nss/nss-ssl-enforce-no-pkcs11-bypass.path
Elio Maldonado 19ad65d608 Disable bypass code at build time and return failure on attempts to enable at runtime
- Bug 806588 - Disable SSL PKCS #11 bypass at build time
2012-11-09 17:20:07 -08:00

16 lines
742 B
SYSTEMD

diff -up ./mozilla/security/nss/lib/ssl/derive.c.nobypass ./mozilla/security/nss/lib/ssl/derive.c
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.nobypass ./mozilla/security/nss/lib/ssl/sslsock.c
--- ./mozilla/security/nss/lib/ssl/sslsock.c.nobypass 2012-10-07 15:12:25.455307540 -0700
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2012-10-07 15:21:27.229346754 -0700
@@ -547,8 +547,8 @@ static PRStatus SSL_BypassRegisterShutdo
static PRStatus SSL_BypassSetup(void)
{
#ifdef NO_PKCS11_BYPASS
- /* Guarantee binary compatibility */
- return PR_SUCCESS;
+ /* We can safely return failure as we have never supported it */
+ return PR_FALSE;
#else
return PR_CallOnce(&setupBypassOnce, &SSL_BypassRegisterShutdown);
#endif