net/third_party/nss/ssl/sslsock.c - Issue 595823003: Merge the server-side support of ALPN from the NSS upstream.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/ssl/sslsock.c

Issue 595823003: Merge the server-side support of ALPN from the NSS upstream. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Remove a comment that wasn't useful. Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/third_party/nss/ssl/sslsock.c

diff --git a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock.c

index 028cd98f5aef4da5e22833e66d36da971ddb6e46..421ba211c8564c587e66d53e55204e0a292f2dd2 100644

--- a/net/third_party/nss/ssl/sslsock.c

+++ b/net/third_party/nss/ssl/sslsock.c

@@ -1432,6 +1432,11 @@ DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd)

return ssl_ImportFD(model, fd, ssl_variant_datagram);

}

+/* SSL_SetNextProtoCallback is used to select an application protocol

+ * for ALPN and NPN. For ALPN, this runs on the server; for NPN it

+ * runs on the client. */

+/* Note: The ALPN version doesn't allow for the use of a default, setting a

+ * status of SSL_NEXT_PROTO_NO_OVERLAP is treated as a failure. */

SECStatus

SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback,

void *arg)

@@ -1452,7 +1457,7 @@ SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback,

return SECSuccess;

}

-/* ssl_NextProtoNegoCallback is set as an NPN callback for the case when

+/* ssl_NextProtoNegoCallback is set as an ALPN/NPN callback when

* SSL_SetNextProtoNego is used.

static SECStatus

@@ -1471,12 +1476,6 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd,

return SECFailure;

}

- if (protos_len == 0) {

- /* The server supports the extension, but doesn't have any protocols

- * configured. In this case we request our favoured protocol. */

- goto pick_first;

- }

/* For each protocol in server preference, see if we support it. */

for (i = 0; i < protos_len; ) {

for (j = 0; j < ss->opt.nextProtoNego.len; ) {

@@ -1493,7 +1492,10 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd,

i += 1 + (unsigned int)protos[i];

}

-pick_first:

+ /* The other side supports the extension, and either doesn't have any

+ * protocols configured, or none of its options match ours. In this case we

+ * request our favoured protocol. */

+ /* This will be treated as a failure for ALPN. */

ss->ssl3.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP;

result = ss->opt.nextProtoNego.data;

« no previous file with comments | « net/third_party/nss/ssl/sslerr.h ('k') | no next file » | no next file with comments »