| Index: net/third_party/nss/ssl/ssl.h
|
| ===================================================================
|
| --- net/third_party/nss/ssl/ssl.h (revision 88407)
|
| +++ net/third_party/nss/ssl/ssl.h (working copy)
|
| @@ -139,16 +139,7 @@
|
| /* occur on RSA or DH ciphersuites where the cipher's key length is >= 80 */
|
| /* bits. The advantage of False Start is that it saves a round trip for */
|
| /* client-speaks-first protocols when performing a full handshake. */
|
| -#define SSL_ENABLE_SNAP_START 23 /* Enable SSL snap start (off by */
|
| - /* default, applies only to */
|
| - /* clients). Snap start is a way */
|
| -/* of performing TLS handshakes with no round trips. The client's entire */
|
| -/* handshake is included in the first handshake message, along with */
|
| -/* optional application data. In order to do this, information from a */
|
| -/* previous connection to the same server is required. See */
|
| -/* SSL_GetPredictedServerHelloData, SSL_SetPredictedPeerCertificates and */
|
| -/* SSL_SetSnapStartApplicationData. */
|
| -#define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */
|
| +#define SSL_ENABLE_OCSP_STAPLING 23 /* Request OCSP stapling (client) */
|
|
|
| #ifdef SSL_DEPRECATED_FUNCTION
|
| /* Old deprecated function names */
|
| @@ -447,49 +438,6 @@
|
| void *arg);
|
|
|
| /*
|
| -** Set the predicted chain of certificates for the peer. This is used for the
|
| -** TLS Snap Start extension. Note that the SSL_ENABLE_SNAP_START option must
|
| -** be set for this to occur.
|
| -**
|
| -** This function takes a reference to each of the given certificates.
|
| -*/
|
| -SSL_IMPORT SECStatus SSL_SetPredictedPeerCertificates(
|
| - PRFileDesc *fd, CERTCertificate **certs,
|
| - unsigned int numCerts);
|
| -
|
| -/*
|
| -** Get the data needed to predict the server's hello message in the future. On
|
| -** return, |*data| will either be NULL (in which case no data is available and
|
| -** |*data_len| will be zero) or it will point to a buffer within the internal
|
| -** data of |fd| and |*data_len| will contain the number of bytes available. If
|
| -** non-NULL, |*data| will persist at least until the next handshake on |fd|.
|
| -*/
|
| -SSL_IMPORT SECStatus SSL_GetPredictedServerHelloData(
|
| - PRFileDesc *fd, const unsigned char **data,
|
| - unsigned int *data_len);
|
| -
|
| -/*
|
| -** Set the predicted server hello data. This is used for the TLS Snap Start
|
| -** extension. Note that the SSL_ENABLE_SNAP_START option must be set for this
|
| -** to occur.
|
| -*/
|
| -SSL_IMPORT SECStatus SSL_SetPredictedServerHelloData(
|
| - PRFileDesc *fd, const unsigned char *data, unsigned int data_len);
|
| -
|
| -/* Set the application data which will be transmitted in a Snap Start
|
| -** handshake. If the Snap Start handshake fails, this data will be
|
| -* retransmitted automatically. */
|
| -SSL_IMPORT SECStatus SSL_SetSnapStartApplicationData(
|
| - PRFileDesc *fd, const unsigned char *data, unsigned int data_len);
|
| -
|
| -/* Get the result of a Snap Start handshake. It's valid to call then even if
|
| -** SSL_ENABLE_SNAP_START hasn't been set, although the result will always be
|
| -** SSL_SNAP_START_NONE.
|
| -*/
|
| -SSL_IMPORT SECStatus SSL_GetSnapStartResult(PRFileDesc* socket,
|
| - SSLSnapStartResult* result);
|
| -
|
| -/*
|
| ** Configure SSL socket for running a secure server. Needs the
|
| ** certificate for the server and the servers private key. The arguments
|
| ** are copied.
|
|
|