Update net/third_party/nss to NSS 3.15.4.

net/third_party/nss/ssl/ssl3gthr.c

Index: net/third_party/nss/ssl/ssl3gthr.c
===================================================================
--- net/third_party/nss/ssl/ssl3gthr.c	(revision 242942)
+++ net/third_party/nss/ssl/ssl3gthr.c	(working copy)
@@ -325,6 +325,12 @@
 	    rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
 	} else {
 	    /* bring in the next sslv3 record. */
+	    if (ss->recvdCloseNotify) {
+		/* RFC 5246 Section 7.2.1:
+		 *   Any data received after a closure alert is ignored.
+		 */
+		return 0;
+	    }
 	    if (!IS_DTLS(ss)) {
 		rv = ssl3_GatherData(ss, &ss->gs, flags);
 	    } else {
@@ -370,20 +376,19 @@
 
 	    cText.buf     = &ss->gs.inbuf;
 	    rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
-
-	    if (rv == (int) SECSuccess && ss->gs.buf.len > 0) {
-		/* We have application data to return to the application. This
-		 * prioritizes returning application data to the application over
-		 * completing any renegotiation handshake we may be doing.
-		 */
-		PORT_Assert(ss->firstHsDone);
-		PORT_Assert(cText.type == content_application_data);
-		break;
-	    }
 	}
 	if (rv < 0) {
 	    return ss->recvdCloseNotify ? 0 : rv;
 	}
+	if (ss->gs.buf.len > 0) {
+	    /* We have application data to return to the application. This
+	     * prioritizes returning application data to the application over
+	     * completing any renegotiation handshake we may be doing.
+	     */
+	    PORT_Assert(ss->firstHsDone);
+	    PORT_Assert(cText.type == content_application_data);
+	    break;
+	}
 
 	PORT_Assert(keepGoing);
 	ssl_GetSSL3HandshakeLock(ss);