Update net/third_party/nss to NSS 3.13.3.

net/third_party/nss/ssl/notes.txt

 ***** BEGIN LICENSE BLOCK *****
 Version: MPL 1.1/GPL 2.0/LGPL 2.1
 
 The contents of this file are subject to the Mozilla Public License Version 
 1.1 (the "License"); you may not use this file except in compliance with 
 the License. You may obtain a copy of the License at 
 http://www.mozilla.org/MPL/
 
 Software distributed under the License is distributed on an "AS IS" basis,
 WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
@@ skipping 73 matching lines @@
 ---------------------------------------------------------------------------
 
 SECWouldBlock means that the function cannot make progress because it is 
 waiting for some event OTHER THAN socket I/O completion (e.g. waiting for 
 user dialog to finish).  It is not the same as EWOULDBLOCK.
 
 ---------------------------------------------------------------------------
 
 Rank (order) of locks
 
-[ReadLock ->]\ [firstHandshake ->] [ssl3Handshake ->] recvbuf \ -> "spec"
-[WriteLock->]/                                        xmitbuf /
+recvLock ->\ firstHandshake -> recvbuf -> ssl3Handshake -> xmitbuf -> "spec"
+sendLock ->/
 
 crypto and hash Data that must be protected while turning plaintext into
 ciphertext:
 
 SSL2:   (in ssl2_Send*)
         sec->hash*
         sec->hashcx     (ptr and data)
         sec->enc
         sec->writecx*   (ptr and content)
         sec->sendSecret*(ptr and content)
@@ skipping 51 matching lines @@
 
 Data variables (not const) protected by the "sslGlobalDataLock".  
 Note, this really should be a reader/writer lock.
 
 allowedByPolicy         sslcon.c
 maybeAllowedByPolicy    sslcon.c
 chosenPreference        sslcon.c
 policyWasSet            sslcon.c
 
 cipherSuites[]          ssl3con.c