[Pidgin] #15909: [Patch] Support TLS 1.1/1.2 on NSS
Pidgin
trac at pidgin.im
Tue Feb 4 14:11:56 EST 2014
#15909: [Patch] Support TLS 1.1/1.2 on NSS
-------------------------+------------------------
Reporter: elrond | Owner:
Type: patch | Status: new
Milestone: | Component: libpurple
Version: 2.10.8 | Resolution:
Keywords: ssl tls nss |
-------------------------+------------------------
Comment (by elrond):
These functions are documented in {{{/usr/include/nss/ssl.h}}}. For ease
of use, I am quoting them here from version 3.14.5:
{{{
/* Returns, in |*vrange|, the range of SSL3/TLS versions supported for the
** given protocol variant by the version of libssl linked-to at runtime.
*/
SSL_IMPORT SECStatus SSL_VersionRangeGetSupported(
SSLProtocolVariant protocolVariant, SSLVersionRange *vrange);
/* Returns, in |*vrange|, the range of SSL3/TLS versions enabled by
default
** for the given protocol variant.
*/
SSL_IMPORT SECStatus SSL_VersionRangeGetDefault(
SSLProtocolVariant protocolVariant, SSLVersionRange *vrange);
/* Sets the range of enabled-by-default SSL3/TLS versions for the given
** protocol variant to |*vrange|.
*/
SSL_IMPORT SECStatus SSL_VersionRangeSetDefault(
SSLProtocolVariant protocolVariant, const SSLVersionRange *vrange);
}}}
And probably also from interest from {{{sslt.h}}}:
{{{
typedef enum {
ssl_variant_stream = 0,
ssl_variant_datagram = 1
} SSLProtocolVariant;
typedef struct SSLVersionRangeStr {
PRUint16 min;
PRUint16 max;
} SSLVersionRange;
}}}
Logging {{{.min}}} and {{{.max}}} should be pretty easy. About the failure
logging, that's not so easy, as {{{SECStatus}}} is an enum with three
values: {{{SECWouldBlock, SECFailure, SECSuccess}}}. So only a "it failed"
log entry is possible.
As you know way more about the logging, could you please add that part?
--
Ticket URL: <https://developer.pidgin.im/ticket/15909#comment:4>
Pidgin <https://pidgin.im>
Pidgin
More information about the Tracker
mailing list