== NSS 3.12.6 will block some renegotiation attempts on SSL sockets by default
== This patch does not yet implement new UI by default, but adds 4 new prefs to get fine grained control (blocking/allowing, displaying broken state)
== One of the prefs is a temporary pref that is supposed to go away at some point in the future
(applies to firefox with SSL client auth, too)
r=relyea for an earlier patch that was checked in to mozilla-1.8.x more than a year ago
r=honzab on the diff on top of that earlier patch
a=beltzner for landing on restricted trunk
This check in will make PSM aware of ECC cipher suites. Nightly builds will not yet contain ECC, because NSS is still
being compiled with ECC disabled.
r=rrelyea/darin
(bug 188856) that broke them has been fixed. r=kaie. sr=bryner. a=asa for
mozilla1.3.
Modified Files:
netwerk/base/public/security-prefs.js
security/manager/pki/resources/content/ssl3tlsciphers2.xul
security/manager/pki/resources/locale/en-US/pref-ssl.dtd
security/manager/ssl/src/nsNSSComponent.cpp
Revising nsIChannel to allow for overlapped i/o. This consists of three parts:
1. Factoring nsIChannel into a protocol specific part, the nsIChannel, and a socket specific, the nsITransport.
2. Derive the nsIChannel from a nsIRequest.
2. Changes the notification system from necko and the URILoader to pass the nsIRequest interface instead of nsIChannel interface.
This goal stems from wanting to be able to have active AsyncRead and AsyncWrite operations on nsSocketTransport.
This is desired because it would greatly simplify the task of maintaining persistent/reusable socket connections
for FTP, HTTP, and Imap (and potentially other protocols). The problem with the existing nsIChannel interface is
that it does not allow one to selectively suspend just one of the read or write operations while keeping the other active.
r=darin@netscape.comsr=rpotts@netscape.com
1. Factoring nsIChannel into a protocol specific part, the nsIChannel, and a socket specific, the nsITransport.
2. Derive the nsIChannel from a nsIRequest.
2. Changes the notification system from necko and the URILoader to pass the nsIRequest interface instead of nsIChannel interface.
This goal stems from wanting to be able to have active AsyncRead and AsyncWrite operations on nsSocketTransport.
This is desired because it would greatly simplify the task of maintaining persistent/reusable socket connections
for FTP, HTTP, and Imap (and potentially other protocols). The problem with the existing nsIChannel interface is
that it does not allow one to selectively suspend just one of the read or write operations while keeping the other active.
The full details of the change on written up in the netlib newsgroup.
r=darin@netscape.comsr=rpotts@netscape.com
Wan-Teh Chang
Saint Wesonga
Kai Engert
Vladimir Vukicevic
Reed Loden
dveditz@cruzio.com
dtownsend@oxymoronical.com
kaie%kuix.de
gavin%gavinsharp.com
wtc%netscape.com
kaie%netscape.com
ddrinan%netscape.com
thayes%netscape.com
jgmyers%netscape.com
dougt%netscape.com
disttsc%bart.nl
bryner%uiuc.edu