 Mar 2010 01:25:41 -00 00 7 +++ mozilla/security/nss/cmd/strsclnt/strsclnt.c» 29 Jul 2010 01:49:04 -00 00
8 @@ -162,6 +162,7 @@ static PRBool disableLocking = PR_FALSE 8 @@ -162,6 +162,7 @@ static PRBool disableLocking = PR_FALSE
9 static PRBool ignoreErrors = PR_FALSE; 9 static PRBool ignoreErrors = PR_FALSE;
10 static PRBool enableSessionTickets = PR_FALSE; 10 static PRBool enableSessionTickets = PR_FALSE;
11 static PRBool enableCompression = PR_FALSE; 11 static PRBool enableCompression = PR_FALSE;
12 +static PRBool enableFalseStart = PR_FALSE; 12 +static PRBool enableFalseStart = PR_FALSE;
13 13
14 PRIntervalTime maxInterval = PR_INTERVAL_NO_TIMEOUT; 14 PRIntervalTime maxInterval = PR_INTERVAL_NO_TIMEOUT;
15 15
16 @@ -197,7 +198,8 @@ Usage(const char *progName) 16 @@ -197,7 +198,8 @@ Usage(const char *progName)
17 " -U means enable throttling up threads\n" 17 " -U means enable throttling up threads\n"
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
53 + 53 +
54 case 'i': ignoreErrors = PR_TRUE; break; 54 case 'i': ignoreErrors = PR_TRUE; break;
55 55
56 case 'n': nickName = PL_strdup(optstate->value); break; 56 case 'n': nickName = PL_strdup(optstate->value); break;
57 Index: mozilla/security/nss/cmd/tstclnt/tstclnt.c 57 Index: mozilla/security/nss/cmd/tstclnt/tstclnt.c
58 =================================================================== 58 ===================================================================
59 RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v 59 RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v
60 retrieving revision 1.62 60 retrieving revision 1.62
61 diff -u -p -r1.62 tstclnt.c 61 diff -u -p -r1.62 tstclnt.c
62 --- mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62 62 --- mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62
63 +++ mozilla/security/nss/cmd/tstclnt/tstclnt.c» 16 Mar 2010 01:25:41 -0000 63 +++ mozilla/security/nss/cmd/tstclnt/tstclnt.c» 29 Jul 2010 01:49:04 -0000
64 @@ -225,6 +225,7 @@ static void Usage(const char *progName) 64 @@ -225,6 +225,7 @@ static void Usage(const char *progName)
65 fprintf(stderr, "%-20s Renegotiate N times (resuming session if N>1).\n", " -r N"); 65 fprintf(stderr, "%-20s Renegotiate N times (resuming session if N>1).\n", " -r N");
66 fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u"); 66 fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u");
67 fprintf(stderr, "%-20s Enable compression.\n", "-z"); 67 fprintf(stderr, "%-20s Enable compression.\n", "-z");
68 + fprintf(stderr, "%-20s Enable false start.\n", "-g"); 68 + fprintf(stderr, "%-20s Enable false start.\n", "-g");
69 fprintf(stderr, "%-20s Letter(s) chosen from the following list\n", 69 fprintf(stderr, "%-20s Letter(s) chosen from the following list\n",
70 "-c ciphers"); 70 "-c ciphers");
71 fprintf(stderr, 71 fprintf(stderr,
72 @@ -521,6 +522,7 @@ int main(int argc, char **argv) 72 @@ -521,6 +522,7 @@ int main(int argc, char **argv)
73 int useExportPolicy = 0; 73 int useExportPolicy = 0;
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
110 + 110 +
111 SSL_SetPKCS11PinArg(s, &pwdata); 111 SSL_SetPKCS11PinArg(s, &pwdata);
112 112
113 SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); 113 SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle);
114 Index: mozilla/security/nss/lib/ssl/ssl.h 114 Index: mozilla/security/nss/lib/ssl/ssl.h
115 =================================================================== 115 ===================================================================
116 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl.h,v 116 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl.h,v
117 retrieving revision 1.38 117 retrieving revision 1.38
118 diff -u -p -r1.38 ssl.h 118 diff -u -p -r1.38 ssl.h
119 --- mozilla/security/nss/lib/ssl/ssl.h 17 Feb 2010 02:29:07 -0000 1.38 119 --- mozilla/security/nss/lib/ssl/ssl.h 17 Feb 2010 02:29:07 -0000 1.38
120 +++ mozilla/security/nss/lib/ssl/ssl.h» 16 Mar 2010 01:25:41 -0000 120 +++ mozilla/security/nss/lib/ssl/ssl.h» 29 Jul 2010 01:49:04 -0000
121 @@ -128,6 +128,17 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFi 121 @@ -128,6 +128,17 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFi
