wok annotate nss/stuff/ssl-renegotiate-transitional.patch @ rev 9651
Up: thunderbird-langpack-fr to 3.1.10.
author | Christopher Rogers <slaxemulator@gmail.com> |
---|---|
date | Fri Apr 29 01:21:18 2011 +0000 (2011-04-29) |
parents | |
children |
rev | line source |
---|---|
slaxemulator@6444 | 1 Enable transitional scheme for ssl renegotiation: |
slaxemulator@6444 | 2 |
slaxemulator@6444 | 3 (from mozilla/security/nss/lib/ssl/ssl.h) |
slaxemulator@6444 | 4 Disallow unsafe renegotiation in server sockets only, but allow clients |
slaxemulator@6444 | 5 to continue to renegotiate with vulnerable servers. |
slaxemulator@6444 | 6 This value should only be used during the transition period when few |
slaxemulator@6444 | 7 servers have been upgraded. |
slaxemulator@6444 | 8 |
slaxemulator@6444 | 9 diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c |
slaxemulator@6444 | 10 index f1d1921..c074360 100644 |
slaxemulator@6444 | 11 --- a/mozilla/security/nss/lib/ssl/sslsock.c |
slaxemulator@6444 | 12 +++ b/mozilla/security/nss/lib/ssl/sslsock.c |
slaxemulator@6444 | 13 @@ -181,7 +181,7 @@ static sslOptions ssl_defaults = { |
slaxemulator@6444 | 14 PR_FALSE, /* noLocks */ |
slaxemulator@6444 | 15 PR_FALSE, /* enableSessionTickets */ |
slaxemulator@6444 | 16 PR_FALSE, /* enableDeflate */ |
slaxemulator@6444 | 17 - 2, /* enableRenegotiation (default: requires extension) */ |
slaxemulator@6444 | 18 + 3, /* enableRenegotiation (default: transitional) */ |
slaxemulator@6444 | 19 PR_FALSE, /* requireSafeNegotiation */ |
slaxemulator@6444 | 20 }; |
slaxemulator@6444 | 21 |