Support new ChannelID extension.

net/third_party/nss/ssl/sslimpl.h

Index: net/third_party/nss/ssl/sslimpl.h
diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h
index 614eed145ecf3a35994c46b1b7cabbd141cf1b51..bc0e85c1f6351410e8bb311d99685b3c9bdb3fdb 100644
--- a/net/third_party/nss/ssl/sslimpl.h
+++ b/net/third_party/nss/ssl/sslimpl.h
@@ -698,6 +698,14 @@ struct sslSessionIDStr {
 	     */
 	    NewSessionTicket  sessionTicket;
             SECItem           srvName;
+
+	    /* lastHandshakeHash contains the hash of the original, full
+	     * handshake. This is either a SHA-1/MD5 combination (for TLS <

[wtc, 2013/11/14 00:50:56]

IMPORTANT: this hash does not include the final handshake message flow from the
server (optional NewSessionTicket, and Finished). So this comment is confusing.

[agl, 2013/11/14 18:50:42]

Done.

+	     * 1.2) or a SHA-2 hash (for TLS 1.2). This is recorded and used

[wtc, 2013/11/14 00:50:56]

To be future proof, we should say this is the hash of the TLS PRF for TLS 1.2.

[agl, 2013/11/14 18:50:42]

Done.

+	     * only when ChannelID is negotiated as it's used to bind the
+	     * ChannelID signature on the resumption handshake to the original
+	     * handshake. */
+	    SECItem           lastHandshakeHash;

[wtc, 2013/11/14 00:50:56]

Nit: "last" can also be interpreted to mean the initial handshake (as opposed to
a subsequent renegotiation), or even the previous handshake. Perhaps we should
name this "fullHandshakeHash" or "originalHandshakeHash"?

[agl, 2013/11/14 18:50:42]

Went with originalHandshakeHash.

 	} ssl3;
     } u;
 };