e3e725975b
- Fix patches that disable ssl2 and export cipher suites support [rhbz#1263005] - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax erros in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5
22 lines
1.1 KiB
Diff
22 lines
1.1 KiB
Diff
diff -up ./nss/cmd/tstclnt/tstclnt.c.ssl2_off ./nss/cmd/tstclnt/tstclnt.c
|
|
--- ./nss/cmd/tstclnt/tstclnt.c.ssl2_off 2015-08-07 11:12:13.000000000 -0700
|
|
+++ ./nss/cmd/tstclnt/tstclnt.c 2015-09-11 20:08:34.771859950 -0700
|
|
@@ -212,7 +212,7 @@ static void PrintParameterUsage(void)
|
|
fprintf(stderr,
|
|
"%-20s Restricts the set of enabled SSL/TLS protocols versions.\n"
|
|
"%-20s All versions are enabled by default.\n"
|
|
- "%-20s Possible values for min/max: ssl2 ssl3 tls1.0 tls1.1 tls1.2\n"
|
|
+ "%-20s Possible values for min/max: ssl3 tls1.0 tls1.1 tls1.2\n"
|
|
"%-20s Example: \"-V ssl3:\" enables SSL 3 and newer.\n",
|
|
"-V [min]:[max]", "", "", "");
|
|
fprintf(stderr, "%-20s Send TLS_FALLBACK_SCSV\n", "-K");
|
|
@@ -911,7 +911,7 @@ int main(int argc, char **argv)
|
|
int npds;
|
|
int override = 0;
|
|
SSLVersionRange enabledVersions;
|
|
- PRBool enableSSL2 = PR_TRUE;
|
|
+ PRBool enableSSL2 = PR_FALSE;
|
|
int bypassPKCS11 = 0;
|
|
int disableLocking = 0;
|
|
int useExportPolicy = 0;
|