| Index: net/third_party/nss/patches/ocspstapling.patch
|
| ===================================================================
|
| --- net/third_party/nss/patches/ocspstapling.patch (revision 166942)
|
| +++ net/third_party/nss/patches/ocspstapling.patch (working copy)
|
| @@ -1,42 +1,7 @@
|
| -diff -pu -r a/src/net/third_party/nss/ssl/ssl.h b/src/net/third_party/nss/ssl/ssl.h
|
| ---- a/src/net/third_party/nss/ssl/ssl.h 2012-03-19 14:34:10.103984357 -0700
|
| -+++ b/src/net/third_party/nss/ssl/ssl.h 2012-03-19 14:34:51.624539293 -0700
|
| -@@ -184,6 +184,7 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFi
|
| - * accept fragmented alerts).
|
| - */
|
| - #define SSL_CBC_RANDOM_IV 23
|
| -+#define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */
|
| -
|
| - #ifdef SSL_DEPRECATED_FUNCTION
|
| - /* Old deprecated function names */
|
| -@@ -435,6 +436,23 @@ SSL_IMPORT SECStatus SSL_PeerCertificate
|
| - PRFileDesc *fd, CERTCertificate **certs,
|
| - unsigned int *numCerts, unsigned int maxNumCerts);
|
| -
|
| -+/* SSL_GetStapledOCSPResponse returns the OCSP response that was provided by
|
| -+ * the TLS server. The resulting data is copied to |out_data|. On entry, |*len|
|
| -+ * must contain the size of |out_data|. On exit, |*len| will contain the size
|
| -+ * of the OCSP stapled response. If the stapled response is too large to fit in
|
| -+ * |out_data| then it will be truncated. If no OCSP response was given by the
|
| -+ * server then it has zero length.
|
| -+ *
|
| -+ * You must set the SSL_ENABLE_OCSP_STAPLING option in order for OCSP responses
|
| -+ * to be provided by a server.
|
| -+ *
|
| -+ * You can call this function during the certificate verification callback or
|
| -+ * any time afterwards.
|
| -+ */
|
| -+SSL_IMPORT SECStatus SSL_GetStapledOCSPResponse(PRFileDesc *fd,
|
| -+ unsigned char *out_data,
|
| -+ unsigned int *len);
|
| -+
|
| - /*
|
| - ** Authenticate certificate hook. Called when a certificate comes in
|
| - ** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
|
| -diff -pu -r a/src/net/third_party/nss/ssl/ssl3con.c b/src/net/third_party/nss/ssl/ssl3con.c
|
| ---- a/src/net/third_party/nss/ssl/ssl3con.c 2012-03-19 14:34:10.093984221 -0700
|
| -+++ b/src/net/third_party/nss/ssl/ssl3con.c 2012-03-19 14:34:51.624539293 -0700
|
| -@@ -7899,6 +7899,57 @@ ssl3_CopyPeerCertsToSID(ssl3CertNode *ce
|
| +diff -pu -r a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
|
| +--- a/net/third_party/nss/ssl/ssl3con.c 2012-11-09 15:21:56.747322689 -0800
|
| ++++ b/net/third_party/nss/ssl/ssl3con.c 2012-11-09 15:28:27.933078020 -0800
|
| +@@ -8365,6 +8365,57 @@ ssl3_CopyPeerCertsToSID(ssl3CertNode *ce
|
| }
|
|
|
| /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
|
| @@ -94,7 +59,7 @@
|
| * ssl3 Certificate message.
|
| * Caller must hold Handshake and RecvBuf locks.
|
| */
|
| -@@ -8707,6 +8758,26 @@ ssl3_FinishHandshake(sslSocket * ss)
|
| +@@ -9248,6 +9299,26 @@ ssl3_FinishHandshake(sslSocket * ss)
|
| return SECSuccess;
|
| }
|
|
|
| @@ -121,8 +86,8 @@
|
| /* Called from ssl3_HandleHandshake() when it has gathered a complete ssl3
|
| * hanshake message.
|
| * Caller must hold Handshake and RecvBuf locks.
