| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 596 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 607 // Support RFC 5077 | 607 // Support RFC 5077 |
| 608 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); | 608 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); |
| 609 if (rv != SECSuccess) { | 609 if (rv != SECSuccess) { |
| 610 LogFailedNSSFunction( | 610 LogFailedNSSFunction( |
| 611 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); | 611 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); |
| 612 } | 612 } |
| 613 #else | 613 #else |
| 614 #error "You need to install NSS-3.12 or later to build chromium" | 614 #error "You need to install NSS-3.12 or later to build chromium" |
| 615 #endif | 615 #endif |
| 616 | 616 |
| 617 rv = SSL_OptionSet(nss_fd_, SSL_NO_CACHE, | |
| 618 ssl_config_.session_resume_disabled); | |
| 619 if (rv != SECSuccess) { | |
| 620 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_NO_CACHE"); | |
| 621 return ERR_UNEXPECTED; | |
| 622 } | |
| 623 | |
| 624 #ifdef SSL_ENABLE_DEFLATE | 617 #ifdef SSL_ENABLE_DEFLATE |
| 625 // Some web servers have been found to break if TLS is used *or* if DEFLATE | 618 // Some web servers have been found to break if TLS is used *or* if DEFLATE |
| 626 // is advertised. Thus, if TLS is disabled (probably because we are doing | 619 // is advertised. Thus, if TLS is disabled (probably because we are doing |
| 627 // SSLv3 fallback), we disable DEFLATE also. | 620 // SSLv3 fallback), we disable DEFLATE also. |
| 628 // See http://crbug.com/31628 | 621 // See http://crbug.com/31628 |
| 629 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, ssl_config_.tls1_enabled); | 622 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, ssl_config_.tls1_enabled); |
| 630 if (rv != SECSuccess) | 623 if (rv != SECSuccess) |
| 631 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_DEFLATE"); | 624 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_DEFLATE"); |
| 632 #endif | 625 #endif |
| 633 | 626 |
| (...skipping 1882 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2516 case SSL_CONNECTION_VERSION_TLS1_1: | 2509 case SSL_CONNECTION_VERSION_TLS1_1: |
| 2517 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); | 2510 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); |
| 2518 break; | 2511 break; |
| 2519 case SSL_CONNECTION_VERSION_TLS1_2: | 2512 case SSL_CONNECTION_VERSION_TLS1_2: |
| 2520 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); | 2513 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); |
| 2521 break; | 2514 break; |
| 2522 }; | 2515 }; |
| 2523 } | 2516 } |
| 2524 | 2517 |
| 2525 } // namespace net | 2518 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6370008:
Enable session resumption in SSLServerSocketNSS and unit tests (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src