rpms / nss

Clone
Source Code
GIT

Blame SOURCES/nss-map-oid-to-hashalg.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c8 c8-beta c8-sig-altarch-armhfp c8s c9 c9-beta
  1.   7a8a15a9e1cb98a0ea4c993e49703c8a69ea125a
  2.   SOURCES
  3.   nss-map-oid-to-hashalg.patch
Blob History Raw
1b6f66 
diff -up ./nss/lib/ssl/ssl3con.c.use_oids ./nss/lib/ssl/ssl3con.c
1b6f66 
--- ./nss/lib/ssl/ssl3con.c.use_oids	2016-02-24 12:01:55.488253556 -0800
1b6f66 
+++ ./nss/lib/ssl/ssl3con.c	2016-02-24 12:09:18.099513245 -0800
1b6f66 
@@ -4950,7 +4950,7 @@ ssl3_ComputeHandshakeHashes(sslSocket *
1b6f66 
         rv = SECFailure;
1b6f66 
         goto tls12_loser;
1b6f66 
     }
1b6f66 
-    hashes->hashAlg = hashOid->offset;
1b6f66 
+    hashes->hashAlg = ssl3_OIDToTLSHashAlgorithm(hashOid->offset);
1b6f66 
     PORT_Assert(hashes->hashAlg == ssl_hash_sha256 ||
1b6f66 
                 hashes->hashAlg == ssl_hash_sha384);
1b6f66 
     if (hashes->hashAlg != ssl_hash_sha256 &&
1b6f66 
@@ -9581,7 +9581,7 @@ ssl3_EncodeCertificateRequestSigAlgs(ssl
1b6f66 
         /* Note that we don't support a handshake hash with anything other than
1b6f66 
          * SHA-256, so asking for a signature from clients for something else
1b6f66 
          * would be inviting disaster. */
1b6f66 
-        if (alg->hashAlg == ssl_hash_sha256 /* || alg->hashAlg == ssl_hash_sha384*/) {
1b6f66 
+        if (alg->hashAlg == ssl_hash_sha256 || alg->hashAlg == ssl_hash_sha384) {
1b6f66 
             buf[(*len)++] = (PRUint8)alg->hashAlg;
1b6f66 
             buf[(*len)++] = (PRUint8)alg->sigAlg;
1b6f66 
         }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation