--- a/mozilla-nss-compat.patch Tue Feb 21 21:10:03 2012 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,50 +0,0 @@
-# HG changeset patch
-# Parent f241f48841a5d480f898cb7c34f3438aaa9a6c40
-# User Brian Smith <bsmith@mozilla.com>
-Bug 713934, Part 2, version 1: Update SetCertVerificationResult to use SSL_AuthCertificateComplete, r?honzab
-
-diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp
---- a/security/manager/ssl/src/nsNSSIOLayer.cpp
-+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
-@@ -964,31 +964,31 @@ nsNSSSocketInfo::SetCertVerificationWait
-
- void
- nsNSSSocketInfo::SetCertVerificationResult(PRErrorCode errorCode,
- SSLErrorMessageType errorMessageType)
- {
- NS_ASSERTION(mCertVerificationState == waiting_for_cert_verification,
- "Invalid state transition to cert_verification_finished");
-
-- if (errorCode != 0) {
-- SetCanceled(errorCode, errorMessageType);
-- } else if (mFd) {
-- // We haven't closed the connection already, so restart it
-- SECStatus rv = SSL_RestartHandshakeAfterAuthCertificate(mFd);
-- if (rv != SECSuccess) {
-+ if (mFd) {
-+ SECStatus rv = SSL_AuthCertificateComplete(mFd, errorCode);
-+ // Only replace errorCode if there was originally no error
-+ if (rv != SECSuccess && errorCode == 0) {
- errorCode = PR_GetError();
-+ errorMessageType = PlainErrorMessage;
- if (errorCode == 0) {
-- NS_ERROR("SSL_RestartHandshakeAfterAuthCertificate didn't set error code");
-+ NS_ERROR("SSL_AuthCertificateComplete didn't set error code");
- errorCode = PR_INVALID_STATE_ERROR;
- }
-- SetCanceled(errorCode, PlainErrorMessage);
- }
-- } else {
-- // If we closed the connection alreay, we don't have anything to do
-+ }
-+
-+ if (errorCode) {
-+ SetCanceled(errorCode, errorMessageType);
- }
-
- mCertVerificationState = after_cert_verification;
- }
-
- nsresult nsNSSSocketInfo::GetSSLStatus(nsISSLStatus** _result)
- {
- NS_ENSURE_ARG_POINTER(_result);