| Index: net/third_party/nss/ssl/ssl.h
|
| ===================================================================
|
| --- net/third_party/nss/ssl/ssl.h (revision 55938)
|
| +++ net/third_party/nss/ssl/ssl.h (working copy)
|
| @@ -36,7 +36,7 @@
|
| * the terms of any one of the MPL, the GPL or the LGPL.
|
| *
|
| * ***** END LICENSE BLOCK ***** */
|
| -/* $Id: ssl.h,v 1.36 2010/02/10 18:07:21 wtc%google.com Exp $ */
|
| +/* $Id: ssl.h,v 1.38 2010/02/17 02:29:07 wtc%google.com Exp $ */
|
|
|
| #ifndef __ssl_h_
|
| #define __ssl_h_
|
| @@ -123,7 +123,7 @@
|
| #define SSL_ENABLE_DEFLATE 19 /* Enable TLS compression with */
|
| /* DEFLATE (off by default) */
|
| #define SSL_ENABLE_RENEGOTIATION 20 /* Values below (default: never) */
|
| -#define SSL_REQUIRE_SAFE_NEGOTIATION 21 /* Peer must send Signalling */
|
| +#define SSL_REQUIRE_SAFE_NEGOTIATION 21 /* Peer must send Signaling */
|
| /* Cipher Suite Value (SCSV) or */
|
| /* Renegotiation Info (RI) */
|
| /* extension in ALL handshakes. */
|
| @@ -207,9 +207,11 @@
|
| /* Only renegotiate if the peer's hello bears the TLS renegotiation_info */
|
| /* extension. This is safe renegotiation. */
|
| #define SSL_RENEGOTIATE_REQUIRES_XTN ((PRBool)2)
|
| -/* Disallow all renegotiation in server sockets only, but allow clients */
|
| +/* Disallow unsafe renegotiation in server sockets only, but allow clients */
|
| /* to continue to renegotiate with vulnerable servers. */
|
| -#define SSL_RENEGOTIATE_CLIENT_ONLY ((PRBool)3)
|
| +/* This value should only be used during the transition period when few */
|
| +/* servers have been upgraded. */
|
| +#define SSL_RENEGOTIATE_TRANSITIONAL ((PRBool)3)
|
|
|
| /*
|
| ** Reset the handshake state for fd. This will make the complete SSL
|
|
|