Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(378)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/ssl/sslimpl.h

Issue 1053903002: Update libssl to NSS 3.18 RTM (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/third_party/nss/ssl/sslenum.c ('K') | « net/third_party/nss/ssl/sslgathr.c ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/ssl/sslimpl.h
diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h
index 8754e16f7d39af3c793e4cee7498d2afa0562f8e..a809616d639777a8243145a58a8f1375c584dba6 100644
--- a/net/third_party/nss/ssl/sslimpl.h
+++ b/net/third_party/nss/ssl/sslimpl.h
@@ -299,11 +299,11 @@ typedef struct {
#endif
} ssl3CipherSuiteCfg;
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
#define ssl_V3_SUITES_IMPLEMENTED 63
#else
#define ssl_V3_SUITES_IMPLEMENTED 37
-#endif /* NSS_ENABLE_ECC */
+#endif /* NSS_DISABLE_ECC */
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
@@ -337,8 +337,9 @@ typedef struct sslOptionsStr {
unsigned int enableOCSPStapling : 1; /* 25 */
unsigned int enableNPN : 1; /* 26 */
unsigned int enableALPN : 1; /* 27 */
- unsigned int enableSignedCertTimestamps : 1; /* 28 */
+ unsigned int reuseServerECDHEKey : 1; /* 28 */
unsigned int enableFallbackSCSV : 1; /* 29 */
+ unsigned int enableSignedCertTimestamps : 1; /* 30 */
} sslOptions;
typedef enum { sslHandshakingUndetermined = 0,
@@ -678,9 +679,9 @@ struct sslSessionIDStr {
SSL3KEAType exchKeyType;
/* key type used in exchange algorithm,
* and to wrap the sym wrapping key. */
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
PRUint32 negotiatedECCurves;
-#endif /* NSS_ENABLE_ECC */
+#endif /* NSS_DISABLE_ECC */
/* The following values are NOT restored from the server's on-disk
* session cache, but are restored from the client's cache.
@@ -935,9 +936,9 @@ const ssl3CipherSuiteDef *suite_def;
SSL3Finished sFinished[2];
SSL3Opaque data[72];
} finishedMsgs;
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
PRUint32 negotiatedECCurves; /* bit mask */
-#endif /* NSS_ENABLE_ECC */
+#endif /* NSS_DISABLE_ECC */
PRBool authCertificatePending;
/* Which function should SSL_RestartHandshake* call if we're blocked?
@@ -1456,8 +1457,6 @@ extern SECStatus ssl_GatherRecord1stHandshake(sslSocket *ss);
extern SECStatus ssl2_HandleClientHelloMessage(sslSocket *ss);
extern SECStatus ssl2_HandleServerHelloMessage(sslSocket *ss);
-extern int ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs,
- unsigned int count);
extern SECStatus ssl_CreateSecurityInfo(sslSocket *ss);
extern SECStatus ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os);
@@ -1612,7 +1611,11 @@ extern PRInt32 ssl3_SendRecord(sslSocket *ss, DTLSEpoch epoch,
* runtime to determine which versions are supported by the version of libssl
* in use.
*/
+#ifdef NSS_ENABLE_TLS_1_3
+#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_3
+#else
#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_2
+#endif
/* Rename this macro SSL_ALL_VERSIONS_DISABLED when SSL 2.0 is removed. */
#define SSL3_ALL_VERSIONS_DISABLED(vrange) \
@@ -1678,7 +1681,7 @@ int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
*/
extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss);
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
extern void ssl3_FilterECCipherSuitesByServerCerts(sslSocket *ss);
extern PRBool ssl3_IsECCEnabled(sslSocket *ss);
extern SECStatus ssl3_DisableECCSuites(sslSocket * ss,
@@ -1733,7 +1736,7 @@ extern SECStatus ssl3_ECName2Params(PLArenaPool *arena, ECName curve,
ECName ssl3_GetCurveWithECKeyStrength(PRUint32 curvemsk, int requiredECCbits);
-#endif /* NSS_ENABLE_ECC */
+#endif /* NSS_DISABLE_ECC */
extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on);
extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on);
@@ -1770,7 +1773,7 @@ extern SECStatus ssl3_NegotiateVersion(sslSocket *ss,
extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
/* ECDH functions */
extern SECStatus ssl3_SendECDHClientKeyExchange(sslSocket * ss,
SECKEYPublicKey * svrPubKey);
@@ -1855,7 +1858,7 @@ extern SECStatus ssl_ConfigSecureServer(sslSocket *ss, CERTCertificate *cert,
const CERTCertificateList *certChain,
ssl3KeyPair *keyPair, SSLKEAType kea);
-#ifdef NSS_ENABLE_ECC
+#ifndef NSS_DISABLE_ECC
extern PRInt32 ssl3_SendSupportedCurvesXtn(sslSocket *ss,
PRBool append, PRUint32 maxBytes);
extern PRInt32 ssl3_SendSupportedPointFormatsXtn(sslSocket *ss,
« net/third_party/nss/ssl/sslenum.c ('K') | « net/third_party/nss/ssl/sslgathr.c ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698