summaryrefslogtreecommitdiff
path: root/testing/nss/ssl-renegotiate-transitional.patch
diff options
context:
space:
mode:
Diffstat (limited to 'testing/nss/ssl-renegotiate-transitional.patch')
-rw-r--r--testing/nss/ssl-renegotiate-transitional.patch21
1 files changed, 0 insertions, 21 deletions
diff --git a/testing/nss/ssl-renegotiate-transitional.patch b/testing/nss/ssl-renegotiate-transitional.patch
deleted file mode 100644
index f457c5551..000000000
--- a/testing/nss/ssl-renegotiate-transitional.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Enable transitional scheme for ssl renegotiation:
-
-(from mozilla/security/nss/lib/ssl/ssl.h)
-Disallow unsafe renegotiation in server sockets only, but allow clients
-to continue to renegotiate with vulnerable servers.
-This value should only be used during the transition period when few
-servers have been upgraded.
-
-diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
-index f1d1921..c074360 100644
---- a/mozilla/security/nss/lib/ssl/sslsock.c
-+++ b/mozilla/security/nss/lib/ssl/sslsock.c
-@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
- PR_FALSE, /* noLocks */
- PR_FALSE, /* enableSessionTickets */
- PR_FALSE, /* enableDeflate */
-- 2, /* enableRenegotiation (default: requires extension) */
-+ 3, /* enableRenegotiation (default: transitional) */
- PR_FALSE, /* requireSafeNegotiation */
- };
-
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-05 00:09:41 +0000