Closed
Bug 404034
Opened 17 years ago
Closed 16 years ago
Enable TLS session ticket extension by default
Categories
(Core :: Security: PSM, enhancement)
Core
Security: PSM
Tracking
()
RESOLVED
DUPLICATE
of bug 415033
People
(Reporter: ngm+mozilla, Assigned: KaiE)
References
Details
Attachments
(1 file)
|
1.29 KB,
patch
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.4) Gecko/20070509 Camino/1.5 Build Identifier: Bug 403563 includes a patch that implements the TLS session ticket extension as described in RFC4507bis. The session ticket extension is disabled in NSS by default -- this patch enables the extension for use in Firefox. Reproducible: Always Steps to Reproduce: 1. 2. 3.
|
Reporter | |
Comment 1•17 years ago
|
||
Patch below:
--- nsNSSIOLayer.cpp.orig 2007-11-16 06:57:22.069939000 -0800
+++ nsNSSIOLayer.cpp 2007-11-16 07:17:19.266278000 -0800
@@ -2893,6 +2893,13 @@
return NS_ERROR_FAILURE;
}
+ // Enable the session ticket extension. TLS servers that do not
+ // recognize the extension will simply ignore it.
+ if(SECSuccess != SSL_OptionSet(fd, SSL_ENABLE_SESSION_TICKET_EXTENSION,
+ PR_TRUE)) {
+ return NS_ERROR_FAILURE;
+ }
+
PR_smprintf_free(peerId);
return NS_OK;
}Depends on: tlsste
|
||
Updated•17 years ago
|
Assignee: nobody → kengert
Status: UNCONFIRMED → NEW
Component: Security → Security: PSM
Ever confirmed: true
Product: Firefox → Core
QA Contact: firefox → psm
|
|
||
Comment 2•17 years ago
|
||
This patch is based on the patch Nagendra pasted in comment 1. I fixed a minor formatting issue and moved the code up a few lines to be next to the other SSL_OptionSet calls.
|
|
Reporter | |
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•