net/third_party/nss/ssl/sslimpl.h - Issue 27254004: Make SSL False Start work with asynchronous certificate validation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/ssl/sslimpl.h

Issue 27254004: Make SSL False Start work with asynchronous certificate validation (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: What was checked in to NSS upstream Created 7 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/third_party/nss/ssl/sslimpl.h

===================================================================

--- net/third_party/nss/ssl/sslimpl.h (revision 227672)

+++ net/third_party/nss/ssl/sslimpl.h (working copy)

@@ -881,6 +881,8 @@

/* Shared state between ssl3_HandleFinished and ssl3_FinishHandshake */

PRBool cacheSID;

+ PRBool canFalseStart; /* Can/did we False Start */

/* clientSigAndHash contains the contents of the signature_algorithms

* extension (if any) from the client. This is only valid for TLS 1.2

* or later. */

@@ -1162,6 +1164,10 @@

unsigned long clientAuthRequested;

unsigned long delayDisabled; /* Nagle delay disabled */

unsigned long firstHsDone; /* first handshake is complete. */

+ unsigned long enoughFirstHsDone; /* enough of the first handshake is

+ * done for callbacks to be able to

+ * retrieve channel security

+ * parameters from the SSL socket. */

unsigned long handshakeBegun;

unsigned long lastWriteBlocked;

unsigned long recvdCloseNotify; /* received SSL EOF. */

@@ -1210,6 +1216,8 @@

void *badCertArg;

SSLHandshakeCallback handshakeCallback;

void *handshakeCallbackData;

+ SSLCanFalseStartCallback canFalseStartCallback;

+ void *canFalseStartCallbackData;

void *pkcs11PinArg;

SSLNextProtoCallback nextProtoCallback;

void *nextProtoArg;

@@ -1423,7 +1431,19 @@

extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);

-extern PRBool ssl3_CanFalseStart(sslSocket *ss);

+extern void ssl_FinishHandshake(sslSocket *ss);

+/* Returns PR_TRUE if we are still waiting for the server to respond to our

+ * client second round. Once we've received any part of the server's second

+ * round then we don't bother trying to false start since it is almost always

+ * the case that the NewSessionTicket, ChangeCipherSoec, and Finished messages

+ * were sent in the same packet and we want to process them all at the same

+ * time. If we were to try to false start in the middle of the server's second

+ * round, then we would increase the number of I/O operations

+ * (SSL_ForceHandshake/PR_Recv/PR_Send/etc.) needed to finish the handshake.

+ */

+extern PRBool ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss);

extern SECStatus

ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec,

PRBool isServer,

« net/third_party/nss/ssl/ssl3gthr.c ('K') | « net/third_party/nss/ssl/sslauth.c ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »