| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 363 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 374 #ifdef SSL_ENABLE_DEFLATE | 374 #ifdef SSL_ENABLE_DEFLATE |
| 375 // Some web servers have been found to break if TLS is used *or* if DEFLATE | 375 // Some web servers have been found to break if TLS is used *or* if DEFLATE |
| 376 // is advertised. Thus, if TLS is disabled (probably because we are doing | 376 // is advertised. Thus, if TLS is disabled (probably because we are doing |
| 377 // SSLv3 fallback), we disable DEFLATE also. | 377 // SSLv3 fallback), we disable DEFLATE also. |
| 378 // See http://crbug.com/31628 | 378 // See http://crbug.com/31628 |
| 379 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, ssl_config_.tls1_enabled); | 379 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, ssl_config_.tls1_enabled); |
| 380 if (rv != SECSuccess) | 380 if (rv != SECSuccess) |
| 381 LOG(INFO) << "SSL_ENABLE_DEFLATE failed. Old system nss?"; | 381 LOG(INFO) << "SSL_ENABLE_DEFLATE failed. Old system nss?"; |
| 382 #endif | 382 #endif |
| 383 | 383 |
| 384 #ifdef SSL_ENABLE_FALSE_START |
| 385 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, PR_TRUE); |
| 386 if (rv != SECSuccess) |
| 387 LOG(INFO) << "SSL_ENABLE_FALSE_START failed. Old system nss?"; |
| 388 #endif |
| 389 |
| 384 #ifdef SSL_ENABLE_RENEGOTIATION | 390 #ifdef SSL_ENABLE_RENEGOTIATION |
| 385 // We allow servers to request renegotiation. Since we're a client, | 391 // We allow servers to request renegotiation. Since we're a client, |
| 386 // prohibiting this is rather a waste of time. Only servers are in a position | 392 // prohibiting this is rather a waste of time. Only servers are in a position |
| 387 // to prevent renegotiation attacks. | 393 // to prevent renegotiation attacks. |
| 388 // http://extendedsubset.com/?p=8 | 394 // http://extendedsubset.com/?p=8 |
| 389 // | 395 // |
| 390 // This should be changed when NSS 3.12.6 comes out with support for the | 396 // This should be changed when NSS 3.12.6 comes out with support for the |
| 391 // renegotiation info extension. | 397 // renegotiation info extension. |
| 392 // http://code.google.com/p/chromium/issues/detail?id=31647 | 398 // http://code.google.com/p/chromium/issues/detail?id=31647 |
| 393 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_RENEGOTIATION, | 399 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_RENEGOTIATION, |
| (...skipping 897 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1291 } | 1297 } |
| 1292 PRErrorCode prerr = PR_GetError(); | 1298 PRErrorCode prerr = PR_GetError(); |
| 1293 if (prerr == PR_WOULD_BLOCK_ERROR) { | 1299 if (prerr == PR_WOULD_BLOCK_ERROR) { |
| 1294 return ERR_IO_PENDING; | 1300 return ERR_IO_PENDING; |
| 1295 } | 1301 } |
| 1296 LeaveFunction(""); | 1302 LeaveFunction(""); |
| 1297 return MapNSPRError(prerr); | 1303 return MapNSPRError(prerr); |
| 1298 } | 1304 } |
| 1299 | 1305 |
| 1300 } // namespace net | 1306 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 518065:
Disable Nagle on Linux and TLS cut through support (Closed)
