← Back to branch summary

~ubuntu-branches/ubuntu/saucy/curl/saucy-201307251546

« back to all changes in this revision

Viewing changes to lib/nss.c

  • Committer: Package Import Robot
  • Author(s): Alessandro Ghedini
  • Date: 2012-03-23 16:24:51 UTC
  • mto: (3.6.1 experimental) (1.3.1)
  • mto: This revision was merged to the branch mainline in revision 59.
  • Revision ID: package-import@ubuntu.com-20120323162451-z4gstlabjkgnrh7h
Tags: upstream-7.25.0
ImportĀ upstreamĀ versionĀ 7.25.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/nss.c
1158
1158
  PRBool ssl3 = PR_FALSE;
1159
1159
  PRBool tlsv1 = PR_FALSE;
1160
1160
  PRBool ssl_no_cache;
 
1161
  PRBool ssl_cbc_random_iv;
1161
1162
  struct SessionHandle *data = conn->data;
1162
1163
  curl_socket_t sockfd = conn->sock[sockindex];
1163
1164
  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1266
1267
  if(SSL_OptionSet(model, SSL_V2_COMPATIBLE_HELLO, ssl2) != SECSuccess)
1267
1268
    goto error;
1268
1269
 
 
1270
  ssl_cbc_random_iv = !data->set.ssl_enable_beast;
 
1271
#ifdef SSL_CBC_RANDOM_IV
 
1272
  /* unless the user explicitly asks to allow the protocol vulnerability, we
 
1273
     use the work-around */
 
1274
  if(SSL_OptionSet(model, SSL_CBC_RANDOM_IV, ssl_cbc_random_iv) != SECSuccess)
 
1275
    infof(data, "warning: failed to set SSL_CBC_RANDOM_IV = %d\n",
 
1276
          ssl_cbc_random_iv);
 
1277
#else
 
1278
  if(ssl_cbc_random_iv)
 
1279
    infof(data, "warning: support for SSL_CBC_RANDOM_IV not compiled in\n");
 
1280
#endif
 
1281
 
1269
1282
  /* reset the flag to avoid an infinite loop */
1270
1283
  data->state.ssl_connect_retry = FALSE;
1271
1284