summaryrefslogtreecommitdiff
path: root/libre/nss/ssl-renegotiate-transitional.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libre/nss/ssl-renegotiate-transitional.patch')
-rw-r--r--libre/nss/ssl-renegotiate-transitional.patch21
1 files changed, 0 insertions, 21 deletions
diff --git a/libre/nss/ssl-renegotiate-transitional.patch b/libre/nss/ssl-renegotiate-transitional.patch
deleted file mode 100644
index f457c5551..000000000
--- a/libre/nss/ssl-renegotiate-transitional.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Enable transitional scheme for ssl renegotiation:
-
-(from mozilla/security/nss/lib/ssl/ssl.h)
-Disallow unsafe renegotiation in server sockets only, but allow clients
-to continue to renegotiate with vulnerable servers.
-This value should only be used during the transition period when few
-servers have been upgraded.
-
-diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
-index f1d1921..c074360 100644
---- a/mozilla/security/nss/lib/ssl/sslsock.c
-+++ b/mozilla/security/nss/lib/ssl/sslsock.c
-@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
- PR_FALSE, /* noLocks */
- PR_FALSE, /* enableSessionTickets */
- PR_FALSE, /* enableDeflate */
-- 2, /* enableRenegotiation (default: requires extension) */
-+ 3, /* enableRenegotiation (default: transitional) */
- PR_FALSE, /* requireSafeNegotiation */
- };
-