122 /* Renegotiation Info (RI) */ 122 /* Renegotiation Info (RI) */
123 /* extension in ALL handshakes. */ 123 /* extension in ALL handshakes. */
124 /* default: off */ 124 /* default: off */
125 +#define SSL_ENABLE_FALSE_START» 22 /* Enable SSL false start (off by */ 125 +#define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */
126 +» » » » » /* default, applies only to */ 126 + /* default, applies only to */
127 +» » » » » /* clients). False start is a */ 127 + /* clients). False start is a */
128 +/* mode where an SSL client will start sending application data before */ 128 +/* mode where an SSL client will start sending application data before */
129 +/* verifying the server's Finished message. This means that we could end up */ 129 +/* verifying the server's Finished message. This means that we could end up */
130 +/* sending data to an imposter. However, the data will be encrypted and */ 130 +/* sending data to an imposter. However, the data will be encrypted and */
131 +/* only the true server can derive the session key. Thus, so long as the */ 131 +/* only the true server can derive the session key. Thus, so long as the */
132 +/* cipher isn't broken this is safe. Because of this, False Start will only */ 132 +/* cipher isn't broken this is safe. Because of this, False Start will only */
133 +/* occur on RSA or DH ciphersuites where the cipher's key length is >= 80 */ 133 +/* occur on RSA or DH ciphersuites where the cipher's key length is >= 80 */
134 +/* bits. The advantage of False Start is that it saves a round trip for */ 134 +/* bits. The advantage of False Start is that it saves a round trip for */
135 +/* client-speaks-first protocols when performing a full handshake. */ 135 +/* client-speaks-first protocols when performing a full handshake. */
136 136
137 #ifdef SSL_DEPRECATED_FUNCTION 137 #ifdef SSL_DEPRECATED_FUNCTION
138 /* Old deprecated function names */ 138 /* Old deprecated function names */
139 Index: mozilla/security/nss/lib/ssl/ssl3con.c 139 Index: mozilla/security/nss/lib/ssl/ssl3con.c
140 =================================================================== 140 ===================================================================
141 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v 141 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v
142 retrieving revision 1.136 142 retrieving revision 1.142
143 diff -u -p -r1.136 ssl3con.c 143 diff -u -p -r1.142 ssl3con.c
144 --- mozilla/security/nss/lib/ssl/ssl3con.c» 17 Feb 2010 02:29:07 -0000» 1.136 144 --- mozilla/security/nss/lib/ssl/ssl3con.c» 24 Jun 2010 19:53:20 -0000» 1.142
145 +++ mozilla/security/nss/lib/ssl/ssl3con.c» 16 Mar 2010 01:25:41 -0000 145 +++ mozilla/security/nss/lib/ssl/ssl3con.c» 29 Jul 2010 01:49:04 -0000
146 @@ -5656,7 +5656,17 @@ ssl3_RestartHandshakeAfterCertReq(sslSoc 146 @@ -5665,7 +5665,17 @@ ssl3_RestartHandshakeAfterCertReq(sslSoc
147 return rv; 147 return rv;
148 } 148 }
149 149
150 - 150 -
151 +PRBool 151 +PRBool
152 +ssl3_CanFalseStart(sslSocket *ss) { 152 +ssl3_CanFalseStart(sslSocket *ss) {
153 + return ss->opt.enableFalseStart && 153 + return ss->opt.enableFalseStart &&
154 + !ss->sec.isServer && 154 + !ss->sec.isServer &&
155 + !ss->ssl3.hs.isResuming && 155 + !ss->ssl3.hs.isResuming &&
156 + ss->ssl3.cwSpec && 156 + ss->ssl3.cwSpec &&
157 + ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 && 157 + ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 &&
158 + (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa || 158 + (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa ||
159 + ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh || 159 + ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh ||
160 + ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh); 160 + ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh);
161 +} 161 +}
162 162
163 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete 163 /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
164 * ssl3 Server Hello Done message. 164 * ssl3 Server Hello Done message.
