diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-14 14:46:53 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-14 14:46:53 +0000 |
| commit | dd43578d4929c6502944871bc752905d5b61566f (patch) | |
| tree | 7c97a22ead70c2680b0213f9c88efcc5b349f032 /net/third_party | |
| parent | b24ca00f664f2b6d49ab8f0703de5b21c7dc2e46 (diff) | |
| download | chromium_src-dd43578d4929c6502944871bc752905d5b61566f.zip chromium_src-dd43578d4929c6502944871bc752905d5b61566f.tar.gz chromium_src-dd43578d4929c6502944871bc752905d5b61566f.tar.bz2 | |
NSS: Call handshake callback with False Start and Snap Start.
Previously, we wouldn't call the handshake callback if both False
Start and Snap Start were enabled on a connection.
BUG=none
TEST=none, because we haven't got the Snap Start code in yet.
http://codereview.chromium.org/3247006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59371 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/third_party')
| -rw-r--r-- | net/third_party/nss/ssl/ssl3con.c | 34 |
1 files changed, 14 insertions, 20 deletions
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c index 13d91507..16ef9df 100644 --- a/net/third_party/nss/ssl/ssl3con.c +++ b/net/third_party/nss/ssl/ssl3con.c @@ -2791,16 +2791,6 @@ ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf) SSL_TRC(3, ("%d: SSL3[%d] Set Current Read Cipher Suite to Pending", SSL_GETPID(), ss->fd )); - if (ss->ssl3.hs.snapStartType == snap_start_resume) { - /* If the server sent us a ChangeCipherSpec message then our Snap Start - * resume handshake was successful and we need to switch our current - * write cipher spec to reflect the ChangeCipherSpec message embedded - * in the ClientHello that the server has now processed. */ - ssl3_DestroyCipherSpec(ss->ssl3.cwSpec, PR_TRUE/*freeSrvName*/); - ss->ssl3.cwSpec = ss->ssl3.pwSpec; - ss->ssl3.pwSpec = NULL; - } - /* If we are really through with the old cipher prSpec * (Both the read and write sides have changed) destroy it. */ @@ -7597,15 +7587,6 @@ ssl3_HandleNewSessionTicket(sslSocket *ss, SSL3Opaque *b, PRUint32 length) return SECFailure; } - if (ss->ssl3.hs.snapStartType == snap_start_full) { - /* Snap Start handshake was successful. Switch the cipher spec. */ - ssl_GetSpecWriteLock(ss); - ssl3_DestroyCipherSpec(ss->ssl3.cwSpec, PR_TRUE/*freeSrvName*/); - ss->ssl3.cwSpec = ss->ssl3.pwSpec; - ss->ssl3.pwSpec = NULL; - ssl_ReleaseSpecWriteLock(ss); - } - session_ticket.received_timestamp = ssl_Time(); if (length < 4) { (void)SSL3_SendAlert(ss, alert_fatal, decode_error); @@ -8491,6 +8472,16 @@ ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length, return SECFailure; } + if (ss->ssl3.hs.snapStartType == snap_start_full || + ss->ssl3.hs.snapStartType == snap_start_resume) { + /* Snap Start handshake was successful. Switch the cipher spec. */ + ssl_GetSpecWriteLock(ss); + ssl3_DestroyCipherSpec(ss->ssl3.cwSpec, PR_TRUE/*freeSrvName*/); + ss->ssl3.cwSpec = ss->ssl3.pwSpec; + ss->ssl3.pwSpec = NULL; + ssl_ReleaseSpecWriteLock(ss); + } + isTLS = (PRBool)(ss->ssl3.crSpec->version > SSL_LIBRARY_VERSION_3_0); if (isTLS) { TLSFinished tlsFinished; @@ -8663,7 +8654,10 @@ xmit_loser: ss->ssl3.hs.ws = idle_handshake; /* Do the handshake callback for sslv3 here, if we cannot false start. */ - if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) { + if (ss->handshakeCallback != NULL && + (!ssl3_CanFalseStart(ss) || + ss->ssl3.hs.snapStartType == snap_start_full || + ss->ssl3.hs.snapStartType == snap_start_resume)) { (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData); } |