diff -up ./lib/ssl/sslsock.c.disable-ems ./lib/ssl/sslsock.c
--- ./lib/ssl/sslsock.c.disable-ems 2016-01-25 17:16:37.870186322 +0100
+++ ./lib/ssl/sslsock.c 2016-01-25 17:15:58.628815533 +0100
@@ -85,6 +85,7 @@ static sslOptions ssl_defaults = {
PR_TRUE, /* reuseServerECDHEKey */
PR_FALSE, /* enableFallbackSCSV */
PR_TRUE, /* enableServerDhe */
+/* Keep extended-master-secret disabled until we have a compatible softokn. */
PR_FALSE /* enableExtendedMS */
};
@@ -827,7 +828,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
break;
case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+#if 0
+/* No-Op until we have a compatible softokn. */
ss->opt.enableExtendedMS = on;
+#endif
break;
default:
@@ -1171,7 +1175,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
break;
case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+#if 0
+/* No-Op until we have a compatible softokn. */
ssl_defaults.enableExtendedMS = on;
+#endif
break;
default:
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
media
>
main-src
>
by-pkgid
>
80fa5e1138cb07f5b1e33462a61ed188
>
files
>
20
