wok diff nss/stuff/ssl-renegotiate-transitional.patch @ rev 10974
Up: scummvm to 1.3.1.
| author | Christopher Rogers <slaxemulator@gmail.com> |
|---|---|
| date | Wed Oct 12 12:42:58 2011 +0000 (2011-10-12) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/nss/stuff/ssl-renegotiate-transitional.patch Wed Oct 12 12:42:58 2011 +0000 1.3 @@ -0,0 +1,21 @@ 1.4 +Enable transitional scheme for ssl renegotiation: 1.5 + 1.6 +(from mozilla/security/nss/lib/ssl/ssl.h) 1.7 +Disallow unsafe renegotiation in server sockets only, but allow clients 1.8 +to continue to renegotiate with vulnerable servers. 1.9 +This value should only be used during the transition period when few 1.10 +servers have been upgraded. 1.11 + 1.12 +diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c 1.13 +index f1d1921..c074360 100644 1.14 +--- a/mozilla/security/nss/lib/ssl/sslsock.c 1.15 ++++ b/mozilla/security/nss/lib/ssl/sslsock.c 1.16 +@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = { 1.17 + PR_FALSE, /* noLocks */ 1.18 + PR_FALSE, /* enableSessionTickets */ 1.19 + PR_FALSE, /* enableDeflate */ 1.20 +- 2, /* enableRenegotiation (default: requires extension) */ 1.21 ++ 3, /* enableRenegotiation (default: transitional) */ 1.22 + PR_FALSE, /* requireSafeNegotiation */ 1.23 + }; 1.24 +