Rebase to NSS 3.25
This commit is contained in:
parent
c901508114
commit
689db2cb2b
|
@ -10,4 +10,4 @@ TestUser51.cert
|
|||
/nss-pem-20160308.tar.bz2
|
||||
/PayPalRootCA.cert
|
||||
/PayPalICA.cert
|
||||
/nss-3.24.0.tar.gz
|
||||
/nss-3.25.0.tar.gz
|
||||
|
|
|
@ -1,102 +0,0 @@
|
|||
--- ./lib/ssl/sslsock.c.compatibility 2016-06-02 10:59:07.188831825 -0700
|
||||
+++ ./lib/ssl/sslsock.c 2016-06-02 10:59:07.205831404 -0700
|
||||
@@ -675,16 +675,28 @@
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
rv = SECFailure; /* not allowed */
|
||||
}
|
||||
break;
|
||||
}
|
||||
ssl_EnableSSL3(&ss->vrange, on);
|
||||
break;
|
||||
|
||||
+ case SSL_ENABLE_SSL2:
|
||||
+ case SSL_V2_COMPATIBLE_HELLO:
|
||||
+ /* We no longer support SSL v2.
|
||||
+ * However, if an old application requests to disable SSL v2,
|
||||
+ * we shouldn't fail.
|
||||
+ */
|
||||
+ if (on) {
|
||||
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
+ rv = SECFailure;
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
case SSL_NO_CACHE:
|
||||
ss->opt.noCache = on;
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_FDX:
|
||||
if (on && ss->opt.noLocks) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
rv = SECFailure;
|
||||
@@ -856,16 +868,20 @@
|
||||
on = ss->opt.handshakeAsServer;
|
||||
break;
|
||||
case SSL_ENABLE_TLS:
|
||||
on = ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_0;
|
||||
break;
|
||||
case SSL_ENABLE_SSL3:
|
||||
on = ss->vrange.min == SSL_LIBRARY_VERSION_3_0;
|
||||
break;
|
||||
+ case SSL_ENABLE_SSL2:
|
||||
+ case SSL_V2_COMPATIBLE_HELLO:
|
||||
+ on = PR_FALSE;
|
||||
+ break;
|
||||
case SSL_NO_CACHE:
|
||||
on = ss->opt.noCache;
|
||||
break;
|
||||
case SSL_ENABLE_FDX:
|
||||
on = ss->opt.fdx;
|
||||
break;
|
||||
case SSL_ROLLBACK_DETECTION:
|
||||
on = ss->opt.detectRollBack;
|
||||
@@ -967,16 +983,20 @@
|
||||
on = ssl_defaults.handshakeAsServer;
|
||||
break;
|
||||
case SSL_ENABLE_TLS:
|
||||
on = versions_defaults_stream.max >= SSL_LIBRARY_VERSION_TLS_1_0;
|
||||
break;
|
||||
case SSL_ENABLE_SSL3:
|
||||
on = versions_defaults_stream.min == SSL_LIBRARY_VERSION_3_0;
|
||||
break;
|
||||
+ case SSL_ENABLE_SSL2:
|
||||
+ case SSL_V2_COMPATIBLE_HELLO:
|
||||
+ on = PR_FALSE;
|
||||
+ break;
|
||||
case SSL_NO_CACHE:
|
||||
on = ssl_defaults.noCache;
|
||||
break;
|
||||
case SSL_ENABLE_FDX:
|
||||
on = ssl_defaults.fdx;
|
||||
break;
|
||||
case SSL_ROLLBACK_DETECTION:
|
||||
on = ssl_defaults.detectRollBack;
|
||||
@@ -1100,16 +1120,28 @@
|
||||
case SSL_ENABLE_TLS:
|
||||
ssl_EnableTLS(&versions_defaults_stream, on);
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_SSL3:
|
||||
ssl_EnableSSL3(&versions_defaults_stream, on);
|
||||
break;
|
||||
|
||||
+ case SSL_ENABLE_SSL2:
|
||||
+ case SSL_V2_COMPATIBLE_HELLO:
|
||||
+ /* We no longer support SSL v2.
|
||||
+ * However, if an old application requests to disable SSL v2,
|
||||
+ * we shouldn't fail.
