Add NSS_DISABLE_CHACHAPOLY to allow compiling without ChaCha20/Poly1305

RESOLVED FIXED in 3.23

Status

RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: ttaubert, Assigned: ttaubert)

Tracking

Firefox Tracking Flags

(firefox47 affected)

Details

(Assignee)

Description

3 years ago
Oracle wants a compile-time flag to exclude ChaCha/Poly from an NSS build.

Comment 1

3 years ago
The specific issue is US companies that provide patches for current product releases. New ciphers require a new export approval and such approvals usually align with new feature releases. Thus adding a cipher removes the ability to provide NSS updates in a patch. I believe this would impact US companies exporting a product that bundles or packages NSS.
(Assignee)

Comment 2

3 years ago
Patch at: https://codereview.appspot.com/286270043

ssl_gtests succeed, excluding the ChaCha-specific ones.
Flags: needinfo?(martin.thomson)
(Assignee)

Comment 3

3 years ago
https://hg.mozilla.org/projects/nss/rev/7839f8a92034
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
Flags: needinfo?(martin.thomson)
Resolution: --- → FIXED
(Assignee)

Updated

3 years ago
Target Milestone: --- → 3.23
You need to log in before you can comment on or make changes to this bug.