|
| -@@ -8801,14 +8872,42 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| - rv = ssl3_HandleServerHello(ss, b, length);
|
| +@@ -9376,14 +9447,42 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| + rv = dtls_HandleHelloVerifyRequest(ss, b, length);
|
| break;
|
| case certificate:
|
| + if (ss->ssl3.hs.may_get_cert_status) {
|
| @@ -164,7 +129,7 @@
|
| rv = ssl3_HandleServerKeyExchange(ss, b, length);
|
| break;
|
| case certificate_request:
|
| -@@ -8817,6 +8916,9 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| +@@ -9392,6 +9491,9 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST);
|
| return SECFailure;
|
| }
|
| @@ -174,7 +139,7 @@
|
| rv = ssl3_HandleCertificateRequest(ss, b, length);
|
| break;
|
| case server_hello_done:
|
| -@@ -8830,6 +8932,9 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| +@@ -9405,6 +9507,9 @@ ssl3_HandleHandshakeMessage(sslSocket *s
|
| PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
| return SECFailure;
|
| }
|
| @@ -184,7 +149,7 @@
|
| rv = ssl3_HandleServerHelloDone(ss);
|
| break;
|
| case certificate_verify:
|
| -@@ -9719,6 +9824,12 @@ ssl3_DestroySSL3Info(sslSocket *ss)
|
| +@@ -10369,6 +10474,12 @@ ssl3_DestroySSL3Info(sslSocket *ss)
|
| ss->ssl3.hs.messages.len = 0;
|
| ss->ssl3.hs.messages.space = 0;
|
| }
|
| @@ -197,28 +162,28 @@
|
|
|
| /* free the SSL3Buffer (msg_body) */
|
| PORT_Free(ss->ssl3.hs.msg_body.buf);
|
| -diff -pu -r a/src/net/third_party/nss/ssl/ssl3ext.c b/src/net/third_party/nss/ssl/ssl3ext.c
|
| ---- a/src/net/third_party/nss/ssl/ssl3ext.c 2012-03-12 12:14:12.000000000 -0700
|
| -+++ b/src/net/third_party/nss/ssl/ssl3ext.c 2012-03-19 14:34:51.624539293 -0700
|
| -@@ -253,6 +253,7 @@ static const ssl3HelloExtensionHandler s
|
| - { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn },
|
| +diff -pu -r a/net/third_party/nss/ssl/ssl3ext.c b/net/third_party/nss/ssl/ssl3ext.c
|
| +--- a/net/third_party/nss/ssl/ssl3ext.c 2012-09-20 17:28:05.000000000 -0700
|
| ++++ b/net/third_party/nss/ssl/ssl3ext.c 2012-11-09 15:32:11.606363256 -0800
|
| +@@ -234,6 +234,7 @@ static const ssl3HelloExtensionHandler s
|
| { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
|
| { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn },
|
| + { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn },
|
| + { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
|
| { -1, NULL }
|
| };
|
|
|
| -@@ -276,7 +277,8 @@ ssl3HelloExtensionSender clientHelloSend
|
| - { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn },
|
| +@@ -258,7 +259,8 @@ ssl3HelloExtensionSender clientHelloSend
|
| #endif
|
| { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn },
|
| -- { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }
|
| -+ { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
|
| + { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
|
| +- { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }
|
| ++ { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn },
|
| + { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }
|
| /* any extra entries will appear as { 0, NULL } */
|
| };
|
|
|
| -@@ -658,6 +660,80 @@ loser:
|
| +@@ -640,6 +642,80 @@ loser:
|
| return -1;
|
| }
|
|
|
| @@ -299,10 +264,10 @@
|
| /*
|
| * NewSessionTicket
|
| * Called from ssl3_HandleFinished
|
| -diff -pu -r a/src/net/third_party/nss/ssl/ssl3prot.h b/src/net/third_party/nss/ssl/ssl3prot.h
|
| ---- a/src/net/third_party/nss/ssl/ssl3prot.h 2011-10-28 17:29:11.000000000 -0700
|
