Revert "Update NSS to 3.35-RTM"

This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.
author: wolfbeast <mcwerewolf@gmail.com> 2018-04-25 21:33:33 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-04-25 21:33:33 +0200
commit: fba28f19754f62b5227650143d5441fc86d4c7d7 (patch)
tree: 26629d73f83543ff92a060fd7b310bb748b13173 /security/nss/gtests/ssl_gtest/tls_agent.h
parent: b4154e043bfc0d2f301d88304efc896989d650bf (diff)
download: UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar
UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.gz
UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.lz
UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.xz
UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.zip
1 files changed, 8 insertions, 11 deletions
diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h
index b3fd892ae..4bccb9a84 100644
--- a/security/nss/gtests/ssl_gtest/tls_agent.h
+++ b/security/nss/gtests/ssl_gtest/tls_agent.h
@@ -66,6 +66,7 @@ class TlsAgent : public PollTarget {
   static const std::string kServerRsaSign;
   static const std::string kServerRsaPss;
   static const std::string kServerRsaDecrypt;
+  static const std::string kServerRsaChain;  // A cert that requires a chain.
   static const std::string kServerEcdsa256;
   static const std::string kServerEcdsa384;
   static const std::string kServerEcdsa521;
@@ -80,11 +81,9 @@ class TlsAgent : public PollTarget {
     adapter_->SetPeer(peer->adapter_);
   }
 
-  // Set a filter that can access plaintext (TLS 1.3 only).
   void SetTlsRecordFilter(std::shared_ptr<TlsRecordFilter> filter) {
     filter->SetAgent(this);
     adapter_->SetPacketFilter(filter);
-    filter->EnableDecryption();
   }
 
   void SetPacketFilter(std::shared_ptr<PacketFilter> filter) {
@@ -96,7 +95,6 @@ class TlsAgent : public PollTarget {
   void StartConnect(PRFileDesc* model = nullptr);
   void CheckKEA(SSLKEAType kea_type, SSLNamedGroup group,
                 size_t kea_size = 0) const;
-  void CheckOriginalKEA(SSLNamedGroup kea_group) const;
   void CheckAuthType(SSLAuthType auth_type,
                      SSLSignatureScheme sig_scheme) const;
 
@@ -123,10 +121,12 @@ class TlsAgent : public PollTarget {
   void SetupClientAuth();
   void RequestClientAuth(bool requireAuth);
 
-  void SetOption(int32_t option, int value);
   void ConfigureSessionCache(SessionResumptionMode mode);
+  void SetSessionTicketsEnabled(bool en);
+  void SetSessionCacheEnabled(bool en);
   void Set0RttEnabled(bool en);
   void SetFallbackSCSVEnabled(bool en);
+  void SetShortHeadersEnabled();
   void SetVersionRange(uint16_t minver, uint16_t maxver);
   void GetVersionRange(uint16_t* minver, uint16_t* maxver);
   void CheckPreliminaryInfo();
@@ -136,6 +136,7 @@ class TlsAgent : public PollTarget {
   void ExpectReadWriteError();
   void EnableFalseStart();
   void ExpectResumption();
+  void ExpectShortHeaders();
   void SkipVersionChecks();
   void SetSignatureSchemes(const SSLSignatureScheme* schemes, size_t count);
   void EnableAlpn(const uint8_t* val, size_t len);
@@ -148,17 +149,15 @@ class TlsAgent : public PollTarget {
   // Send data on the socket, encrypting it.
   void SendData(size_t bytes, size_t blocksize = 1024);
   void SendBuffer(const DataBuffer& buf);
-  bool SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec,
-                           uint16_t wireVersion, uint64_t seq, uint8_t ct,
-                           const DataBuffer& buf);
   // Send data directly to the underlying socket, skipping the TLS layer.
   void SendDirect(const DataBuffer& buf);
-  void SendRecordDirect(const TlsRecord& record);
   void ReadBytes(size_t max = 16384U);
   void ResetSentBytes();  // Hack to test drops.
   void EnableExtendedMasterSecret();
   void CheckExtendedMasterSecret(bool expected);
   void CheckEarlyDataAccepted(bool expected);
+  void DisableRollbackDetection();
+  void EnableCompression();
   void SetDowngradeCheckVersion(uint16_t version);
   void CheckSecretsDestroyed();
   void ConfigNamedGroups(const std::vector<SSLNamedGroup>& groups);
@@ -171,8 +170,6 @@ class TlsAgent : public PollTarget {
   Role role() const { return role_; }
   std::string role_str() const { return role_ == SERVER ? "server" : "client"; }
 
-  SSLProtocolVariant variant() const { return variant_; }
-
   State state() const { return state_; }
 
   const CERTCertificate* peer_cert() const {
@@ -256,7 +253,6 @@ class TlsAgent : public PollTarget {
   const static char* states[];
 
   void SetState(State state);
-  void ValidateCipherSpecs();
 
   // Dummy auth certificate hook.
   static SECStatus AuthCertificateHook(void* arg, PRFileDesc* fd,
@@ -392,6 +388,7 @@ class TlsAgent : public PollTarget {
   HandshakeCallbackFunction handshake_callback_;
   AuthCertificateCallbackFunction auth_certificate_callback_;
   SniCallbackFunction sni_callback_;
+  bool expect_short_headers_;
   bool skip_version_checks_;
 };
author	wolfbeast <mcwerewolf@gmail.com>	2018-04-25 21:33:33 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-04-25 21:33:33 +0200
commit	fba28f19754f62b5227650143d5441fc86d4c7d7 (patch)
tree	26629d73f83543ff92a060fd7b310bb748b13173 /security/nss/gtests/ssl_gtest/tls_agent.h
parent	b4154e043bfc0d2f301d88304efc896989d650bf (diff)
download	UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.gz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.lz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.xz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.zip