Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(375)

Unified Diff: net/third_party/nss/patches/signedcertificatetimestamps.patch

Issue 1053903002: Update libssl to NSS 3.18 RTM (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix typo Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/patches/sessioncache.patch ('k') | net/third_party/nss/patches/suitebonly.patch » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/patches/signedcertificatetimestamps.patch
diff --git a/net/third_party/nss/patches/signedcertificatetimestamps.patch b/net/third_party/nss/patches/signedcertificatetimestamps.patch
index 98643725561830bd14db606eeb7f0de35c5d2e76..ce9efee094289fed3513ef0cf7c2af5498a3f5cd 100644
--- a/net/third_party/nss/patches/signedcertificatetimestamps.patch
+++ b/net/third_party/nss/patches/signedcertificatetimestamps.patch
@@ -1,7 +1,46 @@
-diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
---- a/nss/lib/ssl/ssl3con.c 2014-01-17 18:11:28.314468184 -0800
-+++ b/nss/lib/ssl/ssl3con.c 2014-01-17 18:23:17.946207727 -0800
-@@ -6682,10 +6682,22 @@ ssl3_HandleServerHello(sslSocket *ss, SS
+diff --git a/ssl/ssl.h b/ssl/ssl.h
+index 80717db..e9f5fb0 100644
+--- a/ssl/ssl.h
++++ b/ssl/ssl.h
+@@ -191,6 +191,9 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
+ #define SSL_ENABLE_FALLBACK_SCSV 28 /* Send fallback SCSV in
+ * handshakes. */
+
++/* Request Signed Certificate Timestamps via TLS extension (client) */
++#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 29
++
+ #ifdef SSL_DEPRECATED_FUNCTION
+ /* Old deprecated function names */
+ SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
+@@ -493,6 +496,23 @@ SSL_IMPORT CERTCertList *SSL_PeerCertificateChain(PRFileDesc *fd);
+ */
+ SSL_IMPORT const SECItemArray * SSL_PeerStapledOCSPResponses(PRFileDesc *fd);
+
++/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp
++ * extension data provided by the TLS server. The return value is a pointer
++ * to an internal SECItem that contains the returned response (as a serialized
++ * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only
++ * valid until the callback function that calls SSL_PeerSignedCertTimestamps
++ * (e.g. the authenticate certificate hook, or the handshake callback) returns.
++ *
++ * If no Signed Certificate Timestamps were given by the server then the result
++ * will be empty. If there was an error, then the result will be NULL.
++ *
++ * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate support
++ * for Signed Certificate Timestamps to a server.
++ *
++ * libssl does not do any parsing or validation of the response itself.
++ */
++SSL_IMPORT const SECItem * SSL_PeerSignedCertTimestamps(PRFileDesc *fd);
++
+ /* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP responses
+ * in the fd's data, which may be sent as part of a server side cert_status
+ * handshake message. Parameter |responses| is for the server certificate of
+diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c
+index 708a4c7..3421e0b 100644
+--- a/ssl/ssl3con.c
++++ b/ssl/ssl3con.c
+@@ -6737,10 +6737,22 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
sid->u.ssl3.sessionIDLength = sidBytes.len;
PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
@@ -24,7 +63,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
/* If we will need a ChannelID key then we make the callback now. This
* allows the handshake to be restarted cleanly if the callback returns
* SECWouldBlock. */
-@@ -6711,6 +6723,9 @@ alert_loser:
+@@ -6766,6 +6778,9 @@ alert_loser:
(void)SSL3_SendAlert(ss, alert_fatal, desc);
loser:
@@ -34,23 +73,24 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
errCode = ssl_MapLowLevelError(errCode);
return SECFailure;
}
-diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c
---- a/nss/lib/ssl/ssl3ext.c 2014-01-17 18:22:54.945827814 -0800
-+++ b/nss/lib/ssl/ssl3ext.c 2014-01-17 18:35:21.798168722 -0800
-@@ -81,6 +81,12 @@ static PRInt32 ssl3_ClientSendSigAlgsXtn
+diff --git a/ssl/ssl3ext.c b/ssl/ssl3ext.c
+index b6ed17d..6c120ff 100644
+--- a/ssl/ssl3ext.c
++++ b/ssl/ssl3ext.c
+@@ -85,6 +85,12 @@ static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type,
SECItem *data);
+static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss,
-+ PRBool append,
-+ PRUint32 maxBytes);
++ PRBool append,
++ PRUint32 maxBytes);
+static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss,
-+ PRUint16 ex_type,
-+ SECItem *data);
++ PRUint16 ex_type,
++ SECItem *data);
- /*
- * Write bytes. Using this function means the SECItem structure
-@@ -259,6 +265,8 @@ static const ssl3HelloExtensionHandler s
+ static PRInt32 ssl3_ClientSendDraftVersionXtn(sslSocket *ss, PRBool append,