| -+++ b/src/net/third_party/nss/ssl/ssl3prot.h 2012-03-19 14:34:51.624539293 -0700
|
| -@@ -158,6 +158,7 @@ typedef enum {
|
| +diff -pu -r a/net/third_party/nss/ssl/ssl3prot.h b/net/third_party/nss/ssl/ssl3prot.h
|
| +--- a/net/third_party/nss/ssl/ssl3prot.h 2012-04-25 07:50:12.000000000 -0700
|
| ++++ b/net/third_party/nss/ssl/ssl3prot.h 2012-11-09 15:28:27.933078020 -0800
|
| +@@ -129,6 +129,7 @@ typedef enum {
|
| certificate_verify = 15,
|
| client_key_exchange = 16,
|
| finished = 20,
|
| @@ -310,32 +275,67 @@
|
| next_proto = 67
|
| } SSL3HandshakeType;
|
|
|
| -diff -pu -r a/src/net/third_party/nss/ssl/sslerr.h b/src/net/third_party/nss/ssl/sslerr.h
|
| ---- a/src/net/third_party/nss/ssl/sslerr.h 2012-03-10 20:32:35.000000000 -0800
|
| -+++ b/src/net/third_party/nss/ssl/sslerr.h 2012-03-19 14:35:47.275278925 -0700
|
| -@@ -213,6 +213,8 @@ SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIE
|
| +diff -pu -r a/net/third_party/nss/ssl/sslerr.h b/net/third_party/nss/ssl/sslerr.h
|
| +--- a/net/third_party/nss/ssl/sslerr.h 2012-07-12 17:51:57.000000000 -0700
|
| ++++ b/net/third_party/nss/ssl/sslerr.h 2012-11-09 15:30:36.804971319 -0800
|
| +@@ -188,6 +188,8 @@ SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQ
|
|
|
| - SSL_ERROR_INVALID_VERSION_RANGE = (SSL_ERROR_BASE + 120),
|
| + SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION = (SSL_ERROR_BASE + 124),
|
|
|
| -+SSL_ERROR_RX_UNEXPECTED_CERT_STATUS = (SSL_ERROR_BASE + 121),
|
| ++SSL_ERROR_RX_UNEXPECTED_CERT_STATUS = (SSL_ERROR_BASE + 125),
|
| +
|
| SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
|
| } SSLErrorCodes;
|
| #endif /* NO_SECURITY_ERROR_ENUM */
|
| -diff -pu -r a/src/net/third_party/nss/ssl/SSLerrs.h b/src/net/third_party/nss/ssl/SSLerrs.h
|
| ---- a/src/net/third_party/nss/ssl/SSLerrs.h 2012-03-10 20:32:34.000000000 -0800
|
| -+++ b/src/net/third_party/nss/ssl/SSLerrs.h 2012-03-19 14:38:37.757544584 -0700
|
| -@@ -420,3 +420,6 @@ ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_
|
| +diff -pu -r a/net/third_party/nss/ssl/SSLerrs.h b/net/third_party/nss/ssl/SSLerrs.h
|
| +--- a/net/third_party/nss/ssl/SSLerrs.h 2012-07-12 17:51:57.000000000 -0700
|
| ++++ b/net/third_party/nss/ssl/SSLerrs.h 2012-11-09 15:30:19.924723400 -0800
|
| +@@ -400,3 +400,6 @@ ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY
|
|
|
| - ER3(SSL_ERROR_INVALID_VERSION_RANGE, (SSL_ERROR_BASE + 120),
|
| - "SSL version range is not valid.")
|
| + ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION, (SSL_ERROR_BASE + 124),
|
| + "SSL feature not supported for the protocol version.")
|
| +
|
| -+ER3(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS, (SSL_ERROR_BASE + 121),
|
| ++ER3(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS, (SSL_ERROR_BASE + 125),
|
| +"SSL received an unexpected Certificate Status handshake message.")
|
| -diff -pu -r a/src/net/third_party/nss/ssl/sslimpl.h b/src/net/third_party/nss/ssl/sslimpl.h
|
| ---- a/src/net/third_party/nss/ssl/sslimpl.h 2012-03-19 14:34:10.093984221 -0700
|
| -+++ b/src/net/third_party/nss/ssl/sslimpl.h 2012-03-19 14:34:51.634539426 -0700
|
| -@@ -339,6 +339,7 @@ typedef struct sslOptionsStr {
|
| +diff -pu -r a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h
|
| +--- a/net/third_party/nss/ssl/ssl.h 2012-11-09 15:27:15.952019947 -0800
|
| ++++ b/net/third_party/nss/ssl/ssl.h 2012-11-09 15:28:27.933078020 -0800
|
| +@@ -158,6 +158,7 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRF
|
| + * accept fragmented alerts).
