Mercurial > mozreview > gecko / changeset / 8bf8c24822a215e8ce721aecdec628cd1a361f2c
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1306003 - Enable P-521, r?keeler draft
authorMartin Thomson <martin.thomson@gmail.com>
Thu, 29 Sep 2016 10:40:40 +1000
changeset 418724 8bf8c24822a215e8ce721aecdec628cd1a361f2c
parent 418723 a357f5e03549f6a8ccb7e40d8a9237661b00a0d8
child 532423 9bc2c901890ea33fdfa2c564bafebf5e90d39392
push id30762
push usermartin.thomson@gmail.com
push dateThu, 29 Sep 2016 00:41:07 +0000
reviewerskeeler
bugs1306003
milestone52.0a1
Bug 1306003 - Enable P-521, r?keeler MozReview-Commit-ID: 1oF98CACtQV
security/manager/ssl/nsNSSIOLayer.cpp file | annotate | diff | comparison | revisions 
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -2495,17 +2495,17 @@ nsSSLIOLayerSetOptions(PRFileDesc* fd, b
     if (SECSuccess != SSL_SetDowngradeCheckVersion(fd, maxEnabledVersion)) {
       return NS_ERROR_FAILURE;
     }
   }
 
   // Include a modest set of named groups.
   const SSLNamedGroup namedGroups[] = {
     ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1, ssl_grp_ec_secp384r1,
-    ssl_grp_ffdhe_2048, ssl_grp_ffdhe_3072
+    ssl_grp_ec_secp521r1, ssl_grp_ffdhe_2048, ssl_grp_ffdhe_3072
   };
   if (SECSuccess != SSL_NamedGroupConfig(fd, namedGroups,
                                          mozilla::ArrayLength(namedGroups))) {
     return NS_ERROR_FAILURE;
   }
   // This ensures that we send key shares for X25519 and P-256 in TLS 1.3, so
   // that servers are less likely to use HelloRetryRequest.
   if (SECSuccess != SSL_SendAdditionalKeyShares(fd, 2)) {
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.