diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-28 07:38:20 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-28 07:38:20 +0200 |
commit | 6b2bba06b433fb75979ab6daf7bbe8bc76c53875 (patch) | |
tree | 75803b4683889e6e0d2a3faef30415db3ff7b3ba /security/nss/cmd/selfserv/selfserv.c | |
parent | 72def35cd0cf3649b6d7ab72b66117df3e1c33fc (diff) | |
parent | c75dae3ed21bfa5a8ae46cd83d18329af5bea05a (diff) | |
download | UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.gz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.lz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.xz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.zip |
Merge branch 'master' of https://github.com/MoonchildProductions/UXP into pm_url_1
Diffstat (limited to 'security/nss/cmd/selfserv/selfserv.c')
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index fac428e10..65b1ee304 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -38,7 +38,6 @@ #include "nss.h" #include "ssl.h" #include "sslproto.h" -#include "sslexp.h" #include "cert.h" #include "certt.h" #include "ocsp.h" @@ -166,7 +165,9 @@ PrintUsageHeader(const char *progName) " [-V [min-version]:[max-version]] [-a sni_name]\n" " [ T <good|revoked|unknown|badsig|corrupted|none|ocsp>] [-A ca]\n" " [-C SSLCacheEntries] [-S dsa_nickname] -Q [-I groups]" +#ifndef NSS_DISABLE_ECC " [-e ec_nickname]" +#endif /* NSS_DISABLE_ECC */ "\n" " -U [0|1] -H [0|1|2] -W [0|1]\n" "\n", @@ -1954,10 +1955,6 @@ server_main( if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) { errExit("You tried enabling 0RTT without enabling TLS 1.3!"); } - rv = SSL_SetupAntiReplay(10 * PR_USEC_PER_SEC, 7, 14); - if (rv != SECSuccess) { - errExit("error configuring anti-replay "); - } rv = SSL_OptionSet(model_sock, SSL_ENABLE_0RTT_DATA, PR_TRUE); if (rv != SECSuccess) { errExit("error enabling 0RTT "); @@ -2346,6 +2343,7 @@ main(int argc, char **argv) dir = optstate->value; break; +#ifndef NSS_DISABLE_ECC case 'e': if (certNicknameIndex >= MAX_CERT_NICKNAME_ARRAY_INDEX) { Usage(progName); @@ -2353,6 +2351,7 @@ main(int argc, char **argv) } certNicknameArray[certNicknameIndex++] = PORT_Strdup(optstate->value); break; +#endif /* NSS_DISABLE_ECC */ case 'f': pwdata.source = PW_FROMFILE; @@ -2554,14 +2553,6 @@ main(int argc, char **argv) tmp = PR_GetEnvSecure("TMPDIR"); if (!tmp) tmp = PR_GetEnvSecure("TEMP"); - - /* Call the NSS initialization routines */ - rv = NSS_Initialize(dir, certPrefix, certPrefix, SECMOD_DB, NSS_INIT_READONLY); - if (rv != SECSuccess) { - fputs("NSS_Init failed.\n", stderr); - exit(8); - } - if (envString) { /* we're one of the children in a multi-process server. */ listen_sock = PR_GetInheritedFD(inheritableSockName); @@ -2616,6 +2607,13 @@ main(int argc, char **argv) /* set our password function */ PK11_SetPasswordFunc(SECU_GetModulePassword); + /* Call the NSS initialization routines */ + rv = NSS_Initialize(dir, certPrefix, certPrefix, SECMOD_DB, NSS_INIT_READONLY); + if (rv != SECSuccess) { + fputs("NSS_Init failed.\n", stderr); + exit(8); + } + /* all SSL3 cipher suites are enabled by default. */ if (cipherString) { char *cstringSaved = cipherString; @@ -2683,7 +2681,9 @@ main(int argc, char **argv) certNicknameArray[i]); exit(11); } +#ifdef NSS_DISABLE_ECC if (privKey[i]->keyType != ecKey) +#endif setupCertStatus(certStatusArena, ocspStaplingMode, cert[i], i, &pwdata); } |