|
||||
+ */
|
||||
+ if (on) {
|
||||
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
case SSL_NO_CACHE:
|
||||
ssl_defaults.noCache = on;
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_FDX:
|
||||
if (on && ssl_defaults.noLocks) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
|
@ -1,17 +1,15 @@
|
|||
diff -up nss/cmd/Makefile.skipthem nss/cmd/Makefile
|
||||
--- nss/cmd/Makefile.nobltest 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/cmd/Makefile 2013-06-15 11:51:11.669655168 -0700
|
||||
@@ -14,10 +14,10 @@ ifdef BUILD_LIBPKIX_TESTS
|
||||
DIRS += libpkix
|
||||
endif
|
||||
|
||||
-ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
|
||||
+ifeq ($(NSS_BLTEST_NOT_AVAILABLE),1)
|
||||
diff -up ./nss/cmd/Makefile.skipthem ./nss/cmd/Makefile
|
||||
--- ./nss/cmd/Makefile.skipem 2016-06-24 10:10:38.143165159 -0700
|
||||
+++ ./nss/cmd/Makefile 2016-06-24 10:13:08.566457400 -0700
|
||||
@@ -17,7 +17,11 @@ endif
|
||||
ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
|
||||
BLTEST_SRCDIR =
|
||||
-FIPSTEST_SRCDIR =
|
||||
-SHLIBSIGN_SRCDIR =
|
||||
+FIPSTEST_SRCDIR =
|
||||
FIPSTEST_SRCDIR =
|
||||
+ifeq ($(NSS_BLTEST_NOT_AVAILABLE),1)
|
||||
+SHLIBSIGN_SRCDIR = shlibsign
|
||||
+else
|
||||
SHLIBSIGN_SRCDIR =
|
||||
+endif
|
||||
else
|
||||
BLTEST_SRCDIR = bltest
|
||||
FIPSTEST_SRCDIR = fipstest
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
diff -up ./nss/cmd/manifest.mn.skip_ecperf ./nss/cmd/manifest.mn
|
||||
--- ./nss/cmd/manifest.mn.noecperf 2016-06-24 08:04:53.891106841 -0700
|
||||
+++ ./nss/cmd/manifest.mn 2016-06-24 08:06:57.186887403 -0700
|
||||
@@ -42,7 +42,6 @@ NSS_SRCDIRS = \
|
||||
dbtest \
|
||||
derdump \
|
||||
digest \
|
||||
- ecperf \
|
||||
httpserv \
|
||||
listsuites \
|
||||
makepqg \
|
|
@ -1,11 +1,11 @@
|
|||
diff -up ./external_tests/manifest.mn.skip_util_gtest ./external_tests/manifest.mn
|
||||
--- ./external_tests/manifest.mn.skip_util_gtest 2016-05-21 21:34:56.156346633 -0700
|
||||
+++ ./external_tests/manifest.mn 2016-05-21 21:35:23.408854282 -0700
|
||||
@@ -8,7 +8,6 @@ DEPTH = ..
|
||||
DIRS = \
|
||||
diff -up ./external_tests/manifest.mn.skip_util_pk11_ssl_gtest ./external_tests/manifest.mn
|
||||
--- ./external_tests/manifest.mn.skip_util_pk11_ssl_gtest 2016-06-20 10:11:28.000000000 -0700
|
||||
+++ ./external_tests/manifest.mn 2016-06-26 10:09:55.429858648 -0700
|
||||
@@ -9,7 +9,4 @@ DIRS = \
|
||||
google_test \
|
||||
der_gtest \
|
||||
common \
|
||||
der_gtest \
|
||||
- util_gtest \
|
||||
pk11_gtest \
|
||||
ssl_gtest \
|
||||
- pk11_gtest \
|
||||
- ssl_gtest \
|
||||
$(NULL)
|
||||
|
|
34
nss.spec
34
nss.spec
|
@ -1,6 +1,6 @@
|
|||
%global nspr_version 4.12.0
|
||||
%global nss_util_version 3.24.0
|
||||
%global nss_softokn_version 3.24.0
|
||||
%global nss_util_version 3.25.0
|
||||
%global nss_softokn_version 3.25.0
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
||||
|
||||
|
@ -18,10 +18,10 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.24.0
|
||||
Version: 3.25.0
|
||||
# for Rawhide, please always use release >= 2
|
||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||
Release: 1.2%{?dist}
|
||||
Release: 1.0%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
@ -91,13 +91,12 @@ Patch49: nss-skip-bltest-and-fipstest.patch
|
|||
# headers are older. Such is the case when starting an update with API changes or even private export changes.
|
||||
# Once the buildroot aha been bootstrapped the patch may be removed but it doesn't hurt to keep it.
|
||||
Patch50: iquote.patch
|
||||
Patch55: skip_stress_TLS_RC4_128_with_MD5.patch
|
||||
# Local patch for TLS_ECDHE_{ECDSA|RSA}_WITH_3DES_EDE_CBC_SHA ciphers
|
||||
Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
||||
Patch60: nss-pem-unitialized-vars.path
|
||||
Patch61: nss-skip-util-gtest.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1277569
|
||||
Patch62: mozbz1277569backport.patch
|
||||
# TODO: file a bug upstream similar to the one for rsaperf
|
||||
Patch70: nss-skip-ecperf.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
@ -180,13 +179,13 @@ low level services.
