Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2279)

Unified Diff: net/third_party/nss/patches/cbcrandomiv.patch

Issue 8137027: net: disable 1/n-1 record splitting when False Start is disabled. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl3con.c » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/cbcrandomiv.patch
diff --git a/net/third_party/nss/patches/cbcrandomiv.patch b/net/third_party/nss/patches/cbcrandomiv.patch
index 806e0b2d21d942f0426a58a671690b9be17c907b..d816569d98c9a50c2935a82863f434a0dbb41dd3 100644
--- a/net/third_party/nss/patches/cbcrandomiv.patch
+++ b/net/third_party/nss/patches/cbcrandomiv.patch
@@ -1,14 +1,14 @@
-From 03c5c660f3668ed1e9c9b6277d64c96d2ab3d890 Mon Sep 17 00:00:00 2001
+From 0c2a0a73b65f94caf681dd884fbdedf9bb7f3b5d Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@chromium.org>
Date: Mon, 3 Oct 2011 12:23:29 -0400
Subject: [PATCH] cbcrandomiv.patch
---
- mozilla/security/nss/lib/ssl/ssl3con.c | 96 +++++++++++++++++++++++---------
- 1 files changed, 69 insertions(+), 27 deletions(-)
+ mozilla/security/nss/lib/ssl/ssl3con.c | 97 +++++++++++++++++++++++---------
+ 1 files changed, 70 insertions(+), 27 deletions(-)
diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/ssl/ssl3con.c
-index dd99962..2648cbe 100644
+index dd99962..32f53ce 100644
--- a/mozilla/security/nss/lib/ssl/ssl3con.c
+++ b/mozilla/security/nss/lib/ssl/ssl3con.c
@@ -2039,24 +2039,24 @@ ssl3_ClientAuthTokenPresent(sslSessionID *sid) {
@@ -90,7 +90,7 @@ index dd99962..2648cbe 100644
}
/* Process the plain text before sending it.
-@@ -2227,20 +2221,70 @@ ssl3_SendRecord( sslSocket * ss,
+@@ -2227,20 +2221,71 @@ ssl3_SendRecord( sslSocket * ss,
while (nIn > 0) {
PRUint32 contentLen = PR_MIN(nIn, MAX_FRAGMENT_LENGTH);
@@ -100,6 +100,7 @@ index dd99962..2648cbe 100644
+ ssl_GetSpecReadLock(ss); /********************************/
+
+ if (nIn > 1 &&
++ ss->opt.enableFalseStart == PR_TRUE &&
+ ss->ssl3.cwSpec->version <= SSL_LIBRARY_VERSION_3_1_TLS &&
+ type == content_application_data &&
+ ss->ssl3.cwSpec->cipher_def->type == type_block /* CBC mode */) {
@@ -125,10 +126,9 @@ index dd99962..2648cbe 100644
- return SECFailure; /* sslBuffer_Grow set a memory error code. */
+ SSL_GETPID(), ss->fd, spaceNeeded));
+ goto spec_locked_loser; /* sslBuffer_Grow set a memory error code. */
- }
- }
-
-- rv = ssl3_CompressMACEncryptRecord( ss, type, pIn, contentLen);
++ }
++ }
++
+ if (numRecords == 2) {
+ sslBuffer secondRecord;
+
@@ -160,16 +160,17 @@ index dd99962..2648cbe 100644
+ if (rv == SECSuccess) {
+ PRINT_BUF(50, (ss, "send (encrypted) record data [1/1]:",
+ wrBuf->buf, wrBuf->len));
-+ }
-+ }
-+
+ }
+ }
+
+- rv = ssl3_CompressMACEncryptRecord( ss, type, pIn, contentLen);
+spec_locked_loser:
+ ssl_ReleaseSpecReadLock(ss); /************************************/
+
if (rv != SECSuccess)
return SECFailure;
-@@ -2248,8 +2292,6 @@ ssl3_SendRecord( sslSocket * ss,
+@@ -2248,8 +2293,6 @@ ssl3_SendRecord( sslSocket * ss,
nIn -= contentLen;
PORT_Assert( nIn >= 0 );
« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl3con.c » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698