Issue #1462 - Part 5: Security manager changes for Camellia-GCM suites.

2 files changed, 29 insertions, 2 deletions

diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js
index 0ac52621af..fe2e6770f5 100644
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -27,6 +27,10 @@ pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true);
 pref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true);
 pref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true);
+pref("security.ssl3.ecdhe_ecdsa_camellia_128_gcm_sha256", true);
+pref("security.ssl3.ecdhe_rsa_camellia_128_gcm_sha256", true);
+pref("security.ssl3.ecdhe_ecdsa_camellia_256_gcm_sha384", true);
+pref("security.ssl3.ecdhe_rsa_camellia_256_gcm_sha384", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384", true);
 pref("security.ssl3.ecdhe_rsa_aes_256_gcm_sha384", true);
 pref("security.ssl3.ecdhe_ecdsa_camellia_256_sha384", true);
@@ -37,10 +41,14 @@ pref("security.ssl3.ecdhe_rsa_aes_128_sha", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
 pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
+pref("security.ssl3.dhe_rsa_camellia_256_gcm_sha384", true);
+pref("security.ssl3.dhe_rsa_camellia_128_gcm_sha256", true);
 pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
 pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
 pref("security.ssl3.rsa_aes_256_gcm_sha384", true);
 pref("security.ssl3.rsa_aes_256_sha256", true);
+pref("security.ssl3.rsa_camellia_128_gcm_sha256", true);
+pref("security.ssl3.rsa_camellia_256_gcm_sha384", true);
 pref("security.ssl3.rsa_camellia_128_sha", true);
 pref("security.ssl3.rsa_camellia_256_sha", true);
 pref("security.ssl3.rsa_aes_128_sha", true);
diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
index 5d4460115b..bac3905570 100644
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -1315,6 +1315,16 @@ static const CipherPref sCipherPrefs[] = {
  { "security.ssl3.ecdhe_rsa_aes_256_gcm_sha384",
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, true },
 
+ { "security.ssl3.ecdhe_ecdsa_camellia_256_gcm_sha384",
+   TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, true },
+ { "security.ssl3.ecdhe_rsa_camellia_256_gcm_sha384",
+   TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, true },
+
+ { "security.ssl3.ecdhe_ecdsa_camellia_128_gcm_sha256",
+   TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, true },
+ { "security.ssl3.ecdhe_rsa_camellia_128_gcm_sha256",
+   TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
+
  { "security.ssl3.ecdhe_ecdsa_camellia_256_sha384",
    TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, true },
  { "security.ssl3.ecdhe_rsa_camellia_256_sha384",
@@ -1335,6 +1345,11 @@ static const CipherPref sCipherPrefs[] = {
  { "security.ssl3.ecdhe_ecdsa_aes_256_sha",
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, true },
 
+ { "security.ssl3.dhe_rsa_camellia_256_gcm_sha384", 
+   TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, true},
+ { "security.ssl3.dhe_rsa_camellia_128_gcm_sha256", 
+   TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
+
  { "security.ssl3.dhe_rsa_camellia_256_sha", 
    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, true},
  { "security.ssl3.dhe_rsa_aes_256_sha",
@@ -1357,9 +1372,13 @@ static const CipherPref sCipherPrefs[] = {
    TLS_RSA_WITH_AES_256_GCM_SHA384, true }, 
  { "security.ssl3.rsa_aes_256_sha256",
    TLS_RSA_WITH_AES_256_CBC_SHA256, true }, 
- {"security.ssl3.rsa_camellia_128_sha",
+ { "security.ssl3.rsa_camellia_256_gcm_sha384", 
+   TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, true},
+ { "security.ssl3.rsa_camellia_128_gcm_sha256", 
+   TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
+ { "security.ssl3.rsa_camellia_128_sha",
    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, true },
- {"security.ssl3.rsa_camellia_256_sha",
+ { "security.ssl3.rsa_camellia_256_sha",
    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, true },
  { "security.ssl3.rsa_aes_128_sha",
    TLS_RSA_WITH_AES_128_CBC_SHA, true },