mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-10 18:00:15 +01:00
nsNSSComponent: adapted new NSS functions for newer TLS versions.
This commit is contained in:
parent
4b7c400df2
commit
14c631acd3
@ -949,6 +949,9 @@ static CipherPref CipherPrefs[] = {
|
||||
{"security.ssl3.dhe_dss_des_sha", SSL_DHE_DSS_WITH_DES_CBC_SHA}, // 56-bit DES encryption with DSA, DHE, and a SHA1 MAC
|
||||
{"security.ssl3.rsa_null_sha", SSL_RSA_WITH_NULL_SHA}, // No encryption with RSA authentication and a SHA1 MAC
|
||||
{"security.ssl3.rsa_null_md5", SSL_RSA_WITH_NULL_MD5}, // No encryption with RSA authentication and an MD5 MAC
|
||||
{"security.ssl3.rsa_seed_sha", TLS_RSA_WITH_SEED_CBC_SHA}, // SEED encryption with RSA and a SHA1 MAC
|
||||
{"security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, // 128-bit AES-GCM encryption with ECDHE-ECDSA
|
||||
{"security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, // 128-bit AES-GCM encryption with ECDHE-RSA
|
||||
{NULL, 0} /* end marker */
|
||||
};
|
||||
|
||||
@ -1527,6 +1530,10 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox)
|
||||
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
|
||||
SSLVersionRange supported;
|
||||
SSL_VersionRangeGetSupported(ssl_variant_stream, &supported);
|
||||
SSL_VersionRangeSetDefault(ssl_variant_stream, &supported);
|
||||
|
||||
// Disable any ciphers that NSS might have enabled by default
|
||||
for (PRUint16 i = 0; i < SSL_NumImplementedCiphers; ++i)
|
||||
{
|
||||
@ -2031,6 +2038,11 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
|
||||
} else if (prefName.Equals("security.enable_tls")) {
|
||||
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
|
||||
SSLVersionRange supported;
|
||||
SSL_VersionRangeGetSupported(ssl_variant_stream, &supported);
|
||||
SSL_VersionRangeSetDefault(ssl_variant_stream, &supported);
|
||||
|
||||
} else if (prefName.Equals("security.OCSP.enabled")) {
|
||||
setOCSPOptions(mPrefBranch);
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user