From 3ac9f5bd980c31bc6b916e07b413190182cb45de Mon Sep 17 00:00:00 2001
From: "nelsonb%netscape.com" <devnull@localhost>
Date: Sat, 13 Jan 2001 02:05:15 +0000
Subject: Add implementation of SSL_RSA_WITH_RC4_128_SHA SSL3 cipher suite,
 which is not enabled by default.  Bug 59795.

---
 security/nss/lib/ssl/ssl3con.c | 1 +
 security/nss/lib/ssl/sslenum.c | 1 +
 security/nss/lib/ssl/sslimpl.h | 2 +-
 security/nss/lib/ssl/sslsock.c | 1 +
 4 files changed, 4 insertions(+), 1 deletion(-)

(limited to 'security/nss/lib/ssl')

diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index cda2ba812..d8cc871d5 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -93,6 +93,7 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
    /*      cipher_suite                         policy      enabled is_present*/
  { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
  { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,      SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
+ { SSL_RSA_WITH_RC4_128_SHA,               SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
  { SSL_RSA_WITH_RC4_128_MD5,               SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
  { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,     SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
  { SSL_RSA_WITH_3DES_EDE_CBC_SHA,          SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
index b94f4bf65..10cf965d4 100644
--- a/security/nss/lib/ssl/sslenum.c
+++ b/security/nss/lib/ssl/sslenum.c
@@ -44,6 +44,7 @@ const PRUint16 SSL_ImplementedCiphers[] = {
     SSL_RSA_WITH_NULL_MD5,
     SSL_RSA_EXPORT_WITH_RC4_40_MD5,
     SSL_RSA_WITH_RC4_128_MD5,
+    SSL_RSA_WITH_RC4_128_SHA,
     SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
     SSL_RSA_WITH_DES_CBC_SHA,
     SSL_RSA_WITH_3DES_EDE_CBC_SHA,
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
index edccb02b5..3611d5697 100644
--- a/security/nss/lib/ssl/sslimpl.h
+++ b/security/nss/lib/ssl/sslimpl.h
@@ -219,7 +219,7 @@ typedef struct {
 #endif
 } ssl3CipherSuiteCfg;
 
-#define ssl_V3_SUITES_IMPLEMENTED 13
+#define ssl_V3_SUITES_IMPLEMENTED 14
 
 typedef struct sslOptionsStr {
     unsigned int useSecurity		: 1;  /*  1 */
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
index c734b335b..87ca7fdb8 100644
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -65,6 +65,7 @@ static cipherPolicy ssl_ciphers[] = {	   /*   Export           France   */
  {  SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
  {  SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,      SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
  {  SSL_RSA_WITH_RC4_128_MD5,		    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
+ {  SSL_RSA_WITH_RC4_128_SHA,		    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
  {  SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
  {  SSL_RSA_WITH_3DES_EDE_CBC_SHA,	    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
  {  SSL_RSA_FIPS_WITH_DES_CBC_SHA,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
-- 
cgit v1.2.1