rpms/nss
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f18
nss/nss-ssl-cbc-random-iv-off-by-default.patch
Elio Maldonado b70c8423a2 Update to NSS_3_15_RTM 
- manual merge from master
2013-06-17 16:17:29 -07:00

26 lines
1000 B
Diff
Raw Permalink Blame History

diff -up nss/lib/ssl/sslsock.c.cbcrandomivoff nss/lib/ssl/sslsock.c
--- nss/lib/ssl/sslsock.c.cbcrandomivoff 2013-05-30 22:20:52.181292812 -0700
+++ nss/lib/ssl/sslsock.c 2013-05-30 22:20:52.194292913 -0700
@@ -152,7 +152,7 @@ static sslOptions ssl_defaults = {
3, /* enableRenegotiation (default: transitional) */
PR_FALSE, /* requireSafeNegotiation */
PR_FALSE, /* enableFalseStart */
- PR_TRUE, /* cbcRandomIV */
+ PR_FALSE, /* cbcRandomIV */ /* defaults to off for compatibility */
PR_FALSE /* enableOCSPStapling */
};
@@ -2906,9 +2906,9 @@ ssl_SetDefaultsFromEnvironment(void)
PR_TRUE));
}
ev = getenv("NSS_SSL_CBC_RANDOM_IV");
- if (ev && ev[0] == '0') {
- ssl_defaults.cbcRandomIV = PR_FALSE;
- SSL_TRACE(("SSL: cbcRandomIV set to 0"));
+ if (ev && ev[0] == '1') {
+ ssl_defaults.cbcRandomIV = PR_TRUE;
+ SSL_TRACE(("SSL: cbcRandomIV set to 1"));
}
}
#endif /* NSS_HAVE_GETENV */
Reference in New Issue View Git Blame Copy Permalink