Index: net/third_party/nss/ssl/ssl.h |
diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h |
index 53ca30172f4ec3f3a95c7417759105e291fae5f9..1537aae543f921707e73fd4e99f78720ed90cc49 100644 |
--- a/net/third_party/nss/ssl/ssl.h |
+++ b/net/third_party/nss/ssl/ssl.h |
@@ -686,6 +686,17 @@ SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, |
/* Returnes negotiated through SNI host info. */ |
SSL_IMPORT SECItem *SSL_GetNegotiatedHostInfo(PRFileDesc *fd); |
+/* Export keying material according to RFC 5705. |
+** fd must correspond to a TLS 1.0 or higher socket and out must |
+** already be allocated. |
+*/ |
+SSL_IMPORT SECStatus SSL_ExportKeyingMaterial(PRFileDesc *fd, |
+ const char *label, |
+ const unsigned char *context, |
+ unsigned int contextlen, |
+ unsigned char *out, |
+ unsigned int outlen); |
wtc
2011/07/22 17:33:17
I suggest that we specify the label as
const c
|
+ |
/* |
** Return a new reference to the certificate that was most recently sent |
** to the peer on this SSL/TLS connection, or NULL if none has been sent. |