165 @@ -5728,6 +5738,12 @@ ssl3_HandleServerHelloDone(sslSocket *ss 165 @@ -5737,6 +5747,12 @@ ssl3_HandleServerHelloDone(sslSocket *ss
166 ss->ssl3.hs.ws = wait_new_session_ticket; 166 ss->ssl3.hs.ws = wait_new_session_ticket;
167 else 167 else
168 ss->ssl3.hs.ws = wait_change_cipher; 168 ss->ssl3.hs.ws = wait_change_cipher;
169 + 169 +
170 + /* Do the handshake callback for sslv3 here. */ 170 + /* Do the handshake callback for sslv3 here, if we can false start. */
171 + if (ss->handshakeCallback != NULL && ssl3_CanFalseStart(ss)) { 171 + if (ss->handshakeCallback != NULL && ssl3_CanFalseStart(ss)) {
172 + (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData); 172 + (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
173 + } 173 + }
174 + 174 +
175 return SECSuccess; 175 return SECSuccess;
176 176
177 loser: 177 loser:
178 @@ -8468,7 +8484,7 @@ xmit_loser: 178 @@ -8476,8 +8492,8 @@ xmit_loser:
179 }
179 ss->ssl3.hs.ws = idle_handshake; 180 ss->ssl3.hs.ws = idle_handshake;
180 181
181 /* Do the handshake callback for sslv3 here. */ 182 - /* Do the handshake callback for sslv3 here. */
182 - if (ss->handshakeCallback != NULL) { 183 - if (ss->handshakeCallback != NULL) {
184 + /* Do the handshake callback for sslv3 here, if we cannot false start. */
183 + if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) { 185 + if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) {
184 (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData); 186 (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
185 } 187 }
186 188
187 Index: mozilla/security/nss/lib/ssl/ssl3gthr.c 189 Index: mozilla/security/nss/lib/ssl/ssl3gthr.c
188 =================================================================== 190 ===================================================================
189 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3gthr.c,v 191 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3gthr.c,v
190 retrieving revision 1.9 192 retrieving revision 1.9
191 diff -u -p -r1.9 ssl3gthr.c 193 diff -u -p -r1.9 ssl3gthr.c
192 --- mozilla/security/nss/lib/ssl/ssl3gthr.c 20 Nov 2008 07:37:25 -0000 1.9 194 --- mozilla/security/nss/lib/ssl/ssl3gthr.c 20 Nov 2008 07:37:25 -0000 1.9
193 +++ mozilla/security/nss/lib/ssl/ssl3gthr.c» 16 Mar 2010 01:25:41 -0000 195 +++ mozilla/security/nss/lib/ssl/ssl3gthr.c» 29 Jul 2010 01:49:04 -0000
194 @@ -188,6 +188,7 @@ ssl3_GatherCompleteHandshake(sslSocket * 196 @@ -188,6 +188,7 @@ ssl3_GatherCompleteHandshake(sslSocket *
195 { 197 {
196 SSL3Ciphertext cText; 198 SSL3Ciphertext cText;
197 int rv; 199 int rv;
198 + PRBool canFalseStart = PR_FALSE; 200 + PRBool canFalseStart = PR_FALSE;
199 201
200 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); 202 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
201 do { 203 do {
202 @@ -207,7 +208,20 @@ ssl3_GatherCompleteHandshake(sslSocket * 204 @@ -207,7 +208,20 @@ ssl3_GatherCompleteHandshake(sslSocket *
203 if (rv < 0) { 205 if (rv < 0) {
(...skipping 16 matching lines...) Expand all
220 + ss->gs.buf.len == 0); 222 + ss->gs.buf.len == 0);
221 223
222 ss->gs.readOffset = 0; 224 ss->gs.readOffset = 0;
223 ss->gs.writeOffset = ss->gs.buf.len; 225 ss->gs.writeOffset = ss->gs.buf.len;
224 Index: mozilla/security/nss/lib/ssl/sslimpl.h 226 Index: mozilla/security/nss/lib/ssl/sslimpl.h
225 =================================================================== 227 ===================================================================
226 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslimpl.h,v 228 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslimpl.h,v
