Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1285)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: patches.chromium/0005-reduce_client_hello_size.patch

Issue 2072073002: Delete bundled copy of OpenSSL and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/openssl@master
Patch Set: Delete bundled copy of OpenSSL and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « patches.chromium/0004-x86_64_source_excludes.patch ('k') | patches.chromium/0006-lhashfix.patch » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: patches.chromium/0005-reduce_client_hello_size.patch
diff --git a/patches.chromium/0005-reduce_client_hello_size.patch b/patches.chromium/0005-reduce_client_hello_size.patch
deleted file mode 100644
index 1bac5cc7a3afb605d3901e3ba5f41531aa965d0f..0000000000000000000000000000000000000000
--- a/patches.chromium/0005-reduce_client_hello_size.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-diff -burN android-openssl.orig/openssl.config android-openssl/openssl.config
---- android-openssl.orig/openssl.config 2013-06-21 14:24:36.298545589 -0700
-+++ android-openssl/openssl.config 2013-06-21 14:30:36.253997113 -0700
-@@ -995,6 +995,7 @@
- eng_dyn_dirs.patch \
- fix_clang_build.patch \
- x509_hash_name_algorithm_change.patch \
-+reduce_client_hello_size.patch \
- "
-
- OPENSSL_PATCHES_progs_SOURCES="\
-@@ -1054,3 +1055,7 @@
- OPENSSL_PATCHES_x509_hash_name_algorithm_change_SOURCES="\
- crypto/x509/by_dir.c \
- "
-+
-+OPENSSL_PATCHES_reduce_client_hello_size_SOURCES="\
-+ssl/t1_lib.c \
-+"
-diff -burN android-openssl.orig/patches/reduce_client_hello_size.patch android-openssl/patches/reduce_client_hello_size.patch
---- android-openssl.orig/patches/reduce_client_hello_size.patch 1969-12-31 16:00:00.000000000 -0800
-+++ android-openssl/patches/reduce_client_hello_size.patch 2013-06-21 14:35:14.508212895 -0700
-@@ -0,0 +1,64 @@
-+diff -burN android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c
-+--- android-openssl.orig/ssl/t1_lib.c 2013-06-21 14:24:45.338681810 -0700
-++++ android-openssl/ssl/t1_lib.c 2013-06-21 14:34:07.977205221 -0700
-+@@ -202,33 +202,14 @@
-+ NID_secp521r1 /* secp521r1 (25) */
-+ };
-+
-++/* We support only the elliptic curves that are also supported by NSS
-++ * to improve compatibility with sites that don't accept large ClientHellos.
-++ */
-+ static int pref_list[] =
-+ {
-+- NID_sect571r1, /* sect571r1 (14) */
-+- NID_sect571k1, /* sect571k1 (13) */
-+ NID_secp521r1, /* secp521r1 (25) */
-+- NID_sect409k1, /* sect409k1 (11) */
-+- NID_sect409r1, /* sect409r1 (12) */
-+ NID_secp384r1, /* secp384r1 (24) */
-+- NID_sect283k1, /* sect283k1 (9) */
-+- NID_sect283r1, /* sect283r1 (10) */
-+- NID_secp256k1, /* secp256k1 (22) */
-+ NID_X9_62_prime256v1, /* secp256r1 (23) */
-+- NID_sect239k1, /* sect239k1 (8) */
-+- NID_sect233k1, /* sect233k1 (6) */
-+- NID_sect233r1, /* sect233r1 (7) */
-+- NID_secp224k1, /* secp224k1 (20) */
-+- NID_secp224r1, /* secp224r1 (21) */
-+- NID_sect193r1, /* sect193r1 (4) */
-+- NID_sect193r2, /* sect193r2 (5) */
-+- NID_secp192k1, /* secp192k1 (18) */
-+- NID_X9_62_prime192v1, /* secp192r1 (19) */
-+- NID_sect163k1, /* sect163k1 (1) */
-+- NID_sect163r1, /* sect163r1 (2) */
-+- NID_sect163r2, /* sect163r2 (3) */
-+- NID_secp160k1, /* secp160k1 (15) */
-+- NID_secp160r1, /* secp160r1 (16) */
-+- NID_secp160r2, /* secp160r2 (17) */
-+ };
-+
-+ int tls1_ec_curve_id2nid(int curve_id)
-+@@ -1703,17 +1684,18 @@
-+ if (using_ecc)
-+ {
-+ if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist);
-+- if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL)
-++ /* To save an additional 2 bytes in the ClientHello, we only advertise support
-++ * for the only EC Point Format that NSS supports (instead of all 3).
-++ */
-++ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL)
-+ {
-+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
-+ return -1;
-+ }
-+- s->tlsext_ecpointformatlist_length = 3;
-++ s->tlsext_ecpointformatlist_length = 1;
-+ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
-+- s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
-+- s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
-+
-+- /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
-++ /* we only advertise support for elliptic curves in NSA Suite B */
-+ if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist);
-+ s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2;
-+ if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
« no previous file with comments | « patches.chromium/0004-x86_64_source_excludes.patch ('k') | patches.chromium/0006-lhashfix.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698