|
 |
907328 |
diff -up jss-4.2.6/mozilla/security/jss/lib/jss.def.cfuSaved jss-4.2.6/mozilla/security/jss/lib/jss.def
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/lib/jss.def.cfuSaved 2014-09-29 14:12:27.560206348 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/lib/jss.def 2014-09-29 14:12:34.376194464 -0700
|
|
|
907328 |
@@ -334,6 +334,8 @@ Java_org_mozilla_jss_CryptoManager_setOC
|
|
|
907328 |
Java_org_mozilla_jss_CryptoManager_verifyCertificateNowNative;
|
|
|
907328 |
Java_org_mozilla_jss_CryptoManager_verifyCertificateNowCUNative;
|
|
|
907328 |
Java_org_mozilla_jss_asn1_ASN1Util_getTagDescriptionByOid;
|
|
|
907328 |
+Java_org_mozilla_jss_ssl_SocketBase_setSSLVersionRange;
|
|
|
907328 |
+Java_org_mozilla_jss_ssl_SSLSocket_setSSLVersionRangeDefault;
|
|
|
907328 |
;+ local:
|
|
|
907328 |
;+ *;
|
|
|
907328 |
;+};
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c.cfuSaved 2014-09-29 14:12:27.565206339 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c 2014-09-29 14:13:33.222091053 -0700
|
|
|
907328 |
@@ -56,6 +56,105 @@
|
|
|
907328 |
#endif
|
|
|
907328 |
|
|
|
907328 |
|
|
|
907328 |
+/*
|
|
|
907328 |
+ * support TLS v1.1 and v1.2
|
|
|
907328 |
+ * sets default SSL version range for sockets created after this call
|
|
|
907328 |
+ */
|
|
|
907328 |
+JNIEXPORT void JNICALL
|
|
|
907328 |
+Java_org_mozilla_jss_ssl_SSLSocket_setSSLVersionRangeDefault(JNIEnv *env,
|
|
|
907328 |
+ jclass clazz, jint ssl_variant, jint min, jint max)
|
|
|
907328 |
+{
|
|
|
907328 |
+ SECStatus status;
|
|
|
907328 |
+ SSLVersionRange vrange;
|
|
|
907328 |
+
|
|
|
907328 |
+ if (ssl_variant <0 || ssl_variant >= JSSL_enums_size||
|
|
|
907328 |
+ min <0 || min >= JSSL_enums_size ||
|
|
|
907328 |
+ max <0 || max >= JSSL_enums_size) {
|
|
|
907328 |
+ char buf[128];
|
|
|
907328 |
+ PR_snprintf(buf, 128, "JSS setSSLVersionRangeDefault(): for variant=%d min=%d max=%d failed - out of range for array JSSL_enums size: %d", JSSL_enums[ssl_variant], min, max, JSSL_enums_size);
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, buf);
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ vrange.min = JSSL_enums[min];
|
|
|
907328 |
+ vrange.max = JSSL_enums[max];
|
|
|
907328 |
+
|
|
|
907328 |
+ /* get supported range */
|
|
|
907328 |
+ SSLVersionRange supported_range;
|
|
|
907328 |
+ status = SSL_VersionRangeGetSupported(JSSL_enums[ssl_variant],
|
|
|
907328 |
+ &supported_range);
|
|
|
907328 |
+ if( status != SECSuccess ) {
|
|
|
907328 |
+ char buf[128];
|
|
|
907328 |
+ PR_snprintf(buf, 128, "SSL_VersionRangeGetSupported() for variant=%d failed: %d", JSSL_enums[ssl_variant], PR_GetError());
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, buf);
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+ /* now check the min and max */
|
|
|
907328 |
+ if (vrange.min < supported_range.min ||
|
|
|
907328 |
+ vrange.max > supported_range.max) {
|
|
|
907328 |
+ char buf[128];
|
|
|
907328 |
+ PR_snprintf(buf, 128, "SSL_VersionRangeSetDefault() for variant=%d with min=%d max=%d out of range (%d:%d): %d", JSSL_enums[ssl_variant], vrange.min, vrange.max, supported_range.min, supported_range.max, PR_GetError());