+ PRUint32 maxBytes);
+@@ -270,6 +276,8 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = {
{ ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn },
{ ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn },
{ ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
@@ -59,52 +99,49 @@ diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c
{ -1, NULL }
};
-@@ -287,7 +295,9 @@ ssl3HelloExtensionSender clientHelloSend
+@@ -298,6 +306,8 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
{ ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn },
{ ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn },
{ ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
-- { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }
-+ { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
+ { ssl_signed_certificate_timestamp_xtn,
-+ &ssl3_ClientSendSignedCertTimestampXtn }
++ &ssl3_ClientSendSignedCertTimestampXtn },
+ { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
+ { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },
/* any extra entries will appear as { 0, NULL } */
- };
-
-@@ -2379,3 +2389,65 @@ ssl3_AppendPaddingExtension(sslSocket *s
-
- return extensionLen;
+@@ -2582,3 +2592,64 @@ loser:
+ return SECSuccess;
}
-+
+
+/* ssl3_ClientSendSignedCertTimestampXtn sends the signed_certificate_timestamp
+ * extension for TLS ClientHellos. */
+static PRInt32
+ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, PRBool append,
-+ PRUint32 maxBytes)
++ PRUint32 maxBytes)
+{
+ PRInt32 extension_length = 2 /* extension_type */ +
-+ 2 /* length(extension_data) */;
++ 2 /* length(extension_data) */;
+
+ /* Only send the extension if processing is enabled. */
+ if (!ss->opt.enableSignedCertTimestamps)
-+ return 0;
++ return 0;
+
+ if (append && maxBytes >= extension_length) {
-+ SECStatus rv;
-+ /* extension_type */
-+ rv = ssl3_AppendHandshakeNumber(ss,
-+ ssl_signed_certificate_timestamp_xtn,
-+ 2);
-+ if (rv != SECSuccess)
-+ goto loser;
-+ /* zero length */
-+ rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
-+ if (rv != SECSuccess)
-+ goto loser;
-+ ss->xtnData.advertised[ss->xtnData.numAdvertised++] =
-+ ssl_signed_certificate_timestamp_xtn;
++ SECStatus rv;
++ /* extension_type */
++ rv = ssl3_AppendHandshakeNumber(ss,
++ ssl_signed_certificate_timestamp_xtn,
++ 2);
++ if (rv != SECSuccess)
++ goto loser;
++ /* zero length */
++ rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
++ if (rv != SECSuccess)
++ goto loser;
++ ss->xtnData.advertised[ss->xtnData.numAdvertised++] =
++ ssl_signed_certificate_timestamp_xtn;
+ } else if (maxBytes < extension_length) {
-+ PORT_Assert(0);
-+ return 0;
++ PORT_Assert(0);
++ return 0;
+ }
+
+ return extension_length;
@@ -114,7 +151,7 @@ diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c
+
+static SECStatus
+ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, PRUint16 ex_type,
-+ SECItem *data)
++ SECItem *data)
+{
+ /* We do not yet know whether we'll be resuming a session or creating
+ * a new one, so we keep a pointer to the data in the TLSExtensionData
@@ -128,63 +165,27 @@ diff -pu a/nss/lib/ssl/ssl3ext.c b/nss/lib/ssl/ssl3ext.c
+ PORT_Assert(!scts->data && !scts->len);
+
+ if (!data->len) {
-+ /* Empty extension data: RFC 6962 mandates non-empty contents. */
-+ return SECFailure;
++ /* Empty extension data: RFC 6962 mandates non-empty contents. */
++ return SECFailure;
+ }
+ *scts = *data;
+ /* Keep track of negotiated extensions. */
+ ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
+ return SECSuccess;
+}
-diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
---- a/nss/lib/ssl/ssl.h 2014-01-17 18:00:11.213237373 -0800
-+++ b/nss/lib/ssl/ssl.h 2014-01-17 18:38:15.791045050 -0800
-@@ -181,6 +181,9 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRF
- */
- #define SSL_ENABLE_ALPN 26
-
-+/* Request Signed Certificate Timestamps via TLS extension (client) */
-+#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 27
-+
- #ifdef SSL_DEPRECATED_FUNCTION
- /* Old deprecated function names */
- SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
-@@ -483,6 +486,23 @@ SSL_IMPORT CERTCertList *SSL_PeerCertifi
- */
- SSL_IMPORT const SECItemArray * SSL_PeerStapledOCSPResponses(PRFileDesc *fd);
-
-+/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp
-+ * extension data provided by the TLS server. The return value is a pointer
-+ * to an internal SECItem that contains the returned response (as a serialized
-+ * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only
-+ * valid until the callback function that calls SSL_PeerSignedCertTimestamps
-+ * (e.g. the authenticate certificate hook, or the handshake callback) returns.
