wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 901718, Part 2: fix comment, r=me

Browse Source
This commit is contained in:
Brian Smith 2013-11-17 14:00:00 -08:00
parent 4ef7fa66b2
commit 2356f6f87a
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security/manager/ssl/src/nsNSSIOLayer.cpp
View File

@ -949,10 +949,12 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo)
// to retry without TLS.
// Don't allow STARTTLS connections to fall back on connection resets or
// EOF. Also, don't fall back from TLS 1.0 to SSL 3.0 on connection,
// EOF. Also, don't fall back from TLS 1.0 to SSL 3.0 for those errors,
// because connection resets and EOF have too many false positives,
// and we want to maximize how often we send TLS 1.0+ with extensions
// if at all reasonable.
// if at all reasonable. Unfortunately, it appears we have to allow
// fallback from TLS 1.2 and TLS 1.1 for those errors due to bad
// intermediaries.
conditional:
if (range.max <= SSL_LIBRARY_VERSION_TLS_1_0 ||
socketInfo->GetHasCleartextPhase()) {