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, buf);
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ /* set the default SSL Version Range */
|
|
|
907328 |
+ status = SSL_VersionRangeSetDefault(JSSL_enums[ssl_variant],
|
|
|
907328 |
+ &vrange);
|
|
|
907328 |
+ if( status != SECSuccess ) {
|
|
|
907328 |
+ char buf[128];
|
|
|
907328 |
+ PR_snprintf(buf, 128, "SSL_VersionRangeSetDefault() for variant=%d with min=%d max=%d failed: %d", JSSL_enums[ssl_variant], vrange.min, vrange.max, PR_GetError());
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, buf);
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+finish:
|
|
|
907328 |
+ return;
|
|
|
907328 |
+}
|
|
|
907328 |
+
|
|
|
907328 |
+/*
|
|
|
907328 |
+ * support TLS v1.1 and v1.2
|
|
|
907328 |
+ * sets SSL version range for this socket
|
|
|
907328 |
+ */
|
|
|
907328 |
+JNIEXPORT void JNICALL
|
|
|
907328 |
+Java_org_mozilla_jss_ssl_SocketBase_setSSLVersionRange
|
|
|
907328 |
+ (JNIEnv *env, jobject self, jint min, jint max)
|
|
|
907328 |
+{
|
|
|
907328 |
+ SECStatus status;
|
|
|
907328 |
+ JSSL_SocketData *sock = NULL;
|
|
|
907328 |
+ SSLVersionRange vrange;
|
|
|
907328 |
+
|
|
|
907328 |
+ if ( min <0 || min >= JSSL_enums_size ||
|
|
|
907328 |
+ max <0 || max >= JSSL_enums_size) {
|
|
|
907328 |
+ char buf[128];
|
|
|
907328 |
+ PR_snprintf(buf, 128, "JSS setSSLVersionRange(): for max=%d failed - out of range for array JSSL_enums size: %d", min, max, JSSL_enums_size);
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, buf);
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ /* get my fd */
|
|
|
907328 |
+ if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) {
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ vrange.min = JSSL_enums[min];
|
|
|
907328 |
+ vrange.max = JSSL_enums[max];
|
|
|
907328 |
+
|
|
|
907328 |
+ /*
|
|
|
907328 |
+ * set the SSL Version Range
|
|
|
907328 |
+ * The validity of the range will be checked by this NSS call
|
|
|
907328 |
+ */
|
|
|
907328 |
+ status = SSL_VersionRangeSet(sock->fd, &vrange);
|
|
|
907328 |
+ if( status != SECSuccess ) {
|
|
|
907328 |
+ JSSL_throwSSLSocketException(env, "SSL_VersionRangeSet failed");
|
|
|
907328 |
+ goto finish;
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+finish:
|
|
|
907328 |
+ EXCEPTION_CHECK(env, sock)
|
|
|
907328 |
+ return;
|
|
|
907328 |
+}
|
|
|
907328 |
+
|
|
|
907328 |
JNIEXPORT void JNICALL
|
|
|
907328 |
Java_org_mozilla_jss_ssl_SSLSocket_setSSLDefaultOption(JNIEnv *env,
|
|
|
907328 |
jclass clazz, jint joption, jint on)
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java.cfuSaved 2014-09-29 14:12:27.566206338 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java 2014-09-29 14:12:34.377194462 -0700
|
|
|
907328 |
@@ -36,6 +36,7 @@
|
|
|
907328 |
|
|
|
907328 |
package org.mozilla.jss.ssl;
|
|
|
907328 |
|
|
|
907328 |
+import java.lang.IllegalArgumentException;
|
|
|
907328 |
import java.net.*;
|
|
|
907328 |
import java.net.SocketException;
|
|
|
907328 |
import java.net.SocketTimeoutException;
|
|
|
907328 |
@@ -948,6 +949,63 @@ public class SSLSocket extends java.net.
