cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCH v3] TLS False Start support for NSS

From: Paul Howarth <>
Date: Thu, 23 Apr 2015 14:11:25 +0100

On 22/04/15 17:42, Kamil Dudka wrote:
> On Wednesday 22 April 2015 13:10:22 Paul Howarth wrote:
>> On 22/04/15 13:03, Kamil Dudka wrote:
>>> If SSL_SetCanFalseStartCallback() is the newest introduced symbol required
>>> for the TLS False Start feature to work, we can add autoconf check for the
>>> presence of that symbol in NSS libs, and #ifdef the code based on the
>>> result of that check. That would cover also the case where a downstream
>>> maintainer cherry-picks the feature to an older version of NSS.
>> Works for me. I'm able to build with the attached patch, which should be
>> adaptable to being an autoconf-based one instead of a version-number
>> based one.
>> Paul.
> Thanks for the patch! Do we still need the #ifdef for SSL_ENABLE_FALSE_START
> if the code is already #idef-ed based on the NSS version?

Only the ones within the NSS-version #ifdef (not all are), and only if
NSS upstream does not support building without TLS 1.2 support (I don't
know if this is the case or not).


List admin:
Received on 2015-04-23