"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "platform/security/manager/ssl/nsNSSComponent.cpp" between
palemoon-29.4.1-source.tar.xz and palemoon-29.4.2-source.tar.xz

About: Pale Moon is a full-featured, optimized browser derived from the code behind the Firefox browser (shares the Unified XUL Platform (UXP)). Source code. Hint (Sept. 15, 2021): The separate application source code tarballs seems no longer available but only tarballs bundled with the underlying UXP platform code (see here).

nsNSSComponent.cpp  (palemoon-29.4.1-source.tar.xz):nsNSSComponent.cpp  (palemoon-29.4.2-source.tar.xz)
skipping to change at line 1446 skipping to change at line 1446
rangeOut.min = (uint16_t) minFromPrefs; rangeOut.min = (uint16_t) minFromPrefs;
rangeOut.max = (uint16_t) maxFromPrefs; rangeOut.max = (uint16_t) maxFromPrefs;
} }
static const int32_t OCSP_ENABLED_DEFAULT = 1; static const int32_t OCSP_ENABLED_DEFAULT = 1;
static const bool REQUIRE_SAFE_NEGOTIATION_DEFAULT = false; static const bool REQUIRE_SAFE_NEGOTIATION_DEFAULT = false;
static const bool FALSE_START_ENABLED_DEFAULT = true; static const bool FALSE_START_ENABLED_DEFAULT = true;
static const bool NPN_ENABLED_DEFAULT = true; static const bool NPN_ENABLED_DEFAULT = true;
static const bool ALPN_ENABLED_DEFAULT = false; static const bool ALPN_ENABLED_DEFAULT = false;
static const bool ENABLED_0RTT_DATA_DEFAULT = false; static const bool ENABLED_0RTT_DATA_DEFAULT = false;
static const bool TLS13_COMPAT_MODE_DEFAULT = false;
static void static void
ConfigureTLSSessionIdentifiers() ConfigureTLSSessionIdentifiers()
{ {
bool disableSessionIdentifiers = bool disableSessionIdentifiers =
Preferences::GetBool("security.ssl.disable_session_identifiers", false); Preferences::GetBool("security.ssl.disable_session_identifiers", false);
SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, !disableSessionIdentifiers); SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, !disableSessionIdentifiers);
SSL_OptionSetDefault(SSL_NO_CACHE, disableSessionIdentifiers); SSL_OptionSetDefault(SSL_NO_CACHE, disableSessionIdentifiers);
} }
skipping to change at line 1879 skipping to change at line 1880
Preferences::GetBool("security.ssl.enable_npn", Preferences::GetBool("security.ssl.enable_npn",
NPN_ENABLED_DEFAULT)); NPN_ENABLED_DEFAULT));
SSL_OptionSetDefault(SSL_ENABLE_ALPN, SSL_OptionSetDefault(SSL_ENABLE_ALPN,
Preferences::GetBool("security.ssl.enable_alpn", Preferences::GetBool("security.ssl.enable_alpn",
ALPN_ENABLED_DEFAULT)); ALPN_ENABLED_DEFAULT));
SSL_OptionSetDefault(SSL_ENABLE_0RTT_DATA, SSL_OptionSetDefault(SSL_ENABLE_0RTT_DATA,
Preferences::GetBool("security.tls.enable_0rtt_data", Preferences::GetBool("security.tls.enable_0rtt_data",
ENABLED_0RTT_DATA_DEFAULT)); ENABLED_0RTT_DATA_DEFAULT));
// Set TLS 1.3 compatibility mode for bad middleware boxes?
SSL_OptionSetDefault(SSL_ENABLE_TLS13_COMPAT_MODE,
Preferences::GetBool("security.ssl.enable_tls13_compat_mo
de",
TLS13_COMPAT_MODE_DEFAULT));
if (NS_FAILED(InitializeCipherSuite())) { if (NS_FAILED(InitializeCipherSuite())) {
MOZ_LOG(gPIPNSSLog, LogLevel::Error, ("Unable to initialize cipher suite set tings\n")); MOZ_LOG(gPIPNSSLog, LogLevel::Error, ("Unable to initialize cipher suite set tings\n"));
return NS_ERROR_FAILURE; return NS_ERROR_FAILURE;
} }
// ensure the CertBlocklist is initialised // ensure the CertBlocklist is initialised
nsCOMPtr<nsICertBlocklist> certList = do_GetService(NS_CERTBLOCKLIST_CONTRACTI D); nsCOMPtr<nsICertBlocklist> certList = do_GetService(NS_CERTBLOCKLIST_CONTRACTI D);
if (!certList) { if (!certList) {
 End of changes. 2 change blocks. 
0 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)