227 retrieving revision 1.77 229 retrieving revision 1.77
228 diff -u -p -r1.77 sslimpl.h 230 diff -u -p -r1.77 sslimpl.h
229 --- mozilla/security/nss/lib/ssl/sslimpl.h 10 Feb 2010 00:33:50 -0000 1.77 231 --- mozilla/security/nss/lib/ssl/sslimpl.h 10 Feb 2010 00:33:50 -0000 1.77
230 +++ mozilla/security/nss/lib/ssl/sslimpl.h» 16 Mar 2010 01:25:41 -0000 232 +++ mozilla/security/nss/lib/ssl/sslimpl.h» 29 Jul 2010 01:49:04 -0000
231 @@ -333,6 +333,7 @@ typedef struct sslOptionsStr { 233 @@ -333,6 +333,7 @@ typedef struct sslOptionsStr {
232 unsigned int enableDeflate : 1; /* 19 */ 234 unsigned int enableDeflate : 1; /* 19 */
233 unsigned int enableRenegotiation : 2; /* 20-21 */ 235 unsigned int enableRenegotiation : 2; /* 20-21 */
234 unsigned int requireSafeNegotiation : 1; /* 22 */ 236 unsigned int requireSafeNegotiation : 1; /* 22 */
235 + unsigned int enableFalseStart : 1; /* 23 */ 237 + unsigned int enableFalseStart : 1; /* 23 */
236 } sslOptions; 238 } sslOptions;
237 239
238 typedef enum { sslHandshakingUndetermined = 0, 240 typedef enum { sslHandshakingUndetermined = 0,
239 @@ -1250,6 +1251,8 @@ extern void ssl_SetAlwaysBlock(sslS 241 @@ -1250,6 +1251,8 @@ extern void ssl_SetAlwaysBlock(sslS
240 242
241 extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled); 243 extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
242 244
243 +extern PRBool ssl3_CanFalseStart(sslSocket *ss); 245 +extern PRBool ssl3_CanFalseStart(sslSocket *ss);
244 + 246 +
245 #define SSL_LOCK_READER(ss) if (ss->recvLock) PZ_Lock(ss->recvLock) 247 #define SSL_LOCK_READER(ss) if (ss->recvLock) PZ_Lock(ss->recvLock)
246 #define SSL_UNLOCK_READER(ss) if (ss->recvLock) PZ_Unlock(ss->recvLock ) 248 #define SSL_UNLOCK_READER(ss) if (ss->recvLock) PZ_Unlock(ss->recvLock )
247 #define SSL_LOCK_WRITER(ss) if (ss->sendLock) PZ_Lock(ss->sendLock) 249 #define SSL_LOCK_WRITER(ss) if (ss->sendLock) PZ_Lock(ss->sendLock)
248 Index: mozilla/security/nss/lib/ssl/sslsecur.c 250 Index: mozilla/security/nss/lib/ssl/sslsecur.c
249 =================================================================== 251 ===================================================================
250 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsecur.c,v 252 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsecur.c,v
251 retrieving revision 1.43 253 retrieving revision 1.43
252 diff -u -p -r1.43 sslsecur.c 254 diff -u -p -r1.43 sslsecur.c
253 --- mozilla/security/nss/lib/ssl/sslsecur.c 14 Jan 2010 22:15:25 -0000 1.43 255 --- mozilla/security/nss/lib/ssl/sslsecur.c 14 Jan 2010 22:15:25 -0000 1.43
254 +++ mozilla/security/nss/lib/ssl/sslsecur.c» 16 Mar 2010 01:25:41 -0000 256 +++ mozilla/security/nss/lib/ssl/sslsecur.c» 29 Jul 2010 01:49:04 -0000
255 @@ -1199,8 +1199,17 @@ ssl_SecureSend(sslSocket *ss, const unsi 257 @@ -1199,8 +1199,17 @@ ssl_SecureSend(sslSocket *ss, const unsi
256 ss->writerThread = PR_GetCurrentThread(); 258 ss->writerThread = PR_GetCurrentThread();
257 /* If any of these is non-zero, the initial handshake is not done. */ 259 /* If any of these is non-zero, the initial handshake is not done. */
258 if (!ss->firstHsDone) { 260 if (!ss->firstHsDone) {
259 + PRBool canFalseStart = PR_FALSE; 261 + PRBool canFalseStart = PR_FALSE;
260 ssl_Get1stHandshakeLock(ss); 262 ssl_Get1stHandshakeLock(ss);
261 - if (ss->handshake || ss->nextHandshake || ss->securityHandshake) { 263 - if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
262 + if (ss->version >= SSL_LIBRARY_VERSION_3_0 && 264 + if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
