/pidgin/main: 304d073d134e: Manual merge release-2.x.y branch in...
Mark Doliner
mark at kingant.net
Wed Oct 1 02:58:36 EDT 2014
Changeset: 304d073d134ea3b929dcb829e561bfd65556fb09
Author: Mark Doliner <mark at kingant.net>
Date: 2014-09-30 23:58 -0700
Branch: default
URL: https://hg.pidgin.im/pidgin/main/rev/304d073d134e
Description:
Manual merge release-2.x.y branch into master.
1 merge conflict in ssl-nss.c. Not too bad.
diffstat:
libpurple/plugins/ssl/ssl-nss.c | 53 ++++++++++++++++++++++------------------
1 files changed, 29 insertions(+), 24 deletions(-)
diffs (81 lines):
diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -32,6 +32,9 @@
#ifdef _WIN32
# ifndef HAVE_LONG_LONG
#define HAVE_LONG_LONG
+/* WINDDK_BUILD is defined because the checks around usage of
+ * intrisic functions are wrong in nspr */
+#define WINDDK_BUILD
# endif
#else
/* TODO: Why is this done?
@@ -133,6 +136,10 @@ static gchar *get_error_text(void)
static void
ssl_nss_init_nss(void)
{
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+ SSLVersionRange supported, enabled;
+#endif /* NSS >= 3.14 */
+
PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
NSS_NoDB_Init(".");
NSS_SetDomesticPolicy();
@@ -150,34 +157,32 @@ ssl_nss_init_nss(void)
SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1);
SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1);
- if (NSS_VersionCheck("3.14")) {
- SSLVersionRange supported, enabled;
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+ /* Get the ranges of supported and enabled SSL versions */
+ if ((SSL_VersionRangeGetSupported(ssl_variant_stream, &supported) == SECSuccess) &&
+ (SSL_VersionRangeGetDefault(ssl_variant_stream, &enabled) == SECSuccess)) {
+ purple_debug_info("nss", "TLS supported versions: "
+ "0x%04hx through 0x%04hx\n", supported.min, supported.max);
+ purple_debug_info("nss", "TLS versions allowed by default: "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- /* Get the ranges of supported and enabled SSL versions */
- if ((SSL_VersionRangeGetSupported(ssl_variant_stream, &supported) == SECSuccess) &&
- (SSL_VersionRangeGetDefault(ssl_variant_stream, &enabled) == SECSuccess)) {
- purple_debug_info("nss", "TLS supported versions: "
- "0x%04hx through 0x%04hx\n", supported.min, supported.max);
- purple_debug_info("nss", "TLS versions allowed by default: "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
-
- /* Make sure SSL 3.0 is disabled (it's old and everyone should be
- using at least TLS 1.0 by now), and make sure all versions of TLS
- supported by the local library are enabled (for some reason NSS
- doesn't enable newer versions of TLS by default -- more context in
- ticket #15909). */
- if (enabled.min != SSL_LIBRARY_VERSION_TLS_1_0 || supported.max > enabled.max) {
- enabled.max = supported.max;
- if (SSL_VersionRangeSetDefault(ssl_variant_stream, &enabled) == SECSuccess) {
- purple_debug_info("nss", "Changed allowed TLS versions to "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- } else {
- purple_debug_error("nss", "Error setting allowed TLS versions to "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- }
+ /* Make sure SSL 3.0 is disabled (it's old and everyone should be
+ using at least TLS 1.0 by now), and make sure all versions of TLS
+ supported by the local library are enabled (for some reason NSS
+ doesn't enable newer versions of TLS by default -- more context in
+ ticket #15909). */
+ if (enabled.min != SSL_LIBRARY_VERSION_TLS_1_0 || supported.max > enabled.max) {
+ enabled.max = supported.max;
+ if (SSL_VersionRangeSetDefault(ssl_variant_stream, &enabled) == SECSuccess) {
+ purple_debug_info("nss", "Changed allowed TLS versions to "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
+ } else {
+ purple_debug_error("nss", "Error setting allowed TLS versions to "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
}
}
}
+#endif /* NSS >= 3.14 */
_identity = PR_GetUniqueIdentity("Purple");
_nss_methods = PR_GetDefaultIOMethods();
More information about the Commits
mailing list