Bug 1310516 - Enable TLS 1.3, r=keeler

MozReview-Commit-ID: FrI7fZBIn2w --HG-- extra : rebase_source : 2884d9df4210903a87aa6bb496aae9a3f2b3a683
2016-11-04 14:46:02 +11:00 · 2016-11-04 14:46:02 +11:00 · 9e6b70484b
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@ -3,7 +3,7 @@
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

 pref("security.tls.version.min", 1);
-pref("security.tls.version.max", 3);
+pref("security.tls.version.max", 4);
 pref("security.tls.version.fallback-limit", 3);
 pref("security.tls.insecure_fallback_hosts", "");
 pref("security.tls.unrestricted_rc4_fallback", false);
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@ -1654,7 +1654,7 @@ nsNSSComponent::setEnabledTLSVersions()
  // keep these values in sync with security-prefs.js
  // 1 means TLS 1.0, 2 means TLS 1.1, etc.
  static const uint32_t PSM_DEFAULT_MIN_TLS_VERSION = 1;
-  static const uint32_t PSM_DEFAULT_MAX_TLS_VERSION = 3;
+  static const uint32_t PSM_DEFAULT_MAX_TLS_VERSION = 4;

  uint32_t minFromPrefs = Preferences::GetUint("security.tls.version.min",
                                               PSM_DEFAULT_MIN_TLS_VERSION);