Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(656)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_config.h

Issue 1052743003: Move RC4 behind a fallback. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/socket/ssl_client_socket_nss.cc ('K') | « net/socket/ssl_client_socket_unittest.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SSL_SSL_CONFIG_H_ 5 #ifndef NET_SSL_SSL_CONFIG_H_
6 #define NET_SSL_SSL_CONFIG_H_ 6 #define NET_SSL_SSL_CONFIG_H_
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/memory/ref_counted.h" 9 #include "base/memory/ref_counted.h"
10 #include "net/base/net_export.h" 10 #include "net/base/net_export.h"
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
99 // The ciphers listed in |disabled_cipher_suites| will be removed in addition 99 // The ciphers listed in |disabled_cipher_suites| will be removed in addition
100 // to the above list. 100 // to the above list.
101 // 101 //
102 // Though cipher suites are sent in TLS as "uint8 CipherSuite[2]", in 102 // Though cipher suites are sent in TLS as "uint8 CipherSuite[2]", in
103 // big-endian form, they should be declared in host byte order, with the 103 // big-endian form, they should be declared in host byte order, with the
104 // first uint8 occupying the most significant byte. 104 // first uint8 occupying the most significant byte.
105 // Ex: To disable TLS_RSA_WITH_RC4_128_MD5, specify 0x0004, while to 105 // Ex: To disable TLS_RSA_WITH_RC4_128_MD5, specify 0x0004, while to
106 // disable TLS_ECDH_ECDSA_WITH_RC4_128_SHA, specify 0xC002. 106 // disable TLS_ECDH_ECDSA_WITH_RC4_128_SHA, specify 0xC002.
107 std::vector<uint16> disabled_cipher_suites; 107 std::vector<uint16> disabled_cipher_suites;
108 108
109 // Enables deprecated cipher suites. Currently, RC4 is deprecated.
110 bool enable_deprecated_cipher_suites;
111
109 bool channel_id_enabled; // True if TLS channel ID extension is enabled. 112 bool channel_id_enabled; // True if TLS channel ID extension is enabled.
110 bool false_start_enabled; // True if we'll use TLS False Start. 113 bool false_start_enabled; // True if we'll use TLS False Start.
111 // True if the Certificate Transparency signed_certificate_timestamp 114 // True if the Certificate Transparency signed_certificate_timestamp
112 // TLS extension is enabled. 115 // TLS extension is enabled.
113 bool signed_cert_timestamps_enabled; 116 bool signed_cert_timestamps_enabled;
114 117
115 // require_forward_secrecy, if true, causes only (EC)DHE cipher suites to be 118 // require_forward_secrecy, if true, causes only (EC)DHE cipher suites to be
116 // enabled. NOTE: this only applies to server sockets currently, although 119 // enabled. NOTE: this only applies to server sockets currently, although
117 // that could be extended if needed. 120 // that could be extended if needed.
118 bool require_forward_secrecy; 121 bool require_forward_secrecy;
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 // |fastradio_padding_eligible| can be true when |fastradio_padding_enabled| 170 // |fastradio_padding_eligible| can be true when |fastradio_padding_enabled|
168 // is false: in this case, fastradio padding would not be enabled, but 171 // is false: in this case, fastradio padding would not be enabled, but
169 // metrics can be collected for experiments. 172 // metrics can be collected for experiments.
170 bool fastradio_padding_enabled; 173 bool fastradio_padding_enabled;
171 bool fastradio_padding_eligible; 174 bool fastradio_padding_eligible;
172 }; 175 };
173 176
174 } // namespace net 177 } // namespace net
175 178
176 #endif // NET_SSL_SSL_CONFIG_H_ 179 #endif // NET_SSL_SSL_CONFIG_H_
OLDNEW
« net/socket/ssl_client_socket_nss.cc ('K') | « net/socket/ssl_client_socket_unittest.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698