Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(161)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 1056153002: Reland 'Require ECDHE for False Start.' (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « DEPS ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 1603 matching lines...) Expand 10 before | Expand all | Expand 10 after
1614 if (rv != SECSuccess || !negotiated_extension) { 1614 if (rv != SECSuccess || !negotiated_extension) {
1615 *can_false_start = PR_FALSE; 1615 *can_false_start = PR_FALSE;
1616 return SECSuccess; 1616 return SECSuccess;
1617 } 1617 }
1618 1618
1619 SSLChannelInfo channel_info; 1619 SSLChannelInfo channel_info;
1620 SECStatus ok = 1620 SECStatus ok =
1621 SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info)); 1621 SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info));
1622 if (ok != SECSuccess || channel_info.length != sizeof(channel_info) || 1622 if (ok != SECSuccess || channel_info.length != sizeof(channel_info) ||
1623 channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 || 1623 channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 ||
1624 !IsSecureTLSCipherSuite(channel_info.cipherSuite)) { 1624 !IsFalseStartableTLSCipherSuite(channel_info.cipherSuite)) {
1625 *can_false_start = PR_FALSE; 1625 *can_false_start = PR_FALSE;
1626 return SECSuccess; 1626 return SECSuccess;
1627 } 1627 }
1628 1628
1629 return SSL_RecommendedCanFalseStart(socket, can_false_start); 1629 return SSL_RecommendedCanFalseStart(socket, can_false_start);
1630 } 1630 }
1631 1631
1632 // static 1632 // static
1633 void SSLClientSocketNSS::Core::HandshakeCallback( 1633 void SSLClientSocketNSS::Core::HandshakeCallback(
1634 PRFileDesc* socket, 1634 PRFileDesc* socket,
(...skipping 1981 matching lines...) Expand 10 before | Expand all | Expand 10 after
3616 scoped_refptr<X509Certificate> 3616 scoped_refptr<X509Certificate>
3617 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { 3617 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
3618 return core_->state().server_cert.get(); 3618 return core_->state().server_cert.get();
3619 } 3619 }
3620 3620
3621 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { 3621 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const {
3622 return channel_id_service_; 3622 return channel_id_service_;
3623 } 3623 }
3624 3624
3625 } // namespace net 3625 } // namespace net
OLDNEW
« no previous file with comments | « DEPS ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698