Update net/third_party/nss to NSS_3_15_5_BETA2.

net/third_party/nss/patches/fallbackscsv.patch

 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
---- a/nss/lib/ssl/ssl3con.c     2014-01-03 19:44:44.807185186 -0800
-+++ b/nss/lib/ssl/ssl3con.c     2014-01-03 19:44:54.857349534 -0800
+--- a/nss/lib/ssl/ssl3con.c     2014-01-17 18:46:51.999581198 -0800
++++ b/nss/lib/ssl/ssl3con.c     2014-01-17 18:47:05.509804656 -0800
 @@ -3473,6 +3473,9 @@ ssl3_HandleAlert(sslSocket *ss, sslBuffe
      case certificate_unknown:  error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
                                                                           break;
      case illegal_parameter:    error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;break;
 +    case inappropriate_fallback:
 +        error = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
 +        break;
  
      /* All alerts below are TLS only. */
      case unknown_ca:           error = SSL_ERROR_UNKNOWN_CA_ALERT;       break;
@@ skipping 39 matching lines @@
 +                                       sizeof(ssl3CipherSuite));
 +       if (rv != SECSuccess) {
 +           if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); }
 +           return rv;  /* err set by ssl3_AppendHandshake* */
 +       }
 +       actual_count++;
 +    }
      for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
         ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
         if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) {
-@@ -5416,6 +5437,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBo
- 
-        extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes);
-        if (extLen < 0) {
-+           if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); }
-            return SECFailure;
-        }
-        maxBytes -= extLen;
-@@ -8083,6 +8105,19 @@ ssl3_HandleClientHello(sslSocket *ss, SS
+@@ -8084,6 +8105,19 @@ ssl3_HandleClientHello(sslSocket *ss, SS
         goto loser;             /* malformed */
      }
  
 +    /* If the ClientHello version is less than our maximum version, check for a
 +     * TLS_FALLBACK_SCSV and reject the connection if found. */
 +    if (ss->vrange.max > ss->clientHelloVersion) {
 +       for (i = 0; i + 1 < suites.len; i += 2) {
 +           PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
 +           if (suite_i != TLS_FALLBACK_SCSV)
 +               continue;
 +           desc = inappropriate_fallback;
 +           errCode = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
 +           goto alert_loser;
 +       }
 +    }
 +
      /* grab the list of compression methods. */
      rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
      if (rv != SECSuccess) {
 diff -pu a/nss/lib/ssl/ssl3prot.h b/nss/lib/ssl/ssl3prot.h
---- a/nss/lib/ssl/ssl3prot.h    2014-01-03 19:39:28.442012014 -0800
-+++ b/nss/lib/ssl/ssl3prot.h    2014-01-03 19:44:54.857349534 -0800
+--- a/nss/lib/ssl/ssl3prot.h    2014-01-17 17:59:03.242109996 -0800
++++ b/nss/lib/ssl/ssl3prot.h    2014-01-17 18:47:05.509804656 -0800
 @@ -98,6 +98,7 @@ typedef enum {
      protocol_version        = 70,
      insufficient_security   = 71,
      internal_error          = 80,
 +    inappropriate_fallback  = 86,      /* could also be sent for SSLv3 */
      user_canceled           = 90,
      no_renegotiation        = 100,
  
 diff -pu a/nss/lib/ssl/sslerr.h b/nss/lib/ssl/sslerr.h
---- a/nss/lib/ssl/sslerr.h      2014-01-03 19:39:28.442012014 -0800
-+++ b/nss/lib/ssl/sslerr.h      2014-01-03 19:44:54.877349862 -0800
+--- a/nss/lib/ssl/sslerr.h      2014-01-17 17:59:03.242109996 -0800
++++ b/nss/lib/ssl/sslerr.h      2014-01-17 18:47:05.509804656 -0800
 @@ -196,6 +196,7 @@ SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM
  SSL_ERROR_BAD_CHANNEL_ID_DATA = (SSL_ERROR_BASE + 129),
  SSL_ERROR_INVALID_CHANNEL_ID_KEY = (SSL_ERROR_BASE + 130),
  SSL_ERROR_GET_CHANNEL_ID_FAILED = (SSL_ERROR_BASE + 131),
 +SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 132),
  
  SSL_ERROR_END_OF_LIST  /* let the c compiler determine the value of this. */
  } SSLErrorCodes;
 diff -pu a/nss/lib/ssl/SSLerrs.h b/nss/lib/ssl/SSLerrs.h
---- a/nss/lib/ssl/SSLerrs.h     2014-01-03 19:39:28.442012014 -0800
-+++ b/nss/lib/ssl/SSLerrs.h     2014-01-03 19:44:54.907350351 -0800
+--- a/nss/lib/ssl/SSLerrs.h     2014-01-17 17:59:03.242109996 -0800
++++ b/nss/lib/ssl/SSLerrs.h     2014-01-17 18:47:05.509804656 -0800
 @@ -421,3 +421,8 @@ ER3(SSL_ERROR_INVALID_CHANNEL_ID_KEY, (S
  