|
| + */
|
| + #define SSL_CBC_RANDOM_IV 23
|
| ++#define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */
|
| +
|
| + #ifdef SSL_DEPRECATED_FUNCTION
|
| + /* Old deprecated function names */
|
| +@@ -409,6 +410,23 @@ SSL_IMPORT SECStatus SSL_PeerCertificate
|
| + PRFileDesc *fd, CERTCertificate **certs,
|
| + unsigned int *numCerts, unsigned int maxNumCerts);
|
| +
|
| ++/* SSL_GetStapledOCSPResponse returns the OCSP response that was provided by
|
| ++ * the TLS server. The resulting data is copied to |out_data|. On entry, |*len|
|
| ++ * must contain the size of |out_data|. On exit, |*len| will contain the size
|
| ++ * of the OCSP stapled response. If the stapled response is too large to fit in
|
| ++ * |out_data| then it will be truncated. If no OCSP response was given by the
|
| ++ * server then it has zero length.
|
| ++ *
|
| ++ * You must set the SSL_ENABLE_OCSP_STAPLING option in order for OCSP responses
|
| ++ * to be provided by a server.
|
| ++ *
|
| ++ * You can call this function during the certificate verification callback or
|
| ++ * any time afterwards.
|
| ++ */
|
| ++SSL_IMPORT SECStatus SSL_GetStapledOCSPResponse(PRFileDesc *fd,
|
| ++ unsigned char *out_data,
|
| ++ unsigned int *len);
|
| ++
|
| + /*
|
| + ** Authenticate certificate hook. Called when a certificate comes in
|
| + ** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
|
| +diff -pu -r a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h
|
| +--- a/net/third_party/nss/ssl/sslimpl.h 2012-11-09 15:21:56.747322689 -0800
|
| ++++ b/net/third_party/nss/ssl/sslimpl.h 2012-11-09 15:28:27.943078167 -0800
|
| +@@ -316,6 +316,7 @@ typedef struct sslOptionsStr {
|
| unsigned int requireSafeNegotiation : 1; /* 22 */
|
| unsigned int enableFalseStart : 1; /* 23 */
|
| unsigned int cbcRandomIV : 1; /* 24 */
|
| @@ -343,7 +343,7 @@
|
| } sslOptions;
|
|
|
| typedef enum { sslHandshakingUndetermined = 0,
|
| -@@ -783,6 +784,14 @@ const ssl3CipherSuiteDef *suite_def;
|
| +@@ -795,6 +796,14 @@ const ssl3CipherSuiteDef *suite_def;
|
| PRBool isResuming; /* are we resuming a session */
|
| PRBool usedStepDownKey; /* we did a server key exchange. */
|
| PRBool sendingSCSV; /* instead of empty RI */
|
| @@ -358,7 +358,7 @@
|
| sslBuffer msgState; /* current state for handshake messages*/
|
| /* protected by recvBufLock */
|
| sslBuffer messages; /* Accumulated handshake messages */
|
| -@@ -1548,6 +1557,8 @@ extern SECStatus ssl3_HandleSupportedPoi
|
| +@@ -1625,6 +1634,8 @@ extern SECStatus ssl3_HandleSupportedPoi
|
| PRUint16 ex_type, SECItem *data);
|
| extern SECStatus ssl3_ClientHandleSessionTicketXtn(sslSocket *ss,
|
| PRUint16 ex_type, SECItem *data);
|
| @@ -367,7 +367,7 @@
|
| extern SECStatus ssl3_ServerHandleSessionTicketXtn(sslSocket *ss,
|
| PRUint16 ex_type, SECItem *data);
|
|
|
| -@@ -1557,6 +1568,8 @@ extern SECStatus ssl3_ServerHandleSessio
|
| +@@ -1634,6 +1645,8 @@ extern SECStatus ssl3_ServerHandleSessio
|
| */
|
| extern PRInt32 ssl3_SendSessionTicketXtn(sslSocket *ss, PRBool append,
|
| PRUint32 maxBytes);
|
| @@ -376,10 +376,10 @@
|
|
|
| /* ClientHello and ServerHello extension senders.
|
| * The code is in ssl3ext.c.
