diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-12-15 01:42:53 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-12-15 01:42:53 +0100 |
commit | 74cabf7948b2597f5b6a67d6910c844fd1a88ff6 (patch) | |
tree | db1f30ada487c3831ea8e4e98b2d39edc9e88eea /security/nss/lib/ssl/ssl3gthr.c | |
parent | 09ef48bd005a7f9e97a3fe797a079fcf2b5e58d3 (diff) | |
download | UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.gz UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.lz UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.xz UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.zip |
Update NSS to 3.41
Diffstat (limited to 'security/nss/lib/ssl/ssl3gthr.c')
-rw-r--r-- | security/nss/lib/ssl/ssl3gthr.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c index 5ea7cc249..64a1878f7 100644 --- a/security/nss/lib/ssl/ssl3gthr.c +++ b/security/nss/lib/ssl/ssl3gthr.c @@ -60,8 +60,8 @@ ssl3_isLikelyV3Hello(const unsigned char *buf) } /* Check for a typical V3 record header. */ - return (PRBool)(buf[0] >= content_change_cipher_spec && - buf[0] <= content_application_data && + return (PRBool)(buf[0] >= ssl_ct_change_cipher_spec && + buf[0] <= ssl_ct_application_data && buf[1] == MSB(SSL_LIBRARY_VERSION_3_0)); } @@ -314,7 +314,7 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags) contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset]; if (dtls_IsLongHeader(ss->version, contentType)) { headerLen = 13; - } else if (contentType == content_application_data) { + } else if (contentType == ssl_ct_application_data) { headerLen = 7; } else if ((contentType & 0xe0) == 0x20) { headerLen = 2; @@ -463,15 +463,15 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) SSL_DBG(("%d: SSL3[%d]: resuming handshake", SSL_GETPID(), ss->fd)); PORT_Assert(!IS_DTLS(ss)); - rv = ssl3_HandleNonApplicationData(ss, content_handshake, + rv = ssl3_HandleNonApplicationData(ss, ssl_ct_handshake, 0, 0, &ss->gs.buf); } else { /* State for SSLv2 client hello support. */ ssl2Gather ssl2gs = { PR_FALSE, 0 }; ssl2Gather *ssl2gs_ptr = NULL; - /* If we're a server and waiting for a client hello, accept v2. */ - if (ss->sec.isServer && ss->ssl3.hs.ws == wait_client_hello) { + if (ss->sec.isServer && ss->opt.enableV2CompatibleHello && + ss->ssl3.hs.ws == wait_client_hello) { ssl2gs_ptr = &ssl2gs; } @@ -484,8 +484,8 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) } if (!IS_DTLS(ss)) { - /* If we're a server waiting for a ClientHello then pass - * ssl2gs to support SSLv2 ClientHello messages. */ + /* Passing a non-NULL ssl2gs here enables detection of + * SSLv2-compatible ClientHello messages. */ rv = ssl3_GatherData(ss, &ss->gs, flags, ssl2gs_ptr); } else { rv = dtls_GatherData(ss, &ss->gs, flags); |