Removing NSS files and USE_OPENSSL flag

net/third_party/nss/patches/cachecerts.patch

Index: net/third_party/nss/patches/cachecerts.patch
diff --git a/net/third_party/nss/patches/cachecerts.patch b/net/third_party/nss/patches/cachecerts.patch
deleted file mode 100644
index 196bb278194ee41bdbc5e6ee6b11fb8f73bc3161..0000000000000000000000000000000000000000
--- a/net/third_party/nss/patches/cachecerts.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
-index c3698f3..b8d4784 100644
---- a/lib/ssl/ssl3con.c
-+++ b/lib/ssl/ssl3con.c
-@@ -47,6 +47,7 @@
- 
- static SECStatus ssl3_AuthCertificate(sslSocket *ss);
- static void ssl3_CleanupPeerCerts(sslSocket *ss);
-+static void ssl3_CopyPeerCertsFromSID(sslSocket *ss, sslSessionID *sid);
- static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
-                                        PK11SlotInfo *serverKeySlot);
- static SECStatus ssl3_DeriveMasterSecret(sslSocket *ss, PK11SymKey *pms);
-@@ -7102,6 +7103,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-             /* copy the peer cert from the SID */
-             if (sid->peerCert != NULL) {
-                 ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
-+                ssl3_CopyPeerCertsFromSID(ss, sid);
-             }
- 
-             /* NULL value for PMS because we are reusing the old MS */
-@@ -8266,6 +8268,44 @@ ssl3_KEAAllowsSessionTicket(SSL3KeyExchangeAlgorithm kea)
-     };
- }
- 
-+static void
-+ssl3_CopyPeerCertsFromSID(sslSocket *ss, sslSessionID *sid)
-+{
-+    PLArenaPool *arena;
-+    ssl3CertNode *lastCert = NULL;
-+    ssl3CertNode *certs = NULL;
-+    int i;
-+
-+    if (!sid->peerCertChain[0])
-+        return;
-+    PORT_Assert(!ss->ssl3.peerCertArena);
-+    PORT_Assert(!ss->ssl3.peerCertChain);
-+    ss->ssl3.peerCertArena = arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-+    for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) {
-+        ssl3CertNode *c = PORT_ArenaNew(arena, ssl3CertNode);
-+        c->cert = CERT_DupCertificate(sid->peerCertChain[i]);
-+        c->next = NULL;
-+        if (lastCert) {
-+            lastCert->next = c;
-+        } else {
-+            certs = c;
-+        }
-+        lastCert = c;
-+    }
-+    ss->ssl3.peerCertChain = certs;
-+}
-+
-+static void
-+ssl3_CopyPeerCertsToSID(ssl3CertNode *certs, sslSessionID *sid)
-+{
-+    int i = 0;
-+    ssl3CertNode *c = certs;
-+    for (; i < MAX_PEER_CERT_CHAIN_SIZE && c; i++, c = c->next) {
-+        PORT_Assert(!sid->peerCertChain[i]);
-+        sid->peerCertChain[i] = CERT_DupCertificate(c->cert);
-+    }
-+}
-+
- /* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
-  * ssl3 Client Hello message.
-  * Caller must hold Handshake and RecvBuf locks.
-@@ -8886,6 +8926,7 @@ compression_found:
-             ss->sec.ci.sid = sid;
-             if (sid->peerCert != NULL) {
-                 ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
-+                ssl3_CopyPeerCertsFromSID(ss, sid);
-             }
- 
-             /*
-@@ -11240,6 +11281,7 @@ ssl3_AuthCertificate(sslSocket *ss)
-     }
- 
-     ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-+    ssl3_CopyPeerCertsToSID(ss->ssl3.peerCertChain, ss->sec.ci.sid);
- 
-     if (!ss->sec.isServer) {
-         CERTCertificate *cert = ss->sec.peerCert;
-diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h
-index bce9437..10361a0 100644
---- a/lib/ssl/sslimpl.h
-+++ b/lib/ssl/sslimpl.h
-@@ -614,6 +614,8 @@ typedef enum { never_cached,
-                invalid_cache /* no longer in any cache. */
- } Cached;
- 
-+#define MAX_PEER_CERT_CHAIN_SIZE 8
-+
- struct sslSessionIDStr {
-     /* The global cache lock must be held when accessing these members when the
-      * sid is in any cache.
-@@ -628,6 +630,7 @@ struct sslSessionIDStr {
-      */
- 
-     CERTCertificate *peerCert;
-+    CERTCertificate *peerCertChain[MAX_PEER_CERT_CHAIN_SIZE];
-     SECItemArray peerCertStatus; /* client only */
-     const char *peerID;          /* client only */
-     const char *urlSvrName;      /* client only */
-diff --git a/lib/ssl/sslnonce.c b/lib/ssl/sslnonce.c
-index 85031c4..3216892 100644
---- a/lib/ssl/sslnonce.c
-+++ b/lib/ssl/sslnonce.c
-@@ -167,6 +167,7 @@ lock_cache(void)
- static void
- ssl_DestroySID(sslSessionID *sid)
- {
-+    int i;
-     SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
-     PORT_Assert(sid->references == 0);
-     PORT_Assert(sid->cached != in_client_cache);
-@@ -200,6 +201,9 @@ ssl_DestroySID(sslSessionID *sid)
-     if (sid->peerCert) {
-         CERT_DestroyCertificate(sid->peerCert);
-     }
-+    for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) {
-+	CERT_DestroyCertificate(sid->peerCertChain[i]);
-+    }
-     if (sid->peerCertStatus.items) {
-         SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE);
-     }