|
|||
%patch47 -p0 -b .templates
|
||||
%patch49 -p0 -b .skipthem
|
||||
%patch50 -p0 -b .iquote
|
||||
%patch55 -p1 -b .skip_stress_tls_rc4_128_with_md5
|
||||
%patch58 -p0 -b .1185708_3des
|
||||
pushd nss
|
||||
%patch60 -p1 -b .unitialized_vars
|
||||
%patch61 -p0 -b .skip_util_gtest
|
||||
%patch62 -p1 -b .compatibility
|
||||
%patch61 -p1 -b .skip_util_gtest
|
||||
popd
|
||||
# temporary
|
||||
%patch70 -p0 -b .skip_ecperf
|
||||
|
||||
#########################################################
|
||||
# Higher-level libraries and test tools need access to
|
||||
|
@ -224,15 +223,13 @@ done
|
|||
|
||||
pushd nss/tests/ssl
|
||||
# Create versions of sslcov.txt and sslstress.txt that disable tests
|
||||
# for SSL2 and EXPORT ciphers.
|
||||
cat sslcov.txt| sed -r "s/^([^#].*EXPORT|^[^#].*SSL2)/#disabled \1/" > sslcov.noSSL2orExport.txt
|
||||
cat sslstress.txt| sed -r "s/^([^#].*EXPORT|^[^#].*SSL2)/#disabled \1/" > sslstress.noSSL2orExport.txt
|
||||
# for non policy compliant ciphers.
|
||||
cat sslcov.txt| sed -r "s/^([^#].*EXPORT|^[^#].*_WITH_DES_*)/#disabled \1/" > sslcov.noPolicy.txt
|
||||
cat sslstress.txt| sed -r "s/^([^#].*EXPORT|^[^#].*with MD5)/#disabled \1/" > sslstress.noPolicy.txt
|
||||
popd
|
||||
|
||||
%build
|
||||
|
||||
export NSS_NO_SSL2_NO_EXPORT=1
|
||||
|
||||
NSS_NO_PKCS11_BYPASS=1
|
||||
export NSS_NO_PKCS11_BYPASS
|
||||
|
||||
|
@ -448,7 +445,9 @@ pushd ./nss/tests/
|
|||
|
||||
# don't need to run all the tests when testing packaging
|
||||
# nss_cycles: standard pkix upgradedb sharedb
|
||||
%define nss_tests "libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains pk11_gtests der_gtests"
|
||||
# the full list from all.sh is:
|
||||
# "cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests"
|
||||
%define nss_tests "libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests"
|
||||
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
|
||||
# nss_ssl_run: cov auth stress
|
||||
#
|
||||
|
@ -795,6 +794,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon Jun 27 2016 Elio Maldonado <emaldona@redhat.com> - 3.25.0-1.0
|
||||
- Rebase to nss 3.25
|
||||
|
||||
* Thu Jun 02 2016 Elio Maldonado <emaldona@redhat.com> - 3.24.0-1.2
|
||||
- Allow application requests to disable SSL v2 to succeed
|
||||
- Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
diff -up ./nss/lib/ssl/sslsock.c.transitional ./nss/lib/ssl/sslsock.c
|
||||
--- ./nss/lib/ssl/sslsock.c.transitional 2016-03-05 08:54:13.871412639 -0800
|
||||
+++ ./nss/lib/ssl/sslsock.c 2016-03-05 09:00:27.721889811 -0800
|
||||
@@ -77,7 +77,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
PR_TRUE, /* cbcRandomIV */
|
||||
--- ./nss/lib/ssl/sslsock.c.transitional 2016-06-23 21:03:16.316480089 -0400
|
||||
+++ ./nss/lib/ssl/sslsock.c 2016-06-23 21:08:07.290202477 -0400
|
||||
@@ -72,7 +72,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
PR_TRUE, /* cbcRandomIV */
|
||||
|
|
|
@ -1,14 +1,23 @@
|
|||
diff -up ./nss/lib/ssl/ssl3con.c.1185708_3des ./nss/lib/ssl/ssl3con.c
|
||||
--- ./nss/lib/ssl/ssl3con.c.1185708_3des 2015-09-29 16:24:18.717593591 -0700
|
||||
+++ ./nss/lib/ssl/ssl3con.c 2015-09-29 16:25:22.672879926 -0700
|
||||
@@ -101,8 +101,8 @@ static ssl3CipherSuiteCfg cipherSuites[s
|
||||
--- ./nss/lib/ssl/ssl3con.c.1185708_3des 2016-06-23 21:10:09.765992512 -0400
|
||||
+++ ./nss/lib/ssl/ssl3con.c 2016-06-23 22:58:39.121398601 -0400
|
||||
@@ -118,18 +118,18 @@
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
- { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
- { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
+ { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
+ { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
#endif /* NSS_DISABLE_ECC */
|
||||
|
||||
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,SSL_ALLOWED,PR_TRUE, PR_FALSE},
|
||||
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
|
|
|
@ -1,48 +0,0 @@
|
|||
diff -up ./nss/tests/ssl/sslstress.txt.skip ./nss/tests/ssl/sslstress.txt
|
||||
--- ./nss/tests/ssl/sslstress.txt.skip 2016-05-24 09:02:26.506457846 -0700
|
||||
+++ ./nss/tests/ssl/sslstress.txt 2016-05-24 09:08:19.475268491 -0700
