wok-6.x view nss/stuff/ssl-renegotiate-transitional.patch @ rev 12726
thunar: we dont need so much deps, make it lighter, we may say goodbye pcmanfm (v2 is a pain actually...)
| author | Christophe Lincoln <pankso@slitaz.org> |
|---|---|
| date | Sat May 05 13:58:37 2012 +0200 (2012-05-05) |
| parents | |
| children |
line source
1 Enable transitional scheme for ssl renegotiation:
3 (from mozilla/security/nss/lib/ssl/ssl.h)
4 Disallow unsafe renegotiation in server sockets only, but allow clients
5 to continue to renegotiate with vulnerable servers.
6 This value should only be used during the transition period when few
7 servers have been upgraded.
9 diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
10 index f1d1921..c074360 100644
11 --- a/mozilla/security/nss/lib/ssl/sslsock.c
12 +++ b/mozilla/security/nss/lib/ssl/sslsock.c
13 @@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
14 PR_FALSE, /* noLocks */
15 PR_FALSE, /* enableSessionTickets */
16 PR_FALSE, /* enableDeflate */
17 - 2, /* enableRenegotiation (default: requires extension) */
18 + 3, /* enableRenegotiation (default: transitional) */
19 PR_FALSE, /* requireSafeNegotiation */
20 };