summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/ssl/ssl3gthr.c
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-12-15 01:42:53 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-12-15 01:42:53 +0100
commit74cabf7948b2597f5b6a67d6910c844fd1a88ff6 (patch)
treedb1f30ada487c3831ea8e4e98b2d39edc9e88eea /security/nss/lib/ssl/ssl3gthr.c
parent09ef48bd005a7f9e97a3fe797a079fcf2b5e58d3 (diff)
downloadUXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.gz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.lz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.xz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.zip
Update NSS to 3.41
Diffstat (limited to 'security/nss/lib/ssl/ssl3gthr.c')
-rw-r--r--security/nss/lib/ssl/ssl3gthr.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
index 5ea7cc249..64a1878f7 100644
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ b/security/nss/lib/ssl/ssl3gthr.c
@@ -60,8 +60,8 @@ ssl3_isLikelyV3Hello(const unsigned char *buf)
}
/* Check for a typical V3 record header. */
- return (PRBool)(buf[0] >= content_change_cipher_spec &&
- buf[0] <= content_application_data &&
+ return (PRBool)(buf[0] >= ssl_ct_change_cipher_spec &&
+ buf[0] <= ssl_ct_application_data &&
buf[1] == MSB(SSL_LIBRARY_VERSION_3_0));
}
@@ -314,7 +314,7 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset];
if (dtls_IsLongHeader(ss->version, contentType)) {
headerLen = 13;
- } else if (contentType == content_application_data) {
+ } else if (contentType == ssl_ct_application_data) {
headerLen = 7;
} else if ((contentType & 0xe0) == 0x20) {
headerLen = 2;
@@ -463,15 +463,15 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
SSL_DBG(("%d: SSL3[%d]: resuming handshake",
SSL_GETPID(), ss->fd));
PORT_Assert(!IS_DTLS(ss));
- rv = ssl3_HandleNonApplicationData(ss, content_handshake,
+ rv = ssl3_HandleNonApplicationData(ss, ssl_ct_handshake,
0, 0, &ss->gs.buf);
} else {
/* State for SSLv2 client hello support. */
ssl2Gather ssl2gs = { PR_FALSE, 0 };
ssl2Gather *ssl2gs_ptr = NULL;
- /* If we're a server and waiting for a client hello, accept v2. */
- if (ss->sec.isServer && ss->ssl3.hs.ws == wait_client_hello) {
+ if (ss->sec.isServer && ss->opt.enableV2CompatibleHello &&
+ ss->ssl3.hs.ws == wait_client_hello) {
ssl2gs_ptr = &ssl2gs;
}
@@ -484,8 +484,8 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
}
if (!IS_DTLS(ss)) {
- /* If we're a server waiting for a ClientHello then pass
- * ssl2gs to support SSLv2 ClientHello messages. */
+ /* Passing a non-NULL ssl2gs here enables detection of
+ * SSLv2-compatible ClientHello messages. */
rv = ssl3_GatherData(ss, &ss->gs, flags, ssl2gs_ptr);
} else {
rv = dtls_GatherData(ss, &ss->gs, flags);