зеркало из https://github.com/mozilla/gecko-dev.git
Bug 415033: added a hidden preference (in about:config) for enabling or disabling the TLS session ticket extension. The patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>. r=wtc,rrelyea,kengert a1.9+=damons Modified Files: netwerk/base/public/security-prefs.js security/manager/ssl/src/nsNSSComponent.cpp
This commit is contained in:
Родитель
8fe88be036
Коммит
7d9ede46bb
|
@ -3,6 +3,7 @@ pref("general.useragent.security", "U");
|
|||
pref("security.enable_ssl2", false);
|
||||
pref("security.enable_ssl3", true);
|
||||
pref("security.enable_tls", true);
|
||||
pref("security.enable_tls_session_tickets", true);
|
||||
|
||||
pref("security.ssl2.rc4_128", false);
|
||||
pref("security.ssl2.rc2_128", false);
|
||||
|
|
|
@ -1596,6 +1596,10 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox)
|
|||
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
|
||||
// Configure TLS session tickets
|
||||
mPrefBranch->GetBoolPref("security.enable_tls_session_tickets", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, enabled);
|
||||
|
||||
// Disable any ciphers that NSS might have enabled by default
|
||||
for (PRUint16 i = 0; i < SSL_NumImplementedCiphers; ++i)
|
||||
{
|
||||
|
@ -2047,6 +2051,9 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
|
|||
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
clearSessionCache = PR_TRUE;
|
||||
} else if (prefName.Equals("security.enable_tls_session_tickets")) {
|
||||
mPrefBranch->GetBoolPref("security.enable_tls_session_tickets", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, enabled);
|
||||
} else if (prefName.Equals("security.OCSP.enabled")
|
||||
|| prefName.Equals("security.OCSP.require")) {
|
||||
setOCSPOptions(mPrefBranch);
|
||||
|
|
Загрузка…
Ссылка в новой задаче