|
|
|
907328 |
setSSLDefaultOption(SocketBase.SSL_NO_CACHE, !b);
|
|
|
907328 |
}
|
|
|
907328 |
|
|
|
907328 |
+ /*
|
|
|
907328 |
+ * _min_enum and _max_enum should be one of the following:
|
|
|
907328 |
+ * SocketBase.SSL_LIBRARY_VERSION_3_0
|
|
|
907328 |
+ * SocketBase.SSL_LIBRARY_VERSION_TLS_1_0
|
|
|
907328 |
+ * SocketBase.SSL_LIBRARY_VERSION_TLS_1_1
|
|
|
907328 |
+ * SocketBase.SSL_LIBRARY_VERSION_TLS_1_2
|
|
|
907328 |
+ */
|
|
|
907328 |
+ public static class SSLVersionRange {
|
|
|
907328 |
+ private int _min_enum;
|
|
|
907328 |
+ private int _max_enum;
|
|
|
907328 |
+ public static final int ssl3 = SocketBase.SSL_LIBRARY_VERSION_3_0;
|
|
|
907328 |
+ public static final int tls1_0 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_0;
|
|
|
907328 |
+ public static final int tls1_1 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_1;
|
|
|
907328 |
+ public static final int tls1_2 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_2;
|
|
|
907328 |
+ public SSLVersionRange(int min_enum, int max_enum)
|
|
|
907328 |
+ throws IllegalArgumentException {
|
|
|
907328 |
+ if ((min_enum >= SocketBase.SSL_LIBRARY_VERSION_3_0) &&
|
|
|
907328 |
+ (max_enum <= SocketBase.SSL_LIBRARY_VERSION_TLS_1_2) &&
|
|
|
907328 |
+ (min_enum <= max_enum)) {
|
|
|
907328 |
+ _min_enum = min_enum;
|
|
|
907328 |
+ _max_enum = max_enum;
|
|
|
907328 |
+ } else {
|
|
|
907328 |
+ throw new IllegalArgumentException("JSS SSLSocket SSLVersionRange: arguments out of range");
|
|
|
907328 |
+ }
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ int getMinEnum() { return _min_enum; }
|
|
|
907328 |
+ int getMaxEnum() { return _max_enum; }
|
|
|
907328 |
+
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ public static class SSLProtocolVariant {
|
|
|
907328 |
+ private int _enum;
|
|
|
907328 |
+ private SSLProtocolVariant(int val) { _enum = val; }
|
|
|
907328 |
+
|
|
|
907328 |
+ int getEnum() { return _enum; }
|
|
|
907328 |
+
|
|
|
907328 |
+ public static final SSLProtocolVariant STREAM =
|
|
|
907328 |
+ new SSLProtocolVariant(SocketBase.SSL_Variant_Stream);
|
|
|
907328 |
+ public static final SSLProtocolVariant DATA_GRAM =
|
|
|
907328 |
+ new SSLProtocolVariant(SocketBase.SSL_Variant_Datagram);
|
|
|
907328 |
+
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ public static void setSSLVersionRangeDefault(SSLProtocolVariant ssl_variant, SSLVersionRange range)
|
|
|
907328 |
+ throws SocketException
|
|
|
907328 |
+ {
|
|
|
907328 |
+ if (range == null)
|
|
|
907328 |
+ throw new SocketException("setSSLVersionRangeDefault: range null");
|
|
|
907328 |
+ setSSLVersionRangeDefault(ssl_variant.getEnum(), range.getMinEnum(), range.getMaxEnum());
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ /**
|
|
|
907328 |
+ * Sets SSL Version Range Default
|
|
|
907328 |
+ */
|
|
|
907328 |
+ private static native void setSSLVersionRangeDefault(int ssl_variant, int min, int max)
|
|
|
907328 |
+ throws SocketException;
|
|
|
907328 |
|
|
|
907328 |
private static void setSSLDefaultOption(int option, boolean on)
|
|
|
907328 |
throws SocketException
|
|
|
907328 |
@@ -1221,6 +1279,8 @@ public class SSLSocket extends java.net.
|
|
|
907328 |
public final static int TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = 0x0063;
|
|
|
907328 |
public final static int TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = 0x0065;
|
|
|
907328 |
public final static int TLS_DHE_DSS_WITH_RC4_128_SHA = 0x0066;
|
|
|
907328 |
+ public final static int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
|
|
|
907328 |
+ public final static int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
|
|
|
907328 |
|
|
|
907328 |
// New TLS cipher suites in NSS 3.4
|
|
|
907328 |
public final static int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F;
|
|
|
907328 |
@@ -1236,6 +1296,10 @@ public class SSLSocket extends java.net.
|
|
|
907328 |
public final static int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
|
|
|
907328 |
public final static int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
|
|
|
907328 |
public final static int TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A;
|
|
|
907328 |
+ public final static int TLS_RSA_WITH_NULL_SHA256 = 0x003B;
|
|
|
907328 |
+ public final static int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
|
|
|
907328 |
+ public final static int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
|
|
|
907328 |
+
|
|
|
907328 |
|
|
|
907328 |
public final static int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041;
|
|
|
907328 |
public final static int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042;
|
|
|
907328 |
@@ -1251,6 +1315,12 @@ public class SSLSocket extends java.net.
