Use SSL_RENEGOTIATE_TRANSITIONAL as default until the transitional period

is over
2010-03-06 21:25:03 +00:00 · 2010-03-06 21:25:03 +00:00 · 1533b72660
parent 1970b5d230
commit 1533b72660
1 changed files with 16 additions and 0 deletions
--- a/renegotiate-transitional.patch
+++ b/renegotiate-transitional.patch
@ -0,0 +1,16 @@
+Index: ./mozilla/security/nss/lib/ssl/sslsock.c
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
+retrieving revision 1.66
+diff -u -p -r1.66 sslsock.c
+--- ./mozilla/security/nss/lib/ssl/sslsock.c	26 Feb 2010 20:44:54 -0000	1.66
+++ ./mozilla/security/nss/lib/ssl/sslsock.c	1 Mar 2010 18:05:10 -0000
+@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
+     PR_FALSE,   /* noLocks            */
+     PR_FALSE,   /* enableSessionTickets */
+     PR_FALSE,   /* enableDeflate      */
+-    2,          /* enableRenegotiation (default: requires extension) */
+    3,          /* enableRenegotiation (default: transitional)
+     PR_FALSE,   /* requireSafeNegotiation */
+ };
+