+++ /dev/null
-diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.compatible ./mozilla/security/nss/lib/ssl/sslsock.c
---- ./mozilla/security/nss/lib/ssl/sslsock.c.compatible 2012-01-05 13:54:36.430389994 -0800
-+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2012-01-05 13:55:25.810750394 -0800
-@@ -184,7 +184,7 @@ static sslOptions ssl_defaults = {
- 3, /* enableRenegotiation (default: transitional) */
- PR_FALSE, /* requireSafeNegotiation */
- PR_FALSE, /* enableFalseStart */
-- PR_TRUE /* cbcRandomIV */
-+ PR_FALSE /* cbcRandomIV */ /* defaults to off for compatibility */
- };
-
- sslSessionIDLookupFunc ssl_sid_lookup;
-@@ -2359,9 +2359,9 @@ ssl_SetDefaultsFromEnvironment(void)
- PR_TRUE));
- }
- ev = getenv("NSS_SSL_CBC_RANDOM_IV");
-- if (ev && ev[0] == '0') {
-- ssl_defaults.cbcRandomIV = PR_FALSE;
-- SSL_TRACE(("SSL: cbcRandomIV set to 0"));
-+ if (ev && ev[0] == '1') {
-+ ssl_defaults.cbcRandomIV = PR_TRUE;
-+ SSL_TRACE(("SSL: cbcRandomIV set to 1"));
- }
- }
- #endif /* NSS_HAVE_GETENV */