-+ *
-+ * If no Signed Certificate Timestamps were given by the server then the result
-+ * will be empty. If there was an error, then the result will be NULL.
-+ *
-+ * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate support
-+ * for Signed Certificate Timestamps to a server.
-+ *
-+ * libssl does not do any parsing or validation of the response itself.
-+ */
-+SSL_IMPORT const SECItem * SSL_PeerSignedCertTimestamps(PRFileDesc *fd);
-+
- /* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP responses
- * in the fd's data, which may be sent as part of a server side cert_status
- * handshake message. Parameter |responses| is for the server certificate of
-diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
---- a/nss/lib/ssl/sslimpl.h 2014-01-17 18:11:28.314468184 -0800
-+++ b/nss/lib/ssl/sslimpl.h 2014-01-17 18:27:22.540248428 -0800
-@@ -337,6 +337,7 @@ typedef struct sslOptionsStr {
- unsigned int enableOCSPStapling : 1; /* 25 */
- unsigned int enableNPN : 1; /* 26 */
+diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h
+index 62f822a..2f61a46 100644
+--- a/ssl/sslimpl.h
++++ b/ssl/sslimpl.h
+@@ -339,6 +339,7 @@ typedef struct sslOptionsStr {
unsigned int enableALPN : 1; /* 27 */
-+ unsigned int enableSignedCertTimestamps : 1; /* 28 */
+ unsigned int reuseServerECDHEKey : 1; /* 28 */
+ unsigned int enableFallbackSCSV : 1; /* 29 */
++ unsigned int enableSignedCertTimestamps : 1; /* 30 */
} sslOptions;
typedef enum { sslHandshakingUndetermined = 0,
-@@ -719,6 +720,11 @@ struct sslSessionIDStr {
+@@ -721,6 +722,11 @@ struct sslSessionIDStr {
* resumption handshake to the original handshake. */
SECItem originalHandshakeHash;
@@ -196,7 +197,7 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
/* This lock is lazily initialized by CacheSID when a sid is first
* cached. Before then, there is no need to lock anything because
* the sid isn't being shared by anything.
-@@ -827,6 +833,18 @@ struct TLSExtensionDataStr {
+@@ -829,6 +835,18 @@ struct TLSExtensionDataStr {
* is beyond ssl3_HandleClientHello function. */
SECItem *sniNameArr;
PRUint32 sniNameArrSize;
@@ -215,9 +216,10 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
};
typedef SECStatus (*sslRestartTarget)(sslSocket *);
-diff -pu a/nss/lib/ssl/sslnonce.c b/nss/lib/ssl/sslnonce.c
---- a/nss/lib/ssl/sslnonce.c 2014-01-17 18:11:28.314468184 -0800
-+++ b/nss/lib/ssl/sslnonce.c 2014-01-17 18:23:17.956207890 -0800
+diff --git a/ssl/sslnonce.c b/ssl/sslnonce.c
+index c45849d..cefdda6 100644
+--- a/ssl/sslnonce.c
++++ b/ssl/sslnonce.c
@@ -131,6 +131,9 @@ ssl_DestroySID(sslSessionID *sid)
if (sid->u.ssl3.originalHandshakeHash.data) {
SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE);
@@ -228,62 +230,63 @@ diff -pu a/nss/lib/ssl/sslnonce.c b/nss/lib/ssl/sslnonce.c
if (sid->u.ssl3.lock) {
PR_DestroyRWLock(sid->u.ssl3.lock);
-diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
---- a/nss/lib/ssl/sslsock.c 2014-01-17 18:04:43.127747463 -0800
-+++ b/nss/lib/ssl/sslsock.c 2014-01-17 18:44:09.246889487 -0800
-@@ -87,7 +87,8 @@ static sslOptions ssl_defaults = {
- PR_TRUE, /* cbcRandomIV */
- PR_FALSE, /* enableOCSPStapling */
+diff --git a/ssl/sslsock.c b/ssl/sslsock.c
+index 0d12273..80f4e67 100644
+--- a/ssl/sslsock.c
++++ b/ssl/sslsock.c
+@@ -89,7 +89,8 @@ static sslOptions ssl_defaults = {
PR_TRUE, /* enableNPN */
-- PR_FALSE /* enableALPN */
-+ PR_FALSE, /* enableALPN */
-+ PR_FALSE /* enableSignedCertTimestamps */
+ PR_FALSE, /* enableALPN */
+ PR_TRUE, /* reuseServerECDHEKey */
+- PR_FALSE /* enableFallbackSCSV */
++ PR_FALSE, /* enableFallbackSCSV */
++ PR_FALSE, /* enableSignedCertTimestamps */
};
/*
-@@ -787,6 +788,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
- ss->opt.enableALPN = on;
- break;
+@@ -807,6 +808,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
