Index: net/third_party/nss/ssl/sslimpl.h |
diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h |
index 8754e16f7d39af3c793e4cee7498d2afa0562f8e..a809616d639777a8243145a58a8f1375c584dba6 100644 |
--- a/net/third_party/nss/ssl/sslimpl.h |
+++ b/net/third_party/nss/ssl/sslimpl.h |
@@ -299,11 +299,11 @@ typedef struct { |
#endif |
} ssl3CipherSuiteCfg; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
#define ssl_V3_SUITES_IMPLEMENTED 63 |
#else |
#define ssl_V3_SUITES_IMPLEMENTED 37 |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
#define MAX_DTLS_SRTP_CIPHER_SUITES 4 |
@@ -337,8 +337,9 @@ typedef struct sslOptionsStr { |
unsigned int enableOCSPStapling : 1; /* 25 */ |
unsigned int enableNPN : 1; /* 26 */ |
unsigned int enableALPN : 1; /* 27 */ |
- unsigned int enableSignedCertTimestamps : 1; /* 28 */ |
+ unsigned int reuseServerECDHEKey : 1; /* 28 */ |
unsigned int enableFallbackSCSV : 1; /* 29 */ |
+ unsigned int enableSignedCertTimestamps : 1; /* 30 */ |
} sslOptions; |
typedef enum { sslHandshakingUndetermined = 0, |
@@ -678,9 +679,9 @@ struct sslSessionIDStr { |
SSL3KEAType exchKeyType; |
/* key type used in exchange algorithm, |
* and to wrap the sym wrapping key. */ |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
PRUint32 negotiatedECCurves; |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
/* The following values are NOT restored from the server's on-disk |
* session cache, but are restored from the client's cache. |
@@ -935,9 +936,9 @@ const ssl3CipherSuiteDef *suite_def; |
SSL3Finished sFinished[2]; |
SSL3Opaque data[72]; |
} finishedMsgs; |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
PRUint32 negotiatedECCurves; /* bit mask */ |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
PRBool authCertificatePending; |
/* Which function should SSL_RestartHandshake* call if we're blocked? |
@@ -1456,8 +1457,6 @@ extern SECStatus ssl_GatherRecord1stHandshake(sslSocket *ss); |
extern SECStatus ssl2_HandleClientHelloMessage(sslSocket *ss); |
extern SECStatus ssl2_HandleServerHelloMessage(sslSocket *ss); |
-extern int ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs, |
- unsigned int count); |
extern SECStatus ssl_CreateSecurityInfo(sslSocket *ss); |
extern SECStatus ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os); |
@@ -1612,7 +1611,11 @@ extern PRInt32 ssl3_SendRecord(sslSocket *ss, DTLSEpoch epoch, |
* runtime to determine which versions are supported by the version of libssl |
* in use. |
*/ |
+#ifdef NSS_ENABLE_TLS_1_3 |
+#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_3 |
+#else |
#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_2 |
+#endif |
/* Rename this macro SSL_ALL_VERSIONS_DISABLED when SSL 2.0 is removed. */ |
#define SSL3_ALL_VERSIONS_DISABLED(vrange) \ |
@@ -1678,7 +1681,7 @@ int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags); |
*/ |
extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss); |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
extern void ssl3_FilterECCipherSuitesByServerCerts(sslSocket *ss); |
extern PRBool ssl3_IsECCEnabled(sslSocket *ss); |
extern SECStatus ssl3_DisableECCSuites(sslSocket * ss, |
@@ -1733,7 +1736,7 @@ extern SECStatus ssl3_ECName2Params(PLArenaPool *arena, ECName curve, |
ECName ssl3_GetCurveWithECKeyStrength(PRUint32 curvemsk, int requiredECCbits); |
-#endif /* NSS_ENABLE_ECC */ |
+#endif /* NSS_DISABLE_ECC */ |
extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on); |
extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on); |
@@ -1770,7 +1773,7 @@ extern SECStatus ssl3_NegotiateVersion(sslSocket *ss, |
extern SECStatus ssl_GetPeerInfo(sslSocket *ss); |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
/* ECDH functions */ |
extern SECStatus ssl3_SendECDHClientKeyExchange(sslSocket * ss, |
SECKEYPublicKey * svrPubKey); |
@@ -1855,7 +1858,7 @@ extern SECStatus ssl_ConfigSecureServer(sslSocket *ss, CERTCertificate *cert, |
const CERTCertificateList *certChain, |
ssl3KeyPair *keyPair, SSLKEAType kea); |
-#ifdef NSS_ENABLE_ECC |
+#ifndef NSS_DISABLE_ECC |
extern PRInt32 ssl3_SendSupportedCurvesXtn(sslSocket *ss, |
PRBool append, PRUint32 maxBytes); |
extern PRInt32 ssl3_SendSupportedPointFormatsXtn(sslSocket *ss, |