From 9e6b70484b770dc097eaa2af03fe6baa9709e3cb Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Fri, 4 Nov 2016 14:46:02 +1100 Subject: [PATCH] Bug 1310516 - Enable TLS 1.3, r=keeler MozReview-Commit-ID: FrI7fZBIn2w --HG-- extra : rebase_source : 2884d9df4210903a87aa6bb496aae9a3f2b3a683 --- netwerk/base/security-prefs.js | 2 +- security/manager/ssl/nsNSSComponent.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index b0c9916c87f5..21cdba0eb36a 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -3,7 +3,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ pref("security.tls.version.min", 1); -pref("security.tls.version.max", 3); +pref("security.tls.version.max", 4); pref("security.tls.version.fallback-limit", 3); pref("security.tls.insecure_fallback_hosts", ""); pref("security.tls.unrestricted_rc4_fallback", false); diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp index e52531a0e8ad..cd87b5b03ac2 100644 --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -1654,7 +1654,7 @@ nsNSSComponent::setEnabledTLSVersions() // keep these values in sync with security-prefs.js // 1 means TLS 1.0, 2 means TLS 1.1, etc. static const uint32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; - static const uint32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + static const uint32_t PSM_DEFAULT_MAX_TLS_VERSION = 4; uint32_t minFromPrefs = Preferences::GetUint("security.tls.version.min", PSM_DEFAULT_MIN_TLS_VERSION);