Index: net/socket/ssl_client_socket_nss.cc |
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc |
index e3d0a36bde4cab2402d52c77c3da0638615b7bad..a1014680df449b8f7758e7aa89b23a0e3f421e6f 100644 |
--- a/net/socket/ssl_client_socket_nss.cc |
+++ b/net/socket/ssl_client_socket_nss.cc |
@@ -1270,7 +1270,7 @@ SECStatus SSLClientSocketNSS::Core::CanFalseStartCallback( |
SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info)); |
if (ok != SECSuccess || channel_info.length != sizeof(channel_info) || |
channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 || |
- !IsSecureTLSCipherSuite(channel_info.cipherSuite)) { |
+ IsObsoleteTLSCipherSuite(channel_info.cipherSuite)) { |
estark
2016/04/18 11:46:44
I thought this change would be unnecessary based o
estark
2016/04/18 11:47:35
Also, presumably there's a corresponding change ne
davidben
2016/04/19 17:47:01
BoringSSL does the False Start check internally. T
estark
2016/04/19 21:31:47
Oh, gotcha, ok. Confusion about patch set 4 descri
lgarron
2016/04/25 23:56:54
Sorry, I made the patch description concise to the
|
*can_false_start = PR_FALSE; |
return SECSuccess; |
} |