Remove the security.ssl3.ecdh_* preferences

RESOLVED FIXED in mozilla28

Status

()

Core
Security: PSM
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: briansmith, Assigned: Steffen Wilberg)

Tracking

unspecified
mozilla28
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [good first bug][mentor=briansmith])

Attachments

(1 attachment)

+++ This bug was initially created as a clone of Bug #917047 +++

In the patch for bug 942729, I added this comment:

    // XXX: This assumes that all TLS_DH_* and TLS_ECDH_* cipher suites
    // are disabled.

I was intending to remove the security.ssl3.ecdh_* preferences in order to ensure that that assumption is valid, but I forgot.

Basically, we need to remove these preferences from netwerk/base/public/security-prefs.js and the mention of them in security/manager/ssl/src/nsNSSComponent.cpp.

NOTE: Do not remove the security.ssl3.ecdhe_* preferences!
(Assignee)

Comment 1

4 years ago
Created attachment 8341970 [details] [diff] [review]
remove-ecdh.diff

What about http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSCallbacks.cpp#1098 ?
Assignee: nobody → steffen.wilberg
Attachment #8341970 - Flags: review?(brian)
Comment on attachment 8341970 [details] [diff] [review]
remove-ecdh.diff

Review of attachment 8341970 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks!
Attachment #8341970 - Flags: review?(brian) → review+
Keywords: checkin-needed
https://hg.mozilla.org/integration/mozilla-inbound/rev/c5e505d54ea6

Thanks for the patch.
Status: NEW → ASSIGNED
Keywords: checkin-needed
Target Milestone: --- → mozilla28
https://hg.mozilla.org/mozilla-central/rev/c5e505d54ea6
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.