external/boringssl: Sync to e60b080dda138e1dd02d99fb34641ac22e46c85d.

This includes the following changes:

https://boringssl.googlesource.com/boringssl/+log/a8ffaf1bf2ec64cbbb17863ede06ba506b3db8b8..e60b080dda138e1dd02d99fb34641ac22e46c85d

Bug: 137267623
Bug: 140918050
Test: atest CtsLibcoreTestCases CtsLibcoreOkHttpTestCases
Change-Id: I00eeca876b9070a7163ec284433fc2ec5ea5ef01

1 files changed, 11 insertions, 3 deletions

diff --git a/src/ssl/internal.h b/src/ssl/internal.h
index f55e0470..ec3594c2 100644
--- a/src/ssl/internal.h
+++ b/src/ssl/internal.h
@@ -1265,9 +1265,17 @@ bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
                            enum evp_aead_direction_t direction,
                            Span<const uint8_t> traffic_secret);
 
-// tls13_derive_early_secrets derives the early traffic secret. It returns true
-// on success and false on error.
-bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs);
+// tls13_derive_early_secret derives the early traffic secret. It returns true
+// on success and false on error. Unlike with other traffic secrets, this
+// function does not pass the keys to QUIC. Call
+// |tls13_set_early_secret_for_quic| to do so. This is done to due to an
+// ordering complication around resolving HelloRetryRequest on the server.
+bool tls13_derive_early_secret(SSL_HANDSHAKE *hs);
+
+// tls13_set_early_secret_for_quic passes the early traffic secrets, as
+// derived by |tls13_derive_early_secret|, to QUIC. It returns true on success
+// and false on error.
+bool tls13_set_early_secret_for_quic(SSL_HANDSHAKE *hs);
 
 // tls13_derive_handshake_secrets derives the handshake traffic secret. It
 // returns true on success and false on error.