diff options
Diffstat (limited to 'chromium/net/third_party/nss/patches/resumeclienthelloversion.patch')
-rw-r--r-- | chromium/net/third_party/nss/patches/resumeclienthelloversion.patch | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/chromium/net/third_party/nss/patches/resumeclienthelloversion.patch b/chromium/net/third_party/nss/patches/resumeclienthelloversion.patch deleted file mode 100644 index 7c330c71fff..00000000000 --- a/chromium/net/third_party/nss/patches/resumeclienthelloversion.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c -index d22a7d6..a7617fb 100644 ---- a/nss/lib/ssl/ssl3con.c -+++ b/nss/lib/ssl/ssl3con.c -@@ -2865,12 +2865,14 @@ ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec, - * Forces the use of the provided epoch - * ssl_SEND_FLAG_CAP_RECORD_VERSION - * Caps the record layer version number of TLS ClientHello to { 3, 1 } -- * (TLS 1.0). Some TLS 1.0 servers (which seem to use F5 BIG-IP) ignore -+ * (TLS 1.0). Some TLS 1.0 servers (which seem to use F5 BIG-IP) ignore - * ClientHello.client_version and use the record layer version number - * (TLSPlaintext.version) instead when negotiating protocol versions. In - * addition, if the record layer version number of ClientHello is { 3, 2 } -- * (TLS 1.1) or higher, these servers reset the TCP connections. Set this -- * flag to work around such servers. -+ * (TLS 1.1) or higher, these servers reset the TCP connections. Lastly, -+ * some F5 BIG-IP servers hang if a record containing a ClientHello has a -+ * version greater than 0x0301 and a length greater than 255. Set this flag -+ * to work around such servers. - */ - PRInt32 - ssl3_SendRecord( sslSocket * ss, -@@ -5363,7 +5365,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) - } - - flags = 0; -- if (!ss->firstHsDone && !requestingResume && !IS_DTLS(ss)) { -+ if (!ss->firstHsDone && !IS_DTLS(ss)) { - flags |= ssl_SEND_FLAG_CAP_RECORD_VERSION; - } - rv = ssl3_FlushHandshake(ss, flags); |