summaryrefslogtreecommitdiffstats
path: root/security/nss/cmd/selfserv/selfserv.c
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-28 07:38:20 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-28 07:38:20 +0200
commit6b2bba06b433fb75979ab6daf7bbe8bc76c53875 (patch)
tree75803b4683889e6e0d2a3faef30415db3ff7b3ba /security/nss/cmd/selfserv/selfserv.c
parent72def35cd0cf3649b6d7ab72b66117df3e1c33fc (diff)
parentc75dae3ed21bfa5a8ae46cd83d18329af5bea05a (diff)
downloadUXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar
UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.gz
UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.lz
UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.xz
UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.zip
Merge branch 'master' of https://github.com/MoonchildProductions/UXP into pm_url_1
Diffstat (limited to 'security/nss/cmd/selfserv/selfserv.c')
-rw-r--r--security/nss/cmd/selfserv/selfserv.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
index fac428e10..65b1ee304 100644
--- a/security/nss/cmd/selfserv/selfserv.c
+++ b/security/nss/cmd/selfserv/selfserv.c
@@ -38,7 +38,6 @@
#include "nss.h"
#include "ssl.h"
#include "sslproto.h"
-#include "sslexp.h"
#include "cert.h"
#include "certt.h"
#include "ocsp.h"
@@ -166,7 +165,9 @@ PrintUsageHeader(const char *progName)
" [-V [min-version]:[max-version]] [-a sni_name]\n"
" [ T <good|revoked|unknown|badsig|corrupted|none|ocsp>] [-A ca]\n"
" [-C SSLCacheEntries] [-S dsa_nickname] -Q [-I groups]"
+#ifndef NSS_DISABLE_ECC
" [-e ec_nickname]"
+#endif /* NSS_DISABLE_ECC */
"\n"
" -U [0|1] -H [0|1|2] -W [0|1]\n"
"\n",
@@ -1954,10 +1955,6 @@ server_main(
if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) {
errExit("You tried enabling 0RTT without enabling TLS 1.3!");
}
- rv = SSL_SetupAntiReplay(10 * PR_USEC_PER_SEC, 7, 14);
- if (rv != SECSuccess) {
- errExit("error configuring anti-replay ");
- }
rv = SSL_OptionSet(model_sock, SSL_ENABLE_0RTT_DATA, PR_TRUE);
if (rv != SECSuccess) {
errExit("error enabling 0RTT ");
@@ -2346,6 +2343,7 @@ main(int argc, char **argv)
dir = optstate->value;
break;
+#ifndef NSS_DISABLE_ECC
case 'e':
if (certNicknameIndex >= MAX_CERT_NICKNAME_ARRAY_INDEX) {
Usage(progName);
@@ -2353,6 +2351,7 @@ main(int argc, char **argv)
}
certNicknameArray[certNicknameIndex++] = PORT_Strdup(optstate->value);
break;
+#endif /* NSS_DISABLE_ECC */
case 'f':
pwdata.source = PW_FROMFILE;
@@ -2554,14 +2553,6 @@ main(int argc, char **argv)
tmp = PR_GetEnvSecure("TMPDIR");
if (!tmp)
tmp = PR_GetEnvSecure("TEMP");
-
- /* Call the NSS initialization routines */
- rv = NSS_Initialize(dir, certPrefix, certPrefix, SECMOD_DB, NSS_INIT_READONLY);
- if (rv != SECSuccess) {
- fputs("NSS_Init failed.\n", stderr);
- exit(8);
- }
-
if (envString) {
/* we're one of the children in a multi-process server. */
listen_sock = PR_GetInheritedFD(inheritableSockName);
@@ -2616,6 +2607,13 @@ main(int argc, char **argv)
/* set our password function */
PK11_SetPasswordFunc(SECU_GetModulePassword);
+ /* Call the NSS initialization routines */
+ rv = NSS_Initialize(dir, certPrefix, certPrefix, SECMOD_DB, NSS_INIT_READONLY);
+ if (rv != SECSuccess) {
+ fputs("NSS_Init failed.\n", stderr);
+ exit(8);
+ }
+
/* all SSL3 cipher suites are enabled by default. */
if (cipherString) {
char *cstringSaved = cipherString;
@@ -2683,7 +2681,9 @@ main(int argc, char **argv)
certNicknameArray[i]);
exit(11);
}
+#ifdef NSS_DISABLE_ECC
if (privKey[i]->keyType != ecKey)
+#endif
setupCertStatus(certStatusArena, ocspStaplingMode, cert[i], i, &pwdata);
}