Closed
Bug 404034
Opened 17 years ago
Closed 16 years ago
Enable TLS session ticket extension by default
Categories
(Core :: Security: PSM, enhancement)
Core
Security: PSM
Tracking
()
RESOLVED
DUPLICATE
of bug 415033
People
(Reporter: ngm+mozilla, Assigned: KaiE)
References
Details
Attachments
(1 file)
1.29 KB,
patch
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.4) Gecko/20070509 Camino/1.5 Build Identifier: Bug 403563 includes a patch that implements the TLS session ticket extension as described in RFC4507bis. The session ticket extension is disabled in NSS by default -- this patch enables the extension for use in Firefox. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Reporter | ||
Comment 1•17 years ago
|
||
Patch below: --- nsNSSIOLayer.cpp.orig 2007-11-16 06:57:22.069939000 -0800 +++ nsNSSIOLayer.cpp 2007-11-16 07:17:19.266278000 -0800 @@ -2893,6 +2893,13 @@ return NS_ERROR_FAILURE; } + // Enable the session ticket extension. TLS servers that do not + // recognize the extension will simply ignore it. + if(SECSuccess != SSL_OptionSet(fd, SSL_ENABLE_SESSION_TICKET_EXTENSION, + PR_TRUE)) { + return NS_ERROR_FAILURE; + } + PR_smprintf_free(peerId); return NS_OK; }
Depends on: tlsste
Updated•17 years ago
|
Assignee: nobody → kengert
Status: UNCONFIRMED → NEW
Component: Security → Security: PSM
Ever confirmed: true
Product: Firefox → Core
QA Contact: firefox → psm
Comment 2•17 years ago
|
||
This patch is based on the patch Nagendra pasted in comment 1. I fixed a minor formatting issue and moved the code up a few lines to be next to the other SSL_OptionSet calls.
Reporter | ||
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•