diff options
Diffstat (limited to 'net/third_party/nss/ssl')
| -rw-r--r-- | net/third_party/nss/ssl/ssl.h | 6 | ||||
| -rw-r--r-- | net/third_party/nss/ssl/ssl3con.c | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h index 0bc02f8..a2e3984 100644 --- a/net/third_party/nss/ssl/ssl.h +++ b/net/third_party/nss/ssl/ssl.h @@ -128,9 +128,9 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd); /* Renegotiation Info (RI) */ /* extension in ALL handshakes. */ /* default: off */ -#define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */ - /* default, applies only to */ - /* clients). False start is a */ +#define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */ + /* default, applies only to */ + /* clients). False start is a */ /* mode where an SSL client will start sending application data before */ /* verifying the server's Finished message. This means that we could end up */ /* sending data to an imposter. However, the data will be encrypted and */ diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c index 9b671e7..c99a38f 100644 --- a/net/third_party/nss/ssl/ssl3con.c +++ b/net/third_party/nss/ssl/ssl3con.c @@ -5748,7 +5748,7 @@ ssl3_HandleServerHelloDone(sslSocket *ss) else ss->ssl3.hs.ws = wait_change_cipher; - /* Do the handshake callback for sslv3 here. */ + /* Do the handshake callback for sslv3 here, if we can false start. */ if (ss->handshakeCallback != NULL && ssl3_CanFalseStart(ss)) { (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData); } @@ -8570,7 +8570,7 @@ xmit_loser: } ss->ssl3.hs.ws = idle_handshake; - /* Do the handshake callback for sslv3 here. */ + /* Do the handshake callback for sslv3 here, if we cannot false start. */ if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) { (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData); } |