|
||||
@@ -8,27 +8,27 @@
|
||||
# Enable return server client Test Case name
|
||||
# ECC value params params
|
||||
# ------- ------ ------ ------ ---------------
|
||||
- noECC 0 _ -c_1000_-C_c_-V_:ssl3 Stress SSL3 RC4 128 with MD5
|
||||
- noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
|
||||
- noECC 0 _ -c_1000_-C_c_-g Stress TLS RC4 128 with MD5 (false start)
|
||||
- noECC 0 -u -V_ssl3:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket)
|
||||
- noECC 0 -z -V_ssl3:_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression)
|
||||
- noECC 0 -u_-z -V_ssl3:_-c_1000_-C_c_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression)
|
||||
- noECC 0 -u_-z -V_ssl3:_-c_1000_-C_c_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, false start)
|
||||
- SNI 0 -u_-a_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI)
|
||||
+# noECC 0 _ -c_1000_-C_c_-V_:ssl3 Stress SSL3 RC4 128 with MD5
|
||||
+# noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
|
||||
+# noECC 0 _ -c_1000_-C_c_-g Stress TLS RC4 128 with MD5 (false start)
|
||||
+# noECC 0 -u -V_ssl3:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket)
|
||||
+# noECC 0 -z -V_ssl3:_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression)
|
||||
+# noECC 0 -u_-z -V_ssl3:_-c_1000_-C_c_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression)
|
||||
+# noECC 0 -u_-z -V_ssl3:_-c_1000_-C_c_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, false start)
|
||||
+# SNI 0 -u_-a_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI)
|
||||
|
||||
#
|
||||
# add client auth versions here...
|
||||
#
|
||||
- noECC 0 -r_-r -c_100_-C_c_-V_:ssl3_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth)
|
||||
- noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth)
|
||||
- noECC 0 -r_-r_-u -V_ssl3:_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth)
|
||||
- noECC 0 -r_-r_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth)
|
||||
- noECC 0 -r_-r_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-z_-g Stress TLS RC4 128 with MD5 (compression, client auth, false start)
|
||||
- noECC 0 -r_-r_-u_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression, client auth)
|
||||
- noECC 0 -r_-r_-u_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, client auth, false start)
|
||||
- SNI 0 -r_-r_-u_-a_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, default virt host)
|
||||
- SNI 0 -r_-r_-u_-a_Host-sni.Dom_-k_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u_-a_Host-sni.Dom Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, change virt host)
|
||||
+# noECC 0 -r_-r -c_100_-C_c_-V_:ssl3_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth)
|
||||
+# noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth)
|
||||
+# noECC 0 -r_-r_-u -V_ssl3:_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth)
|
||||
+# noECC 0 -r_-r_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth)
|
||||
+# noECC 0 -r_-r_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-z_-g Stress TLS RC4 128 with MD5 (compression, client auth, false start)
|
||||
+# noECC 0 -r_-r_-u_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression, client auth)
|
||||
+# noECC 0 -r_-r_-u_-z -V_ssl3:_-c_100_-C_c_-n_TestUser_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, client auth, false start)
|
||||
+# SNI 0 -r_-r_-u_-a_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, default virt host)
|
||||
+# SNI 0 -r_-r_-u_-a_Host-sni.Dom_-k_Host-sni.Dom -V_tls1.0:_-c_1000_-C_c_-u_-a_Host-sni.Dom Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, change virt host)
|
||||
|
||||
#
|
||||
# ############################ ECC ciphers ############################
|
2
sources
2
sources
|
@ -4,4 +4,4 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
|||
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
|
||||
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
|
||||
4d8e770b105483e365f3327d883dd229 nss-pem-20160308.tar.bz2
|
||||
2a3ffd2f46b60ecc116ac086343a537a nss-3.24.0.tar.gz
|
||||
950263d15d1f055605bfb6e634a1a019 nss-3.25.0.tar.gz
|
||||
|
|
Loading…
Reference in New Issue