|
| -diff -pu -r a/src/net/third_party/nss/ssl/sslsock.c b/src/net/third_party/nss/ssl/sslsock.c
|
| ---- a/src/net/third_party/nss/ssl/sslsock.c 2012-03-19 14:34:10.083984085 -0700
|
| -+++ b/src/net/third_party/nss/ssl/sslsock.c 2012-03-19 14:34:51.634539426 -0700
|
| -@@ -185,7 +185,8 @@ static sslOptions ssl_defaults = {
|
| +diff -pu -r a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock.c
|
| +--- a/net/third_party/nss/ssl/sslsock.c 2012-11-09 15:17:00.432983977 -0800
|
| ++++ b/net/third_party/nss/ssl/sslsock.c 2012-11-09 15:28:27.943078167 -0800
|
| +@@ -153,7 +153,8 @@ static sslOptions ssl_defaults = {
|
| 2, /* enableRenegotiation (default: requires extension) */
|
| PR_FALSE, /* requireSafeNegotiation */
|
| PR_FALSE, /* enableFalseStart */
|
| @@ -389,7 +389,7 @@
|
| };
|
|
|
| /*
|
| -@@ -812,6 +813,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
| +@@ -827,6 +828,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
| ss->opt.cbcRandomIV = on;
|
| break;
|
|
|
| @@ -400,7 +400,7 @@
|
| default:
|
| PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| rv = SECFailure;
|
| -@@ -881,6 +886,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 wh
|
| +@@ -896,6 +901,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 wh
|
| on = ss->opt.requireSafeNegotiation; break;
|
| case SSL_ENABLE_FALSE_START: on = ss->opt.enableFalseStart; break;
|
| case SSL_CBC_RANDOM_IV: on = ss->opt.cbcRandomIV; break;
|
| @@ -408,7 +408,7 @@
|
|
|
| default:
|
| PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| -@@ -939,6 +945,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBo
|
| +@@ -954,6 +960,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBo
|
| break;
|
| case SSL_ENABLE_FALSE_START: on = ssl_defaults.enableFalseStart; break;
|
| case SSL_CBC_RANDOM_IV: on = ssl_defaults.cbcRandomIV; break;
|
| @@ -418,7 +418,7 @@
|
|
|
| default:
|
| PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| -@@ -1098,6 +1107,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
|
| +@@ -1117,6 +1126,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
|
| ssl_defaults.cbcRandomIV = on;
|
| break;
|
|
|
| @@ -429,7 +429,7 @@
|
| default:
|
| PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| return SECFailure;
|
| -@@ -1735,6 +1748,36 @@ SSL_VersionRangeSet(PRFileDesc *fd, cons
|
| +@@ -1859,6 +1872,36 @@ SSL_VersionRangeSet(PRFileDesc *fd, cons
|
| return SECSuccess;
|
| }
|
|
|
| @@ -466,10 +466,10 @@
|
| /************************************************************************/
|
| /* The following functions are the TOP LEVEL SSL functions.
|
| ** They all get called through the NSPRIOMethods table below.
|
| -diff -pu -r a/src/net/third_party/nss/ssl/sslt.h b/src/net/third_party/nss/ssl/sslt.h
|
| ---- a/src/net/third_party/nss/ssl/sslt.h 2012-03-15 18:23:55.000000000 -0700
|
| -+++ b/src/net/third_party/nss/ssl/sslt.h 2012-03-19 14:34:51.634539426 -0700
|
| -@@ -207,6 +207,7 @@ typedef enum {
|
| +diff -pu -r a/net/third_party/nss/ssl/sslt.h b/net/third_party/nss/ssl/sslt.h
|
| +--- a/net/third_party/nss/ssl/sslt.h 2012-06-06 19:06:19.000000000 -0700
|
| ++++ b/net/third_party/nss/ssl/sslt.h 2012-11-09 15:29:10.333701086 -0800
|
| +@@ -175,6 +175,7 @@ typedef enum {
|
| /* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */
|
| typedef enum {
|
| ssl_server_name_xtn = 0,
|
| @@ -477,11 +477,11 @@
|
| #ifdef NSS_ENABLE_ECC
|
| ssl_elliptic_curves_xtn = 10,
|
| ssl_ec_point_formats_xtn = 11,
|
| -@@ -216,6 +217,6 @@ typedef enum {
|
| +@@ -185,6 +186,6 @@ typedef enum {
|
| ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
|
| } SSLExtensionType;
|
|
|
| --#define SSL_MAX_EXTENSIONS 6
|
| -+#define SSL_MAX_EXTENSIONS 7
|
| +-#define SSL_MAX_EXTENSIONS 7
|
| ++#define SSL_MAX_EXTENSIONS 8
|
|
|
| #endif /* __sslt_h_ */
|
|
|
Chromium Code Reviews
Issue 11275240:
Update net/third_party/nss/ssl to NSS 3.14. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/