263 + (ss->ssl3.hs.ws == wait_change_cipher || 265 + (ss->ssl3.hs.ws == wait_change_cipher ||
264 + ss->ssl3.hs.ws == wait_finished || 266 + ss->ssl3.hs.ws == wait_finished ||
265 + ss->ssl3.hs.ws == wait_new_session_ticket) && 267 + ss->ssl3.hs.ws == wait_new_session_ticket) &&
266 + ssl3_CanFalseStart(ss)) { 268 + ssl3_CanFalseStart(ss)) {
267 + canFalseStart = PR_TRUE; 269 + canFalseStart = PR_TRUE;
268 + } 270 + }
269 + if (!canFalseStart && 271 + if (!canFalseStart &&
270 + (ss->handshake || ss->nextHandshake || ss->securityHandshake)) { 272 + (ss->handshake || ss->nextHandshake || ss->securityHandshake)) {
271 rv = ssl_Do1stHandshake(ss); 273 rv = ssl_Do1stHandshake(ss);
272 } 274 }
273 ssl_Release1stHandshakeLock(ss); 275 ssl_Release1stHandshakeLock(ss);
274 Index: mozilla/security/nss/lib/ssl/sslsock.c 276 Index: mozilla/security/nss/lib/ssl/sslsock.c
275 =================================================================== 277 ===================================================================
276 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v 278 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
277 retrieving revision 1.66 279 retrieving revision 1.67
278 diff -u -p -r1.66 sslsock.c 280 diff -u -p -r1.67 sslsock.c
279 --- mozilla/security/nss/lib/ssl/sslsock.c» 26 Feb 2010 20:44:54 -0000» 1.66 281 --- mozilla/security/nss/lib/ssl/sslsock.c» 25 Apr 2010 23:37:38 -0000» 1.67
280 +++ mozilla/security/nss/lib/ssl/sslsock.c» 16 Mar 2010 01:25:41 -0000 282 +++ mozilla/security/nss/lib/ssl/sslsock.c» 29 Jul 2010 01:49:04 -0000
281 @@ -183,6 +183,7 @@ static sslOptions ssl_defaults = { 283 @@ -183,6 +183,7 @@ static sslOptions ssl_defaults = {
282 PR_FALSE, /* enableDeflate */ 284 PR_FALSE, /* enableDeflate */
283 2, /* enableRenegotiation (default: requires extension) */ 285 2, /* enableRenegotiation (default: requires extension) */
284 PR_FALSE, /* requireSafeNegotiation */ 286 PR_FALSE, /* requireSafeNegotiation */
285 + PR_FALSE, /* enableFalseStart */ 287 + PR_FALSE, /* enableFalseStart */
286 }; 288 };
287 289
288 sslSessionIDLookupFunc ssl_sid_lookup; 290 sslSessionIDLookupFunc ssl_sid_lookup;
289 @@ -728,6 +729,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh 291 @@ -728,6 +729,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
290 ss->opt.requireSafeNegotiation = on; 292 ss->opt.requireSafeNegotiation = on;
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
323 + 325 +
324 default: 326 default:
325 PORT_SetError(SEC_ERROR_INVALID_ARGS); 327 PORT_SetError(SEC_ERROR_INVALID_ARGS);
326 return SECFailure; 328 return SECFailure;
327 Index: mozilla/security/nss/tests/ssl/sslstress.txt 329 Index: mozilla/security/nss/tests/ssl/sslstress.txt
328 =================================================================== 330 ===================================================================
329 RCS file: /cvsroot/mozilla/security/nss/tests/ssl/sslstress.txt,v 331 RCS file: /cvsroot/mozilla/security/nss/tests/ssl/sslstress.txt,v
330 retrieving revision 1.18 332 retrieving revision 1.18
331 diff -u -p -r1.18 sslstress.txt 333 diff -u -p -r1.18 sslstress.txt
332 --- mozilla/security/nss/tests/ssl/sslstress.txt 3 Feb 2010 02:25:36 -000 0 1.18 334 --- mozilla/security/nss/tests/ssl/sslstress.txt 3 Feb 2010 02:25:36 -000 0 1.18
333 +++ mozilla/security/nss/tests/ssl/sslstress.txt» 16 Mar 2010 01:25:41 -00 00 335 +++ mozilla/security/nss/tests/ssl/sslstress.txt» 29 Jul 2010 01:49:04 -00 00
334 @@ -42,9 +42,11 @@ 336 @@ -42,9 +42,11 @@