  ER3(SSL_ERROR_GET_CHANNEL_ID_FAILED, (SSL_ERROR_BASE + 131),
  "The application could not get a TLS Channel ID.")
 +
 +ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 132),
 +"The connection was using a lesser TLS version as a result of a previous"
 +" handshake failure, but the server indicated that it should not have been"
 +" needed.")
 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
---- a/nss/lib/ssl/ssl.h 2014-01-03 19:44:44.807185186 -0800
-+++ b/nss/lib/ssl/ssl.h 2014-01-03 19:44:54.907350351 -0800
-@@ -163,6 +163,8 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRF
- #define SSL_ENABLE_OCSP_STAPLING       24 /* Request OCSP stapling (client) */
+--- a/nss/lib/ssl/ssl.h 2014-01-17 18:46:51.999581198 -0800
++++ b/nss/lib/ssl/ssl.h 2014-01-17 18:48:54.971613341 -0800
+@@ -183,6 +183,8 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRF
+ 
  /* Request Signed Certificate Timestamps via TLS extension (client) */
- #define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 25
-+#define SSL_ENABLE_FALLBACK_SCSV       26 /* Send fallback SCSV in
+ #define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 27
++#define SSL_ENABLE_FALLBACK_SCSV       28 /* Send fallback SCSV in
 +                                           * handshakes. */
  
  #ifdef SSL_DEPRECATED_FUNCTION 
  /* Old deprecated function names */
 diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
---- a/nss/lib/ssl/sslimpl.h     2014-01-03 19:44:44.807185186 -0800
-+++ b/nss/lib/ssl/sslimpl.h     2014-01-03 19:44:54.907350351 -0800
-@@ -336,6 +336,7 @@ typedef struct sslOptionsStr {
-     unsigned int cbcRandomIV                : 1;  /* 24 */
-     unsigned int enableOCSPStapling        : 1;  /* 25 */
-     unsigned int enableSignedCertTimestamps : 1;  /* 26 */
-+    unsigned int enableFallbackSCSV        : 1;  /* 27 */
+--- a/nss/lib/ssl/sslimpl.h     2014-01-17 18:46:51.999581198 -0800
++++ b/nss/lib/ssl/sslimpl.h     2014-01-17 18:51:17.963962287 -0800
+@@ -338,6 +338,7 @@ typedef struct sslOptionsStr {
+     unsigned int enableNPN              : 1;  /* 26 */
+     unsigned int enableALPN             : 1;  /* 27 */
+     unsigned int enableSignedCertTimestamps : 1;  /* 28 */
++    unsigned int enableFallbackSCSV     : 1;  /* 29 */
  } sslOptions;
  
  typedef enum { sslHandshakingUndetermined = 0,
 diff -pu a/nss/lib/ssl/sslproto.h b/nss/lib/ssl/sslproto.h
---- a/nss/lib/ssl/sslproto.h    2014-01-03 19:43:07.025586219 -0800
-+++ b/nss/lib/ssl/sslproto.h    2014-01-03 19:44:54.907350351 -0800
+--- a/nss/lib/ssl/sslproto.h    2014-01-17 18:10:16.793281867 -0800
++++ b/nss/lib/ssl/sslproto.h    2014-01-17 18:47:05.509804656 -0800
 @@ -172,6 +172,11 @@
   */
  #define TLS_EMPTY_RENEGOTIATION_INFO_SCSV      0x00FF
  
 +/* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a
 + * handshake is the result of TLS version fallback. This value is not IANA
 + * assigned. */
 +#define TLS_FALLBACK_SCSV                      0x5600
 +
  /* Cipher Suite Values starting with 0xC000 are defined in informational
   * RFCs.
   */
 diff -pu a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
---- a/nss/lib/ssl/sslsock.c     2014-01-03 19:44:44.807185186 -0800
-+++ b/nss/lib/ssl/sslsock.c     2014-01-03 19:44:54.907350351 -0800
-@@ -86,7 +86,8 @@ static sslOptions ssl_defaults = {
-     PR_FALSE,   /* enableFalseStart   */
-     PR_TRUE,    /* cbcRandomIV        */
+--- a/nss/lib/ssl/sslsock.c     2014-01-17 18:46:52.009581364 -0800
++++ b/nss/lib/ssl/sslsock.c     2014-01-17 18:59:17.931852364 -0800
+@@ -88,7 +88,8 @@ static sslOptions ssl_defaults = {
      PR_FALSE,   /* enableOCSPStapling */
+     PR_TRUE,    /* enableNPN          */
+     PR_FALSE,   /* enableALPN         */
 -    PR_FALSE    /* enableSignedCertTimestamps */
 +    PR_FALSE,   /* enableSignedCertTimestamps */
 +    PR_FALSE    /* enableFallbackSCSV */
  };
  
  /*
-@@ -782,6 +783,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
-        ss->opt.enableSignedCertTimestamps = on;
-        break;
+@@ -792,6 +793,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
+        ss->opt.enableSignedCertTimestamps = on;
+        break;
  
 +      case SSL_ENABLE_FALLBACK_SCSV:
 +       ss->opt.enableFallbackSCSV = on;
 +       break;
 +
        default:
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         rv = SECFailure;
-@@ -855,6 +860,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 wh
+@@ -867,6 +872,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 wh
      case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-        on = ss->opt.enableSignedCertTimestamps;
-        break;
+        on = ss->opt.enableSignedCertTimestamps;
+        break;
 +    case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break;
  
      default:
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -919,6 +925,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBo
+@@ -933,6 +939,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBo
      case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
-        on = ssl_defaults.enableSignedCertTimestamps;
-        break;
+        on = ssl_defaults.enableSignedCertTimestamps;
+        break;
 +    case SSL_ENABLE_FALLBACK_SCSV:
-+       on = ssl_defaults.enableFallbackSCSV;
-+       break;
++       on = ssl_defaults.enableFallbackSCSV;
++       break;
  
      default:
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -1090,6 +1099,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
-        ssl_defaults.enableSignedCertTimestamps = on;
-        break;
+@@ -1112,6 +1121,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
+        ssl_defaults.enableSignedCertTimestamps = on;
+        break;
  
 +      case SSL_ENABLE_FALLBACK_SCSV:
 +       ssl_defaults.enableFallbackSCSV = on;
 +       break;
 +
        default:
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;