| Index: net/third_party/nss/ssl/sslenum.c
|
| diff --git a/net/third_party/nss/ssl/sslenum.c b/net/third_party/nss/ssl/sslenum.c
|
| index b4a8844470b1e8cc3c67e6e9acff23ce856f6b75..d362b74ee0420fd4a38e64d5a6c23ce875ed6c97 100644
|
| --- a/net/third_party/nss/ssl/sslenum.c
|
| +++ b/net/third_party/nss/ssl/sslenum.c
|
| @@ -37,23 +37,21 @@
|
| *
|
| * Exception: Because some servers ignore the high-order byte of the cipher
|
| * suite ID, we must be careful about adding cipher suites with IDs larger
|
| - * than 0x00ff; see bug 946147. For these broken servers, the first six cipher
|
| + * than 0x00ff; see bug 946147. For these broken servers, the first four cipher
|
| * suites, with the MSB zeroed, look like:
|
| - * TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x14 }
|
| - * TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA { 0x00,0x13 }
|
| * TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B }
|
| * TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F }
|
| * TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
|
| * TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }
|
| - * The broken server only supports the fifth and sixth ones and will select
|
| - * the fifth one.
|
| + * The broken server only supports the third and fourth ones and will select
|
| + * the third one.
|
| */
|
| const PRUint16 SSL_ImplementedCiphers[] = {
|
| #ifndef NSS_DISABLE_ECC
|
| - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
|
| - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
|
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
| + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
| + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
| /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
|
| * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
|
| */
|
| @@ -70,6 +68,7 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
| #endif /* NSS_DISABLE_ECC */
|
|
|
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
| + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
|
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
|
| @@ -125,7 +124,7 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
| TLS_RSA_EXPORT_WITH_RC4_40_MD5,
|
| TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
|
|
|
| - /* ciphersuites with no encryption */
|
| +/* ciphersuites with no encryption */
|
| #ifndef NSS_DISABLE_ECC
|
| TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
| TLS_ECDHE_RSA_WITH_NULL_SHA,
|
| @@ -139,7 +138,7 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
| /* SSL2 cipher suites. */
|
| SSL_EN_RC4_128_WITH_MD5,
|
| SSL_EN_RC2_128_CBC_WITH_MD5,
|
| - SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
|
| + SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
|
| SSL_EN_DES_64_CBC_WITH_MD5,
|
| SSL_EN_RC4_128_EXPORT40_WITH_MD5,
|
| SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
|
| @@ -148,10 +147,10 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
|
|
| };
|
|
|
| -const PRUint16 SSL_NumImplementedCiphers =
|
| +const PRUint16 SSL_NumImplementedCiphers =
|
| (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
|
|
|
| -const PRUint16 *
|
| +const PRUint16*
|
| SSL_GetImplementedCiphers(void)
|
| {
|
| return SSL_ImplementedCiphers;
|
|
|
Chromium Code Reviews
Issue 1844813002:
Uprev NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master