mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-23 02:05:42 +00:00
Bug 1422156 - Update tlsFlags to change 0x40 to be compat mode rather than 7e02 handshake. r=keeler
Reviewers: keeler Reviewed By: keeler Subscribers: mcmanus Bug #: 1422156 Differential Revision: https://phabricator.services.mozilla.com/D306
This commit is contained in:
parent
770892c224
commit
477ac066b5
@ -75,7 +75,7 @@ namespace {
|
||||
// 0 means no override 1->4 are 1.0, 1.1, 1.2, 1.3, 4->7 unused
|
||||
// bits 3-5 (mask 0x38) specify the tls fallback limit
|
||||
// 0 means no override, values 1->4 match prefs
|
||||
// bit 6 (mask 0x40) specifies use of SSL_AltHandshakeType on handshake
|
||||
// bit 6 (mask 0x40) specifies use of TLS 1.3 compatibility mode (draft-22)
|
||||
|
||||
enum {
|
||||
kTLSProviderFlagMaxVersion10 = 0x01,
|
||||
@ -94,7 +94,7 @@ static uint32_t getTLSProviderFlagFallbackLimit(uint32_t flags)
|
||||
return (flags & 0x38) >> 3;
|
||||
}
|
||||
|
||||
static bool getTLSProviderFlagAltHandshake(uint32_t flags)
|
||||
static bool getTLSProviderFlagCompatMode(uint32_t flags)
|
||||
{
|
||||
return (flags & 0x40);
|
||||
}
|
||||
@ -2602,12 +2602,12 @@ nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
|
||||
}
|
||||
|
||||
// enabling alternative handshake
|
||||
if (getTLSProviderFlagAltHandshake(infoObject->GetProviderTlsFlags())) {
|
||||
if (getTLSProviderFlagCompatMode(infoObject->GetProviderTlsFlags())) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
|
||||
("[%p] nsSSLIOLayerSetOptions: Use AltHandshake\n", fd));
|
||||
if (SECSuccess != SSL_UseAltServerHelloType(fd, PR_TRUE)) {
|
||||
("[%p] nsSSLIOLayerSetOptions: Use Compatible Handshake\n", fd));
|
||||
if (SECSuccess != SSL_OptionSet(fd, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE)) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Error,
|
||||
("[%p] nsSSLIOLayerSetOptions: Use AltHandshake failed\n", fd));
|
||||
("[%p] nsSSLIOLayerSetOptions: Setting compat mode failed\n", fd));
|
||||
// continue on default path
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user