|
|
|
907328 |
public final static int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088;
|
|
|
907328 |
public final static int TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA = 0x0089;
|
|
|
907328 |
|
|
|
907328 |
+ public final static int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096;
|
|
|
907328 |
+
|
|
|
907328 |
+ public final static int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C;
|
|
|
907328 |
+ public final static int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
|
|
|
907328 |
+ public final static int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2;
|
|
|
907328 |
+
|
|
|
907328 |
public final static int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xc001;
|
|
|
907328 |
public final static int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xc002;
|
|
|
907328 |
public final static int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xc003;
|
|
|
907328 |
@@ -1281,5 +1351,13 @@ public class SSLSocket extends java.net.
|
|
|
907328 |
public final static int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xc018;
|
|
|
907328 |
public final static int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xc019;
|
|
|
907328 |
|
|
|
907328 |
+ public final static int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xc023;
|
|
|
907328 |
+ public final static int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xc027;
|
|
|
907328 |
+
|
|
|
907328 |
+ public final static int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xc02B;
|
|
|
907328 |
+ public final static int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xc02D;
|
|
|
907328 |
+ public final static int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xc02F;
|
|
|
907328 |
+ public final static int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xc031;
|
|
|
907328 |
+
|
|
|
907328 |
}
|
|
|
907328 |
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SocketBase.java.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SocketBase.java
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SocketBase.java.cfuSaved 2014-09-29 14:12:27.564206341 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SocketBase.java 2014-09-29 14:12:34.378194460 -0700
|
|
|
907328 |
@@ -114,6 +114,15 @@ class SocketBase {
|
|
|
907328 |
static final int SSL_REQUIRE_ALWAYS = 19;
|
|
|
907328 |
static final int SSL_REQUIRE_FIRST_HANDSHAKE = 20;
|
|
|
907328 |
static final int SSL_REQUIRE_NO_ERROR = 21;
|
|
|
907328 |
+ /* ssl/sslproto.h for supporting SSLVersionRange */
|
|
|
907328 |
+ static final int SSL_LIBRARY_VERSION_2 = 22;
|
|
|
907328 |
+ static final int SSL_LIBRARY_VERSION_3_0 = 23;
|
|
|
907328 |
+ static final int SSL_LIBRARY_VERSION_TLS_1_0 = 24;
|
|
|
907328 |
+ static final int SSL_LIBRARY_VERSION_TLS_1_1 = 25;
|
|
|
907328 |
+ static final int SSL_LIBRARY_VERSION_TLS_1_2 = 26;
|
|
|
907328 |
+ /* ssl/sslt.h */
|
|
|
907328 |
+ static final int SSL_Variant_Stream = 27;
|
|
|
907328 |
+ static final int SSL_Variant_Datagram = 28;
|
|
|
907328 |
|
|
|
907328 |
|
|
|
907328 |
static final int SSL_AF_INET = 50;
|
|
|
907328 |
@@ -190,6 +199,18 @@ class SocketBase {
|
|
|
907328 |
native void setSSLOption(int option, int on)
|
|
|
907328 |
throws SocketException;
|
|
|
907328 |
|
|
|
907328 |
+ void setSSLVersionRange(org.mozilla.jss.ssl.SSLSocket.SSLVersionRange range)
|
|
|
907328 |
+ throws SocketException
|
|
|
907328 |
+ {
|
|
|
907328 |
+ setSSLVersionRange(range.getMinEnum(), range.getMaxEnum());
|
|
|
907328 |
+ }
|
|
|
907328 |
+
|
|
|
907328 |
+ /**
|
|
|
907328 |
+ * Sets SSL Version Range for this socket to support TLS v1.1 and v1.2
|
|
|
907328 |
+ */
|
|
|
907328 |
+ native void setSSLVersionRange(int min, int max)
|
|
|
907328 |
+ throws SocketException;
|
|
|
907328 |
+
|
|
|
907328 |
/**
|
|
|
907328 |
* Sets the SSL option setting mode value use for options
|
|
|
907328 |
* that have more values than just enable/diasable.
