diff options
-rw-r--r-- | security/nss/lib/ssl/sslinfo.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c index b71cbf7b1..af1f76ed1 100644 --- a/security/nss/lib/ssl/sslinfo.c +++ b/security/nss/lib/ssl/sslinfo.c @@ -60,6 +60,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) sslSocket * ss; SSLChannelInfo inf; sslSessionID * sid; + PRBool enoughFirstHsDone = PR_FALSE; if (!info || len < sizeof inf.length) { PORT_SetError(SEC_ERROR_INVALID_ARGS); @@ -76,7 +77,14 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) memset(&inf, 0, sizeof inf); inf.length = PR_MIN(sizeof inf, len); - if (ss->opt.useSecurity && ss->firstHsDone) { + if (ss->firstHsDone) { + enoughFirstHsDone = PR_TRUE; + } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 && + ssl3_CanFalseStart(ss)) { + enoughFirstHsDone = PR_TRUE; + } + + if (ss->opt.useSecurity && enoughFirstHsDone) { sid = ss->sec.ci.sid; inf.protocolVersion = ss->version; inf.authKeyBits = ss->sec.authKeyBits; |