wok-next annotate nss/stuff/ssl-renegotiate-transitional.patch @ rev 7714
Up: lmms to 0.4.9.
| author | Christopher Rogers <slaxemulator@gmail.com> |
|---|---|
| date | Sun Dec 19 11:26:52 2010 +0000 (2010-12-19) |
| parents | |
| children |
| rev | line source |
|---|---|
| slaxemulator@6444 | 1 Enable transitional scheme for ssl renegotiation: |
| slaxemulator@6444 | 2 |
| slaxemulator@6444 | 3 (from mozilla/security/nss/lib/ssl/ssl.h) |
| slaxemulator@6444 | 4 Disallow unsafe renegotiation in server sockets only, but allow clients |
| slaxemulator@6444 | 5 to continue to renegotiate with vulnerable servers. |
| slaxemulator@6444 | 6 This value should only be used during the transition period when few |
| slaxemulator@6444 | 7 servers have been upgraded. |
| slaxemulator@6444 | 8 |
| slaxemulator@6444 | 9 diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c |
| slaxemulator@6444 | 10 index f1d1921..c074360 100644 |
| slaxemulator@6444 | 11 --- a/mozilla/security/nss/lib/ssl/sslsock.c |
| slaxemulator@6444 | 12 +++ b/mozilla/security/nss/lib/ssl/sslsock.c |
| slaxemulator@6444 | 13 @@ -181,7 +181,7 @@ static sslOptions ssl_defaults = { |
| slaxemulator@6444 | 14 PR_FALSE, /* noLocks */ |
| slaxemulator@6444 | 15 PR_FALSE, /* enableSessionTickets */ |
| slaxemulator@6444 | 16 PR_FALSE, /* enableDeflate */ |
| slaxemulator@6444 | 17 - 2, /* enableRenegotiation (default: requires extension) */ |
| slaxemulator@6444 | 18 + 3, /* enableRenegotiation (default: transitional) */ |
| slaxemulator@6444 | 19 PR_FALSE, /* requireSafeNegotiation */ |
| slaxemulator@6444 | 20 }; |
| slaxemulator@6444 | 21 |