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c.cfuSaved 2014-09-29 14:12:27.562206345 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c 2014-09-29 14:12:34.378194460 -0700
|
|
|
907328 |
@@ -38,6 +38,7 @@
|
|
|
907328 |
#include <pk11func.h>
|
|
|
907328 |
#include <ssl.h>
|
|
|
907328 |
#include <sslerr.h>
|
|
|
907328 |
+#include <sslproto.h>
|
|
|
907328 |
|
|
|
907328 |
#include <jssutil.h>
|
|
|
907328 |
#include <jss_exceptions.h>
|
|
|
907328 |
@@ -407,8 +408,16 @@ PRInt32 JSSL_enums[] = {
|
|
|
907328 |
SSL_REQUIRE_ALWAYS, /* 19 */ /* ssl.h */
|
|
|
907328 |
SSL_REQUIRE_FIRST_HANDSHAKE,/* 20 */ /* ssl.h */
|
|
|
907328 |
SSL_REQUIRE_NO_ERROR, /* 21 */ /* ssl.h */
|
|
|
907328 |
+ SSL_LIBRARY_VERSION_2, /* 22 */ /* sslproto.h */
|
|
|
907328 |
+ SSL_LIBRARY_VERSION_3_0, /* 23 */ /* sslproto.h */
|
|
|
907328 |
+ SSL_LIBRARY_VERSION_TLS_1_0, /* 24 */ /* sslproto.h */
|
|
|
907328 |
+ SSL_LIBRARY_VERSION_TLS_1_1, /* 25 */ /* sslproto.h */
|
|
|
907328 |
+ SSL_LIBRARY_VERSION_TLS_1_2, /* 26 */ /* sslproto.h */
|
|
|
907328 |
+ ssl_variant_stream, /* 27 */ /* sslt.h */
|
|
|
907328 |
+ ssl_variant_datagram, /* 28 */ /* sslt.h */
|
|
|
907328 |
0
|
|
|
907328 |
};
|
|
|
907328 |
+
|
|
|
907328 |
|
|
|
907328 |
|
|
|
907328 |
JNIEXPORT void JNICALL
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/jssl.h.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/jssl.h
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/jssl.h.cfuSaved 2014-09-29 14:12:27.563206343 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/jssl.h 2014-09-29 14:13:59.605044228 -0700
|
|
|
907328 |
@@ -111,6 +111,7 @@ JSSL_DestroySocketData(JNIEnv *env, JSSL
|
|
|
907328 |
|
|
|
907328 |
|
|
|
907328 |
extern PRInt32 JSSL_enums[];
|
|
|
907328 |
+#define JSSL_enums_size 29
|
|
|
907328 |
|
|
|
907328 |
JSSL_SocketData*
|
|
|
907328 |
JSSL_CreateSocketData(JNIEnv *env, jobject sockObj, PRFileDesc* newFD,
|
|
|
907328 |
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/Constants.java.cfuSaved jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/Constants.java
|
|
|
907328 |
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/Constants.java.cfuSaved 2014-09-29 14:12:27.567206336 -0700
|
|
|
907328 |
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/Constants.java 2014-09-29 14:12:34.379194458 -0700
|
|
|
907328 |
@@ -149,6 +149,21 @@ public interface Constants {
|
|
|
907328 |
/*52*/ new cipher(SSLSocket.SSL2_DES_64_CBC_WITH_MD5, "SSL2_DES_64_CBC_WITH_MD5"),
|
|
|
907328 |
/*53*/ new cipher(SSLSocket.SSL2_RC4_128_EXPORT40_WITH_MD5, "SSL2_RC4_128_EXPORT40_WITH_MD5"),
|
|
|
907328 |
/*54*/ new cipher(SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL2_RC2_128_CBC_EXPORT40_WITH_MD5"),
|
|
|
907328 |
+/*55*/ new cipher(SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"),
|
|
|
907328 |
+/*56*/ new cipher(SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"),
|
|
|
907328 |
+/*57*/ new cipher(SSLSocket.TLS_RSA_WITH_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256"),
|
|
|
907328 |
+/*58*/ new cipher(SSLSocket.TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256"),
|
|
|
907328 |
+/*59*/ new cipher(SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256"),
|
|
|
907328 |
+/*60*/ new cipher(SSLSocket.TLS_RSA_WITH_SEED_CBC_SHA, "TLS_RSA_WITH_SEED_CBC_SHA"),
|
|
|
907328 |
+/*61*/ new cipher(SSLSocket.TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*62*/ new cipher(SSLSocket.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*63*/ new cipher(SSLSocket.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*64*/ new cipher(SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"),
|
|
|
907328 |
+/*65*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"),
|
|
|
907328 |
+/*66*/ new cipher(SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*67*/ new cipher(SSLSocket.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*68*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"),
|
|
|
907328 |
+/*69*/ new cipher(SSLSocket.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256")
|
|
|
907328 |
};
|
|
|
907328 |
|
|
|
907328 |
/** Cipher supported by JSSE (JDK 1.5.x) */
|