+ ss->opt.enableFallbackSCSV = on;
+ break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-+ ss->opt.enableSignedCertTimestamps = on;
-+ break;
++ ss->opt.enableSignedCertTimestamps = on;
++ break;
+
default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
-@@ -859,6 +864,9 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 wh
- case SSL_ENABLE_OCSP_STAPLING: on = ss->opt.enableOCSPStapling; break;
- case SSL_ENABLE_NPN: on = ss->opt.enableNPN; break;
- case SSL_ENABLE_ALPN: on = ss->opt.enableALPN; break;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+@@ -882,6 +887,9 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
+ case SSL_REUSE_SERVER_ECDHE_KEY:
+ on = ss->opt.reuseServerECDHEKey; break;
+ case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-+ on = ss->opt.enableSignedCertTimestamps;
-+ break;
++ on = ss->opt.enableSignedCertTimestamps;
++ break;
default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -922,6 +930,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBo
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+@@ -951,6 +959,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
+ case SSL_ENABLE_FALLBACK_SCSV:
+ on = ssl_defaults.enableFallbackSCSV;
break;
- case SSL_ENABLE_NPN: on = ssl_defaults.enableNPN; break;
- case SSL_ENABLE_ALPN: on = ssl_defaults.enableALPN; break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-+ on = ssl_defaults.enableSignedCertTimestamps;
-+ break;
++ on = ssl_defaults.enableSignedCertTimestamps;
++ break;
default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -1097,6 +1108,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
- ssl_defaults.enableALPN = on;
- break;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+@@ -1134,6 +1145,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBool on)
+ ssl_defaults.enableFallbackSCSV = on;
+ break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-+ ssl_defaults.enableSignedCertTimestamps = on;
-+ break;
++ ssl_defaults.enableSignedCertTimestamps = on;
++ break;
+
default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
-@@ -1921,6 +1936,29 @@ SSL_PeerStapledOCSPResponses(PRFileDesc
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+@@ -1963,6 +1978,29 @@ SSL_PeerStapledOCSPResponses(PRFileDesc *fd)
return &ss->sec.ci.sid->peerCertStatus;
}
@@ -313,22 +316,23 @@ diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
SECStatus
SSL_HandshakeResumedSession(PRFileDesc *fd, PRBool *handshake_resumed) {
sslSocket *ss = ssl_FindSocket(fd);
-diff -pu a/nss/lib/ssl/sslt.h b/nss/lib/ssl/sslt.h
---- a/nss/lib/ssl/sslt.h 2014-01-17 18:10:16.793281867 -0800
-+++ b/nss/lib/ssl/sslt.h 2014-01-17 18:23:17.956207890 -0800
+diff --git a/ssl/sslt.h b/ssl/sslt.h
+index fe0ad07..c36b8c7 100644
+--- a/ssl/sslt.h
++++ b/ssl/sslt.h
@@ -202,6 +202,7 @@ typedef enum {
ssl_signature_algorithms_xtn = 13,
ssl_use_srtp_xtn = 14,
ssl_app_layer_protocol_xtn = 16,
+ ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */
+ ssl_padding_xtn = 21,
ssl_session_ticket_xtn = 35,
ssl_next_proto_nego_xtn = 13172,
- ssl_channel_id_xtn = 30032,
-@@ -209,6 +210,6 @@ typedef enum {
- ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
+@@ -210,6 +211,6 @@ typedef enum {
+ ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */
} SSLExtensionType;
--#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. */
-+#define SSL_MAX_EXTENSIONS 12 /* doesn't include ssl_padding_xtn. */
+-#define SSL_MAX_EXTENSIONS 12 /* doesn't include ssl_padding_xtn. */
++#define SSL_MAX_EXTENSIONS 13 /* doesn't include ssl_padding_xtn. */
#endif /* __sslt_h_ */
« no previous file with comments | « net/third_party/nss/patches/sessioncache.patch ('k') | net/third_party/nss/patches/suitebonly.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698