Index: net/third_party/nss/ssl/sslenum.c |
diff --git a/net/third_party/nss/ssl/sslenum.c b/net/third_party/nss/ssl/sslenum.c |
index b4a8844470b1e8cc3c67e6e9acff23ce856f6b75..d362b74ee0420fd4a38e64d5a6c23ce875ed6c97 100644 |
--- a/net/third_party/nss/ssl/sslenum.c |
+++ b/net/third_party/nss/ssl/sslenum.c |
@@ -37,23 +37,21 @@ |
* |
* Exception: Because some servers ignore the high-order byte of the cipher |
* suite ID, we must be careful about adding cipher suites with IDs larger |
- * than 0x00ff; see bug 946147. For these broken servers, the first six cipher |
+ * than 0x00ff; see bug 946147. For these broken servers, the first four cipher |
* suites, with the MSB zeroed, look like: |
- * TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x14 } |
- * TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA { 0x00,0x13 } |
* TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B } |
* TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F } |
* TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A } |
* TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 } |
- * The broken server only supports the fifth and sixth ones and will select |
- * the fifth one. |
+ * The broken server only supports the third and fourth ones and will select |
+ * the third one. |
*/ |
const PRUint16 SSL_ImplementedCiphers[] = { |
#ifndef NSS_DISABLE_ECC |
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, |
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, |
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before |
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147. |
*/ |
@@ -70,6 +68,7 @@ const PRUint16 SSL_ImplementedCiphers[] = { |
#endif /* NSS_DISABLE_ECC */ |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, |
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, |
@@ -125,7 +124,7 @@ const PRUint16 SSL_ImplementedCiphers[] = { |
TLS_RSA_EXPORT_WITH_RC4_40_MD5, |
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, |
- /* ciphersuites with no encryption */ |
+/* ciphersuites with no encryption */ |
#ifndef NSS_DISABLE_ECC |
TLS_ECDHE_ECDSA_WITH_NULL_SHA, |
TLS_ECDHE_RSA_WITH_NULL_SHA, |
@@ -139,7 +138,7 @@ const PRUint16 SSL_ImplementedCiphers[] = { |
/* SSL2 cipher suites. */ |
SSL_EN_RC4_128_WITH_MD5, |
SSL_EN_RC2_128_CBC_WITH_MD5, |
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */ |
+ SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */ |
SSL_EN_DES_64_CBC_WITH_MD5, |
SSL_EN_RC4_128_EXPORT40_WITH_MD5, |
SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, |
@@ -148,10 +147,10 @@ const PRUint16 SSL_ImplementedCiphers[] = { |
}; |
-const PRUint16 SSL_NumImplementedCiphers = |
+const PRUint16 SSL_NumImplementedCiphers = |
(sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1; |
-const PRUint16 * |
+const PRUint16* |
SSL_GetImplementedCiphers(void) |
{ |
return SSL_ImplementedCiphers; |