335 noECC 0 _ -c_1000_-C_A Stress SSL2 RC4 128 with MD5 337 noECC 0 _ -c_1000_-C_A Stress SSL2 RC4 128 with MD5
336 noECC 0 _ -c_1000_-C_c_-T Stress SSL3 RC4 128 with MD5 338 noECC 0 _ -c_1000_-C_c_-T Stress SSL3 RC4 128 with MD5
337 noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5 339 noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
338 + noECC 0 _ -c_1000_-C_c_-h Stress TLS RC4 128 with MD5 (false start) 340 + noECC 0 _ -c_1000_-C_c_-g Stress TLS RC4 128 with MD5 (false start)
339 noECC 0 -u -2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket) 341 noECC 0 -u -2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket)
340 noECC 0 -z -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression) 342 noECC 0 -z -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression)
341 noECC 0 -u_-z -2_-c_1000_-C_c_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression) 343 noECC 0 -u_-z -2_-c_1000_-C_c_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression)
342 + noECC 0 -u_-z -2_-c_1000_-C_c_-u_-z_-h Stress TLS RC4 128 with MD5 (session ticket, compression, false start) 344 + noECC 0 -u_-z -2_-c_1000_-C_c_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, false start)
343 SNI 0 -u_-a_Host-sni.Dom -2_-3_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI) 345 SNI 0 -u_-a_Host-sni.Dom -2_-3_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI)
344 346
345 # 347 #
346 @@ -55,7 +57,9 @@ 348 @@ -55,7 +57,9 @@
347 noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 w ith MD5 (no reuse, client auth) 349 noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 w ith MD5 (no reuse, client auth)
348 noECC 0 -r_-r_-u -2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 w ith MD5 (session ticket, client auth) 350 noECC 0 -r_-r_-u -2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 w ith MD5 (session ticket, client auth)
349 noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 w ith MD5 (compression, client auth) 351 noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 w ith MD5 (compression, client auth)
350 + noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z_-h Stress TLS RC4 12 8 with MD5 (compression, client auth, false start) 352 + noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z_-g Stress TLS RC4 12 8 with MD5 (compression, client auth, false start)
351 noECC 0 -r_-r_-u_-z -2_-c_100_-C_c_-n_TestUser_-u_-z Stress TLS RC4 12 8 with MD5 (session ticket, compression, client auth) 353 noECC 0 -r_-r_-u_-z -2_-c_100_-C_c_-n_TestUser_-u_-z Stress TLS RC4 12 8 with MD5 (session ticket, compression, client auth)
352 + noECC 0 -r_-r_-u_-z -2_-c_100_-C_c_-n_TestUser_-u_-z_-h Stress TLS RC4 128 with MD5 (session ticket, compression, client auth, false start) 354 + noECC 0 -r_-r_-u_-z -2_-c_100_-C_c_-n_TestUser_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, client auth, false start)
353 SNI 0 -r_-r_-u_-a_Host-sni.Dom -2_-3_-c_1000_-C_c_-u Stress TLS RC4 1 28 with MD5 (session ticket, SNI, client auth, default virt host) 355 SNI 0 -r_-r_-u_-a_Host-sni.Dom -2_-3_-c_1000_-C_c_-u Stress TLS RC4 1 28 with MD5 (session ticket, SNI, client auth, default virt host)
354 SNI 0 -r_-r_-u_-a_Host-sni.Dom_-k_Host-sni.Dom -2_-3_-c_1000_-C_c_-u_ -a_Host-sni.Dom Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, c hange virt host) 356 SNI 0 -r_-r_-u_-a_Host-sni.Dom_-k_Host-sni.Dom -2_-3_-c_1000_-C_c_-u_ -a_Host-sni.Dom Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, c hange virt host)
355 357
OLDNEW
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698