Closed Bug 1246928 Opened 5 years ago Closed 5 years ago

Add NSS_DISABLE_CHACHAPOLY to allow compiling without ChaCha20/Poly1305

Categories

(NSS :: Libraries, defect)

defect
Not set
normal

Tracking

(firefox47 affected)

RESOLVED FIXED
Tracking Status
firefox47 --- affected

People

(Reporter: ttaubert, Assigned: ttaubert)

References

Details

Oracle wants a compile-time flag to exclude ChaCha/Poly from an NSS build.
The specific issue is US companies that provide patches for current product releases. New ciphers require a new export approval and such approvals usually align with new feature releases. Thus adding a cipher removes the ability to provide NSS updates in a patch. I believe this would impact US companies exporting a product that bundles or packages NSS.
Patch at: https://codereview.appspot.com/286270043

ssl_gtests succeed, excluding the ChaCha-specific ones.
Flags: needinfo?(martin.thomson)
https://hg.mozilla.org/projects/nss/rev/7839f8a92034
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Flags: needinfo?(martin.thomson)
Resolution: --- → FIXED
Target Milestone: --- → 3.23
You need to log in before you can comment on or make changes to this bug.