Index: net/third_party/nss/ssl/sslimpl.h |
=================================================================== |
--- net/third_party/nss/ssl/sslimpl.h (revision 227672) |
+++ net/third_party/nss/ssl/sslimpl.h (working copy) |
@@ -881,6 +881,8 @@ |
/* Shared state between ssl3_HandleFinished and ssl3_FinishHandshake */ |
PRBool cacheSID; |
+ PRBool canFalseStart; /* Can/did we False Start */ |
+ |
/* clientSigAndHash contains the contents of the signature_algorithms |
* extension (if any) from the client. This is only valid for TLS 1.2 |
* or later. */ |
@@ -1162,6 +1164,10 @@ |
unsigned long clientAuthRequested; |
unsigned long delayDisabled; /* Nagle delay disabled */ |
unsigned long firstHsDone; /* first handshake is complete. */ |
+ unsigned long enoughFirstHsDone; /* enough of the first handshake is |
+ * done for callbacks to be able to |
+ * retrieve channel security |
+ * parameters from the SSL socket. */ |
unsigned long handshakeBegun; |
unsigned long lastWriteBlocked; |
unsigned long recvdCloseNotify; /* received SSL EOF. */ |
@@ -1210,6 +1216,8 @@ |
void *badCertArg; |
SSLHandshakeCallback handshakeCallback; |
void *handshakeCallbackData; |
+ SSLCanFalseStartCallback canFalseStartCallback; |
+ void *canFalseStartCallbackData; |
void *pkcs11PinArg; |
SSLNextProtoCallback nextProtoCallback; |
void *nextProtoArg; |
@@ -1423,7 +1431,19 @@ |
extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled); |
-extern PRBool ssl3_CanFalseStart(sslSocket *ss); |
+extern void ssl_FinishHandshake(sslSocket *ss); |
+ |
+/* Returns PR_TRUE if we are still waiting for the server to respond to our |
+ * client second round. Once we've received any part of the server's second |
+ * round then we don't bother trying to false start since it is almost always |
+ * the case that the NewSessionTicket, ChangeCipherSoec, and Finished messages |
+ * were sent in the same packet and we want to process them all at the same |
+ * time. If we were to try to false start in the middle of the server's second |
+ * round, then we would increase the number of I/O operations |
+ * (SSL_ForceHandshake/PR_Recv/PR_Send/etc.) needed to finish the handshake. |
+ */ |
+extern PRBool ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss); |
+ |
extern SECStatus |
ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec, |
PRBool isServer, |