From 7f5a17044281bae546ff749543caa68c2a2443d6 Mon Sep 17 00:00:00 2001
From: Nick Zitzmann <nickzman@gmail.com>
Date: Sat, 21 Mar 2015 12:22:56 -0500
Subject: darwinsssl: add support for TLS False Start

TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
---
 lib/vtls/darwinssl.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'lib/vtls/darwinssl.c')

diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 01e308130..03adcef28 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -1459,9 +1459,12 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
 #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
   /* We want to enable 1/n-1 when using a CBC cipher unless the user
      specifically doesn't want us doing that: */
-  if(SSLSetSessionOption != NULL)
+  if(SSLSetSessionOption != NULL) {
     SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord,
                       !data->set.ssl_enable_beast);
+    SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionFalseStart,
+                      data->set.ssl.falsestart); /* false start support */
+  }
 #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
 
   /* Check if there's a cached ID we can/should use here! */
@@ -2364,6 +2367,14 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
   (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum);
 }
 
+bool Curl_darwinssl_false_start(void) {
+#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
+  if(SSLSetSessionOption != NULL)
+    return TRUE;
+#endif
+  return FALSE;
+}
+
 static ssize_t darwinssl_send(struct connectdata *conn,
                               int sockindex,
                               const void *mem,
-- 
cgit v1.2.3