| Index: net/socket/ssl_client_socket_nss.cc
|
| diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
|
| index c303829f9cdb17391bc580d839ff3e19d30577ca..271a8b622051b50f2ae539df47a76d26f4c0ea3f 100644
|
| --- a/net/socket/ssl_client_socket_nss.cc
|
| +++ b/net/socket/ssl_client_socket_nss.cc
|
| @@ -1074,21 +1074,11 @@ bool SSLClientSocketNSS::Core::Init(PRFileDesc* socket,
|
| }
|
|
|
| if (ssl_config_.channel_id_enabled) {
|
| - // TODO(mattm): we can do this check on the network task runner only because
|
| - // we use the NSS internal slot. If we support other slots in the future,
|
| - // checking whether they support ECDSA may block NSS, and thus this check
|
| - // would have to be moved to the NSS task runner.
|
| - crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot());
|
| - if (PK11_DoesMechanism(slot.get(), CKM_EC_KEY_PAIR_GEN) &&
|
| - PK11_DoesMechanism(slot.get(), CKM_ECDSA)) {
|
| - rv = SSL_SetClientChannelIDCallback(
|
| - nss_fd_, SSLClientSocketNSS::Core::ClientChannelIDHandler, this);
|
| - if (rv != SECSuccess)
|
| - LogFailedNSSFunction(*weak_net_log_, "SSL_SetClientChannelIDCallback",
|
| - "");
|
| - } else {
|
| - DVLOG(1) << "Elliptic Curve not supported, not enabling channel ID.";
|
| - }
|
| + rv = SSL_SetClientChannelIDCallback(
|
| + nss_fd_, SSLClientSocketNSS::Core::ClientChannelIDHandler, this);
|
| + if (rv != SECSuccess)
|
| + LogFailedNSSFunction(*weak_net_log_, "SSL_SetClientChannelIDCallback",
|
| + "");
|
| }
|
|
|
| rv = SSL_HandshakeCallback(
|
|
|
Chromium Code Reviews
Issue 10700099:
NSS Channel ID: don't check ECC support on every socket creation. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src