/pidgin/main: 6d2325070ec8: Change this to a preprocessor check.
Mark Doliner
mark at kingant.net
Tue Sep 30 02:19:56 EDT 2014
Changeset: 6d2325070ec81e1bd00a6c25f039cd2165f99cf2
Author: Mark Doliner <mark at kingant.net>
Date: 2014-09-29 23:20 -0700
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/6d2325070ec8
Description:
Change this to a preprocessor check.
Obviously this needs to happen at the preprocessor level because
SSLVersionRange won't exist in old versions. I'm not sure when
these constants started appearing... I'm kinda just hoping they've
been around as long as the NSS_VersionCheck function (NSS 3.2, I think,
which was many years ago). I might look into it. But checking this
in now to get in before the nightly Jenkins build for ppc.
diffstat:
libpurple/plugins/ssl/ssl-nss.c | 47 +++++++++++++++++++++-------------------
1 files changed, 25 insertions(+), 22 deletions(-)
diffs (68 lines):
diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -136,6 +136,11 @@ static gchar *get_error_text(void)
static void
ssl_nss_init_nss(void)
{
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+ SSLVersionRange supported, enabled;
+fprintf(stderr, "MARK got it\n");
+#endif /* NSS >= 3.14 */
+
PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
NSS_NoDB_Init(".");
NSS_SetDomesticPolicy();
@@ -153,32 +158,30 @@ ssl_nss_init_nss(void)
SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1);
SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1);
- if (NSS_VersionCheck("3.14")) {
- SSLVersionRange supported, enabled;
+#if NSS_VMAJOR > 3 || ( NSS_VMAJOR == 3 && NSS_VMINOR >= 14 )
+ /* Get the ranges of supported and enabled SSL versions */
+ if ((SSL_VersionRangeGetSupported(ssl_variant_stream, &supported) == SECSuccess) &&
+ (SSL_VersionRangeGetDefault(ssl_variant_stream, &enabled) == SECSuccess)) {
+ purple_debug_info("nss", "TLS supported versions: "
+ "0x%04hx through 0x%04hx\n", supported.min, supported.max);
+ purple_debug_info("nss", "TLS versions allowed by default: "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- /* Get the ranges of supported and enabled SSL versions */
- if ((SSL_VersionRangeGetSupported(ssl_variant_stream, &supported) == SECSuccess) &&
- (SSL_VersionRangeGetDefault(ssl_variant_stream, &enabled) == SECSuccess)) {
- purple_debug_info("nss", "TLS supported versions: "
- "0x%04hx through 0x%04hx\n", supported.min, supported.max);
- purple_debug_info("nss", "TLS versions allowed by default: "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
-
- /* Make sure all versions of TLS supported by the local library are
- enabled. (For some reason NSS doesn't enable newer versions of TLS
- by default -- more context in ticket #15909.) */
- if (supported.max > enabled.max) {
- enabled.max = supported.max;
- if (SSL_VersionRangeSetDefault(ssl_variant_stream, &enabled) == SECSuccess) {
- purple_debug_info("nss", "Changed allowed TLS versions to "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- } else {
- purple_debug_error("nss", "Error setting allowed TLS versions to "
- "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
- }
+ /* Make sure all versions of TLS supported by the local library are
+ enabled. (For some reason NSS doesn't enable newer versions of TLS
+ by default -- more context in ticket #15909.) */
+ if (supported.max > enabled.max) {
+ enabled.max = supported.max;
+ if (SSL_VersionRangeSetDefault(ssl_variant_stream, &enabled) == SECSuccess) {
+ purple_debug_info("nss", "Changed allowed TLS versions to "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
+ } else {
+ purple_debug_error("nss", "Error setting allowed TLS versions to "
+ "0x%04hx through 0x%04hx\n", enabled.min, enabled.max);
}
}
}
+#endif /* NSS >= 3.14 */
_identity = PR_GetUniqueIdentity("Purple");
_nss_methods = PR_GetDefaultIOMethods();
More information about the Commits
mailing list