Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(364)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 10823111: net: disable SSL compression (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/page_info_model.cc ('K') | « chrome/browser/page_info_model.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 3091 matching lines...) Expand 10 before | Expand all | Expand 10 after
3102 // Support RFC 5077 3102 // Support RFC 5077
3103 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); 3103 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE);
3104 if (rv != SECSuccess) { 3104 if (rv != SECSuccess) {
3105 LogFailedNSSFunction( 3105 LogFailedNSSFunction(
3106 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); 3106 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS");
3107 } 3107 }
3108 #else 3108 #else
3109 #error "You need to install NSS-3.12 or later to build chromium" 3109 #error "You need to install NSS-3.12 or later to build chromium"
3110 #endif 3110 #endif
3111 3111
3112 #ifdef SSL_ENABLE_DEFLATE
3113 // Some web servers have been found to break if TLS is used *or* if DEFLATE
3114 // is advertised. Thus, if TLS is disabled (probably because we are doing
3115 // SSLv3 fallback), we disable DEFLATE also.
3116 // See http://crbug.com/31628
3117 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE,
3118 ssl_config_.version_max >= SSL_PROTOCOL_VERSION_TLS1);
3119 if (rv != SECSuccess)
3120 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_DEFLATE");
3121 #endif
3122
3123 #ifdef SSL_ENABLE_FALSE_START 3112 #ifdef SSL_ENABLE_FALSE_START
3124 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, 3113 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START,
3125 ssl_config_.false_start_enabled); 3114 ssl_config_.false_start_enabled);
3126 if (rv != SECSuccess) 3115 if (rv != SECSuccess)
3127 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_FALSE_START"); 3116 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_FALSE_START");
3128 #endif 3117 #endif
3129 3118
3130 #ifdef SSL_ENABLE_RENEGOTIATION 3119 #ifdef SSL_ENABLE_RENEGOTIATION
3131 // We allow servers to request renegotiation. Since we're a client, 3120 // We allow servers to request renegotiation. Since we're a client,
3132 // prohibiting this is rather a waste of time. Only servers are in a 3121 // prohibiting this is rather a waste of time. Only servers are in a
(...skipping 370 matching lines...) Expand 10 before | Expand all | Expand 10 after
3503 EnsureThreadIdAssigned(); 3492 EnsureThreadIdAssigned();
3504 base::AutoLock auto_lock(lock_); 3493 base::AutoLock auto_lock(lock_);
3505 return valid_thread_id_ == base::PlatformThread::CurrentId(); 3494 return valid_thread_id_ == base::PlatformThread::CurrentId();
3506 } 3495 }
3507 3496
3508 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { 3497 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {
3509 return server_bound_cert_service_; 3498 return server_bound_cert_service_;
3510 } 3499 }
3511 3500
3512 } // namespace net 3501 } // namespace net
OLDNEW
« chrome/browser/page_info_model.cc ('K') | « chrome/browser/page_info_model.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698