From owner-freebsd-gecko@FreeBSD.ORG Wed Oct 15 02:24:47 2014 Return-Path: Delivered-To: freebsd-gecko@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CE304FF3 for ; Wed, 15 Oct 2014 02:24:47 +0000 (UTC) Received: from trillian.chruetertee.ch (trillian.chruetertee.ch [217.150.244.247]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2E636A44 for ; Wed, 15 Oct 2014 02:24:46 +0000 (UTC) Received: from trillian.chruetertee.ch (trillian [217.150.244.247]) by trillian.chruetertee.ch (8.14.4/8.14.3) with ESMTP id s9F2Ojji095202 for ; Wed, 15 Oct 2014 02:24:45 GMT (envelope-from svn-freebsd-gecko@chruetertee.ch) Received: (from www@localhost) by trillian.chruetertee.ch (8.14.4/8.14.3/Submit) id s9F2OemT092255 for freebsd-gecko@freebsd.org; Wed, 15 Oct 2014 02:24:40 GMT (envelope-from svn-freebsd-gecko@chruetertee.ch) Date: Wed, 15 Oct 2014 02:24:40 GMT Message-Id: <201410150224.s9F2OemT092255@trillian.chruetertee.ch> X-Authentication-Warning: trillian.chruetertee.ch: www set sender to svn-freebsd-gecko@chruetertee.ch using -f From: svn-freebsd-gecko@chruetertee.ch To: freebsd-gecko@freebsd.org Subject: [SVN-Commit] r1731 - branches/firefox33/mail/thunderbird/files branches/firefox33/www/firefox-esr/files branches/firefox33/www/firefox-nightly/files branches/firefox33/www/firefox/files branches/firefox33/www/libxul/files branches/firefox33/www/seamonkey/files trunk/mail/thunderbird/files trunk/www/firefox-esr/files trunk/www/firefox-nightly/files trunk/www/firefox/files trunk/www/libxul/files trunk/www/seamonkey/files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reply-To: freebsd-gecko@freebsd.org X-BeenThere: freebsd-gecko@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Gecko Rendering Engine issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Oct 2014 02:24:48 -0000 Author: jbeich Date: Wed Oct 15 02:24:39 2014 New Revision: 1731 Log: apply poodle fix to avoid waiting for release channels Reported by: des Added: branches/firefox33/mail/thunderbird/files/patch-bug1076983 branches/firefox33/www/firefox-esr/files/patch-bug1076983 branches/firefox33/www/firefox-nightly/files/patch-bug1076983 branches/firefox33/www/firefox/files/patch-bug1076983 branches/firefox33/www/libxul/files/patch-bug1076983 branches/firefox33/www/seamonkey/files/patch-bug1076983 trunk/mail/thunderbird/files/patch-bug1076983 trunk/www/firefox-esr/files/patch-bug1076983 trunk/www/firefox-nightly/files/patch-bug1076983 trunk/www/firefox/files/patch-bug1076983 trunk/www/libxul/files/patch-bug1076983 trunk/www/seamonkey/files/patch-bug1076983 Added: branches/firefox33/mail/thunderbird/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/mail/thunderbird/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- mozilla/netwerk/base/public/security-prefs.js ++++ mozilla/netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- mozilla/security/manager/ssl/src/nsNSSComponent.cpp ++++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: branches/firefox33/www/firefox-esr/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/www/firefox-esr/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: branches/firefox33/www/firefox-nightly/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/www/firefox-nightly/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: branches/firefox33/www/firefox/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/www/firefox/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: branches/firefox33/www/libxul/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/www/libxul/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: branches/firefox33/www/seamonkey/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/firefox33/www/seamonkey/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- mozilla/netwerk/base/public/security-prefs.js ++++ mozilla/netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- mozilla/security/manager/ssl/src/nsNSSComponent.cpp ++++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/mail/thunderbird/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/mail/thunderbird/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- mozilla/netwerk/base/public/security-prefs.js ++++ mozilla/netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- mozilla/security/manager/ssl/src/nsNSSComponent.cpp ++++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/www/firefox-esr/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/www/firefox-esr/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/www/firefox-nightly/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/www/firefox-nightly/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/www/firefox/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/www/firefox/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/www/libxul/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/www/libxul/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- netwerk/base/public/security-prefs.js ++++ netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- security/manager/ssl/src/nsNSSComponent.cpp ++++ security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min", Added: trunk/www/seamonkey/files/patch-bug1076983 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/www/seamonkey/files/patch-bug1076983 Wed Oct 15 02:24:39 2014 (r1731) @@ -0,0 +1,45 @@ +commit e10ee74 +Author: Martin Thomson +Date: Tue Oct 14 17:17:35 2014 -0700 + + Bug 1076983 - Disabling SSL 3.0 with pref +--- + netwerk/base/public/security-prefs.js | 2 +- + security/manager/ssl/src/nsNSSComponent.cpp | 7 +++---- + 2 files changed, 4 insertions(+), 5 deletions(-) + +diff --git netwerk/base/public/security-prefs.js netwerk/base/public/security-prefs.js +index 352552e..c12731b 100644 +--- mozilla/netwerk/base/public/security-prefs.js ++++ mozilla/netwerk/base/public/security-prefs.js +@@ -2,7 +2,7 @@ + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +-pref("security.tls.version.min", 0); ++pref("security.tls.version.min", 1); + pref("security.tls.version.max", 3); + + pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); +diff --git security/manager/ssl/src/nsNSSComponent.cpp security/manager/ssl/src/nsNSSComponent.cpp +index 8cab67b..772959d 100644 +--- mozilla/security/manager/ssl/src/nsNSSComponent.cpp ++++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp +@@ -829,14 +829,13 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, + mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode); + } + +-// Enable the TLS versions given in the prefs, defaulting to SSL 3.0 (min +-// version) and TLS 1.2 (max version) when the prefs aren't set or set to +-// invalid values. ++// Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and ++// TLS 1.2 (max) when the prefs aren't set or set to invalid values. + nsresult + nsNSSComponent::setEnabledTLSVersions() + { + // keep these values in sync with security-prefs.js +- static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 0; ++ static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1; + static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3; + + int32_t minVersion = Preferences::GetInt("security.tls.version.min",