Bug 1401594 - land NSS NSS_3_34_BETA5 UPGRADE_NSS_RELEASE, r=ttaubert
authorFranziskus Kiefer <franziskuskiefer@gmail.com>
Thu, 09 Nov 2017 15:17:40 +0100
changeset 391054 40444386933a58ff76502f11863784a87ea0996a
parent 391053 af86f905265d01c9b908f3095a985dbf220f00e6
child 391055 9e2acadbdad8d0121330123e165404ba61a77ad0
push id32860
push userebalazs@mozilla.com
push dateFri, 10 Nov 2017 09:56:38 +0000
treeherdermozilla-central@864174ac0707 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersttaubert
bugs1401594
milestone58.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1401594 - land NSS NSS_3_34_BETA5 UPGRADE_NSS_RELEASE, r=ttaubert MozReview-Commit-ID: HdFnjDGJDcJ
security/nss/TAG-INFO
security/nss/cmd/tstclnt/tstclnt.c
security/nss/coreconf/coreconf.dep
security/nss/gtests/ssl_gtest/tls_agent.cc
security/nss/lib/ssl/sslexp.h
security/nss/lib/ssl/sslsock.c
security/nss/lib/ssl/tls13con.c
security/nss/lib/ssl/tls13con.h
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-NSS_3_34_BETA3
+NSS_3_34_BETA5
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ b/security/nss/cmd/tstclnt/tstclnt.c
@@ -1178,17 +1178,17 @@ run_client(void)
             SECU_PrintError(progName, "error enabling 0-RTT");
             error = 1;
             goto done;
         }
     }
 
     /* Alternate ServerHello content type (TLS 1.3 only) */
     if (enableAltServerHello) {
-        rv = SSL_UseAltHandshakeType(s, PR_TRUE);
+        rv = SSL_UseAltServerHelloType(s, PR_TRUE);
         if (rv != SECSuccess) {
             SECU_PrintError(progName, "error enabling alternate ServerHello type");
             error = 1;
             goto done;
         }
     }
 
     /* require the use of fixed finite-field DH groups */
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -5,8 +5,9 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
+
--- a/security/nss/gtests/ssl_gtest/tls_agent.cc
+++ b/security/nss/gtests/ssl_gtest/tls_agent.cc
@@ -382,17 +382,17 @@ void TlsAgent::SetShortHeadersEnabled() 
 
   SECStatus rv = SSLInt_EnableShortHeaders(ssl_fd());
   EXPECT_EQ(SECSuccess, rv);
 }
 
 void TlsAgent::SetAltHandshakeTypeEnabled() {
   EXPECT_TRUE(EnsureTlsSetup());
 
-  SECStatus rv = SSL_UseAltHandshakeType(ssl_fd(), PR_TRUE);
+  SECStatus rv = SSL_UseAltServerHelloType(ssl_fd(), PR_TRUE);
   EXPECT_EQ(SECSuccess, rv);
 }
 
 void TlsAgent::SetVersionRange(uint16_t minver, uint16_t maxver) {
   vrange_.min = minver;
   vrange_.max = maxver;
 
   if (ssl_fd()) {
--- a/security/nss/lib/ssl/sslexp.h
+++ b/security/nss/lib/ssl/sslexp.h
@@ -21,16 +21,16 @@ SEC_BEGIN_PROTOS
     (SSL_GetExperimentalAPI(name)                                   \
          ? ((SECStatus(*) arglist)SSL_GetExperimentalAPI(name))args \
          : SECFailure)
 
 /* Make the TLS 1.3 handshake mimic TLS 1.2 session resumption.
  * This will either become part of the standard or be disabled
  * after we have tested it.
  */
-#define SSL_UseAltHandshakeType(fd, enable)                  \
-    SSL_EXPERIMENTAL_API("SSL_UseAltHandshakeType",          \
+#define SSL_UseAltServerHelloType(fd, enable)                \
+    SSL_EXPERIMENTAL_API("SSL_UseAltServerHelloType",        \
                          (PRFileDesc * _fd, PRBool _enable), \
                          (fd, enable))
 
 SEC_END_PROTOS
 
 #endif /* __sslexp_h_ */
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -3870,17 +3870,17 @@ SSL_CanBypass(CERTCertificate *cert, SEC
     {                      \
         "SSL_" #n, SSL_##n \
     }
 struct {
     const char *const name;
     void *function;
 } ssl_experimental_functions[] = {
 #ifndef SSL_DISABLE_EXPERIMENTAL_API
-    EXP(UseAltHandshakeType),
+    EXP(UseAltServerHelloType),
 #endif
     { "", NULL }
 };
 #undef EXP
 #undef PUB
 
 void *
 SSL_GetExperimentalAPI(const char *name)
--- a/security/nss/lib/ssl/tls13con.c
+++ b/security/nss/lib/ssl/tls13con.c
@@ -4607,23 +4607,23 @@ tls13_NegotiateVersion(sslSocket *ss, co
         }
     }
 
     FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_VERSION, protocol_version);
     return SECFailure;
 }
 
 SECStatus
-SSLExp_UseAltHandshakeType(PRFileDesc *fd, PRBool enable)
+SSLExp_UseAltServerHelloType(PRFileDesc *fd, PRBool enable)
 {
     sslSocket *ss;
 
     ss = ssl_FindSocket(fd);
     if (!ss || IS_DTLS(ss)) {
-        SSL_DBG(("%d: SSL[%d]: bad socket in SSLExp_UseAltHandshakeType",
+        SSL_DBG(("%d: SSL[%d]: bad socket in SSLExp_UseAltServerHelloType",
                  SSL_GETPID(), fd));
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
 
     ss->opt.enableAltHandshaketype = enable;
 
     return SECSuccess;
--- a/security/nss/lib/ssl/tls13con.h
+++ b/security/nss/lib/ssl/tls13con.h
@@ -80,12 +80,12 @@ PRInt32 tls13_Read0RttData(sslSocket *ss
 SECStatus tls13_HandleEndOfEarlyData(sslSocket *ss);
 SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf);
 PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid);
 PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version);
 PRUint16 tls13_EncodeAltDraftVersion(SSL3ProtocolVersion version);
 SECStatus tls13_NegotiateVersion(sslSocket *ss,
                                  const TLSExtension *supported_versions);
 SECStatus tls13_SendNewSessionTicket(sslSocket *ss);
-SECStatus SSLExp_UseAltHandshakeType(PRFileDesc *fd, PRBool enable);
+SECStatus SSLExp_UseAltServerHelloType(PRFileDesc *fd, PRBool enable);
 void tls13_SetSpecRecordVersion(sslSocket *ss, ssl3CipherSpec *spec);
 
 #endif /* __tls13con_h_ */