3 files changed, 40 insertions, 0 deletions
diff --git a/third_party/tlslite/README.chromium b/third_party/tlslite/README.chromium
index 3fc9665..c9b8845 100644
--- a/third_party/tlslite/README.chromium
+++ b/third_party/tlslite/README.chromium
@@ -25,3 +25,7 @@ Local Modifications:
   default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's
   Secure Transport library rejects an empty list and raises an SSL protocol
   error.
+- patches/false_start_corking.patch: tlslite/TLSRecordLayer.py was changed to
+  report if data was pending on the socket when a Finished handshake message is
+  processed. This allows us to test that our SSL client sockets are corking
+  False Start application data correctly.
diff --git a/third_party/tlslite/patches/false_start_corking.patch b/third_party/tlslite/patches/false_start_corking.patch
new file mode 100644
index 0000000..feebe34
--- /dev/null
+++ b/third_party/tlslite/patches/false_start_corking.patch
@@ -0,0 +1,27 @@
+diff --git a/tlslite/TLSRecordLayer.py b/tlslite/TLSRecordLayer.py
+index 1bbd09d..44cd33e 100644
+--- a/tlslite/TLSRecordLayer.py
++++ b/tlslite/TLSRecordLayer.py
+@@ -161,6 +161,10 @@ class TLSRecordLayer:
+         #Fault we will induce, for testing purposes
+         self.fault = None
+ 
++        # Set to true if we observe a corked False Start (i.e., there's a
++        # record pending when we read the Finished.)
++        self.corkedFalseStart = False
++
+     #*********************************************************
+     # Public Functions START
+     #*********************************************************
+@@ -713,6 +717,11 @@ class TLSRecordLayer:
+                     yield ClientKeyExchange(constructorType, \
+                                             self.version).parse(p)
+                 elif subType == HandshakeType.finished:
++                    try:
++                      m = self.sock.recv(1, socket.MSG_PEEK | socket.MSG_DONTWAIT)
++                      self.corkedFalseStart = len(m) == 1
++                    except:
++                      pass
+                     yield Finished(self.version).parse(p)
+                 else:
+                     raise AssertionError()
diff --git a/third_party/tlslite/tlslite/TLSRecordLayer.py b/third_party/tlslite/tlslite/TLSRecordLayer.py
index 1bbd09d..44cd33e 100644
--- a/third_party/tlslite/tlslite/TLSRecordLayer.py
+++ b/third_party/tlslite/tlslite/TLSRecordLayer.py
@@ -161,6 +161,10 @@ class TLSRecordLayer:
         #Fault we will induce, for testing purposes
         self.fault = None
 
+        # Set to true if we observe a corked False Start (i.e., there's a
+        # record pending when we read the Finished.)
+        self.corkedFalseStart = False
+
     #*********************************************************
     # Public Functions START
     #*********************************************************
@@ -713,6 +717,11 @@ class TLSRecordLayer:
                     yield ClientKeyExchange(constructorType, \
                                             self.version).parse(p)
                 elif subType == HandshakeType.finished:
+                    try:
+                      m = self.sock.recv(1, socket.MSG_PEEK | socket.MSG_DONTWAIT)
+                      self.corkedFalseStart = len(m) == 1
+                    except:
+                      pass
                     yield Finished(self.version).parse(p)
                 else:
                     raise AssertionError()