Reject renegotiations in SSLClientSocket by default.

net/socket/ssl_client_socket_openssl.cc

Index: net/socket/ssl_client_socket_openssl.cc
diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc
index 9338bcf96c45cf9734247215a45bcea3f1c26a4c..88965f5688d2bbe129f8a34e483e92d5df49bfe4 100644
--- a/net/socket/ssl_client_socket_openssl.cc
+++ b/net/socket/ssl_client_socket_openssl.cc
@@ -843,6 +843,10 @@ int SSLClientSocketOpenSSL::Init() {
                                ssl_config_.fastradio_padding_enabled &&
                                    ssl_config_.fastradio_padding_eligible);
 
+  // By default, renegotiations are rejected. After the initial handshake
+  // completes, some application protocols may re-enable it.
+  SSL_set_reject_peer_renegotiations(ssl_, 1);
+
   return OK;
 }
 
@@ -949,6 +953,9 @@ int SSLClientSocketOpenSSL::DoHandshake() {
     SSL_get0_signed_cert_timestamp_list(ssl_, &sct_list, &sct_list_len);
     set_signed_cert_timestamps_received(sct_list_len != 0);
 
+    if (IsRenegotiationAllowed())
+      SSL_set_reject_peer_renegotiations(ssl_, 0);
+
     // Verify the certificate.
     UpdateServerCert();
     GotoState(STATE_VERIFY_CERT);
@@ -1886,6 +1893,18 @@ std::string SSLClientSocketOpenSSL::GetSessionCacheKey() const {
   return result;
 }
 
+bool SSLClientSocketOpenSSL::IsRenegotiationAllowed() const {
+  if (npn_status_ == kNextProtoUnsupported)
+    return ssl_config_.renego_allowed_default;
+
+  NextProto next_proto = NextProtoFromString(npn_proto_);
+  for (NextProto allowed : ssl_config_.renego_allowed_for_protos) {
+    if (next_proto == allowed)
+      return true;
+  }
+  return false;
+}
+
 scoped_refptr<X509Certificate>
 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
   return server_cert_;