Update to NSS 3.12.7 and NSPR 4.8.6 (original review URL

http://codereview.chromium.org/3135002/show).

Map PR_INVALID_ARGUMENT_ERROR and SEC_ERROR_INVALID_ARGS
to net::ERR_INVALID_ARGUMENT.  This allows us to fail the
SSL handshake with net::ERR_INVALID_ARGUMENT instead of
the default net::ERR_FAILED when we connect to broken
servers that use tiny keys for DHE cipher suites.

R=agl
BUG=51694
TEST=No build errors or test failures
Review URL: http://codereview.chromium.org/3132005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55741 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 5 insertions, 0 deletions

diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index e935f80..8331e18 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -182,6 +182,11 @@ int MapNSPRError(PRErrorCode err) {
       return ERR_ADDRESS_UNREACHABLE;
     case PR_ADDRESS_NOT_AVAILABLE_ERROR:
       return ERR_ADDRESS_INVALID;
+    case PR_INVALID_ARGUMENT_ERROR:
+      return ERR_INVALID_ARGUMENT;
+
+    case SEC_ERROR_INVALID_ARGS:
+      return ERR_INVALID_ARGUMENT;
 
     case SSL_ERROR_SSL_DISABLED:
       return ERR_NO_SSL_VERSIONS_ENABLED;