Use cert config options in SSLServerSocketOpenSSL.

net/socket/ssl_server_socket_openssl.cc

Index: net/socket/ssl_server_socket_openssl.cc
diff --git a/net/socket/ssl_server_socket_openssl.cc b/net/socket/ssl_server_socket_openssl.cc
index 6bc13e6a3469942dcf75cd31ee29be8185780980..3d27153290eb442d08be2db32d45ef72cdd28736 100644
--- a/net/socket/ssl_server_socket_openssl.cc
+++ b/net/socket/ssl_server_socket_openssl.cc
@@ -9,6 +9,7 @@
 
 #include "base/callback_helpers.h"
 #include "base/logging.h"
+#include "base/strings/string_util.h"
 #include "crypto/openssl_util.h"
 #include "crypto/rsa_private_key.h"
 #include "crypto/scoped_openssl_types.h"
@@ -685,6 +686,54 @@ int SSLServerSocketOpenSSL::Init() {
   SSL_set_mode(ssl_, mode.set_mask);
   SSL_clear_mode(ssl_, mode.clear_mask);
 
+  // Removing ciphers by ID from OpenSSL is a bit involved as we must use the
+  // textual name with SSL_set_cipher_list because there is no public API to
+  // directly remove a cipher by ID.
+  STACK_OF(SSL_CIPHER)* ciphers = SSL_get_ciphers(ssl_);
+  DCHECK(ciphers);
+  // See SSLConfig::disabled_cipher_suites for description of the suites
+  // disabled by default. Note that !SHA256 and !SHA384 only remove HMAC-SHA256
+  // and HMAC-SHA384 cipher suites, not GCM cipher suites with SHA256 or SHA384
+  // as the handshake hash.
+  std::string command(
+      "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK");
+  // Walk through all the installed ciphers, seeing if any need to be
+  // appended to the cipher removal |command|.
+  for (size_t i = 0; i < sk_SSL_CIPHER_num(ciphers); ++i) {
+    const SSL_CIPHER* cipher = sk_SSL_CIPHER_value(ciphers, i);
+    const uint16 id = static_cast<uint16>(SSL_CIPHER_get_id(cipher));

[davidben, 2015/05/12 00:00:50]

uint16_t, not uint16.

[Sergey Ulanov, 2015/05/12 18:55:46]

Done. 

+    const char* name = SSL_CIPHER_get_name(cipher);
+    // Remove any ciphers with a strength of less than 80 bits. Note the NSS
+    // implementation uses "effective" bits here but OpenSSL does not provide
+    // this detail. This only impacts Triple DES: reports 112 vs. 168 bits,
+    // both of which are greater than 80 anyway.
+    bool disable = SSL_CIPHER_get_bits(cipher, NULL) < 80;

[davidben, 2015/05/12 00:00:50]

This is unnecessary. BoringSSL doesn't expose any of those ciphers.

[Sergey Ulanov, 2015/05/12 18:55:46]

I copied most of this code from ssl_client_socket_openssl.cc . So perhaps this
line can be removed from there too.

[davidben, 2015/05/12 19:05:16]

Yeah, I should go prune quite a lot of that code... :-)

+    if (!disable && ssl_config_.require_forward_secrecy) {

[davidben, 2015/05/12 00:00:50]

Let's just do the rename to require_ecdhe. There's only a handful of consumers,
so it shouldn't trouble the merge.

https://code.google.com/p/chromium/codesearch#search/&q=require_forward_secre...

[Sergey Ulanov, 2015/05/12 18:55:46]

Done.

+      disable = !StartsWithASCII(name, "ECDHE", true);

[davidben, 2015/05/12 00:00:50]

Yuck. OpenSSL doesn't give very good APIs for this, but let's do

  strcmp(SSL_CIPHER_get_kx_name(cipher), "ECDHE_RSA") == 0 ||
  strcmp(SSL_CIPHER_get_kx_name(cipher), "ECDHE_ECDSA") == 0

That seems slightly more direct than trying to parse out the names like this.

[Sergey Ulanov, 2015/05/12 18:55:46]

Done.

+    }
+    if (!disable) {
+      disable = std::find(ssl_config_.disabled_cipher_suites.begin(),
+                          ssl_config_.disabled_cipher_suites.end(),
+                          id) != ssl_config_.disabled_cipher_suites.end();
+    }
+    if (disable) {
+      DVLOG(3) << "Found cipher to remove: '" << name << "', ID: " << id
+               << " strength: " << SSL_CIPHER_get_bits(cipher, NULL);
+      command.append(":!");
+      command.append(name);
+    }
+  }
+
+  if (!ssl_config_.enable_deprecated_cipher_suites)
+    command.append(":!RC4");

[davidben, 2015/05/12 00:00:50]

This isn't implemented in SSLServerSocketNSS. If we're going to make that flag
meaningful on the server, it should be mirrored in SSLClientSocketNSS. (Or we
can leave the flag client-only for now.)

[Sergey Ulanov, 2015/05/12 18:55:46]

left it client-only - added !RC4 to the default command 

+
+  int rv = SSL_set_cipher_list(ssl_, command.c_str());
+  // If this fails (rv = 0) it means there are no ciphers enabled on this SSL.
+  // This will almost certainly result in the socket failing to complete the
+  // handshake at which point the appropriate error is bubbled up to the client.
+  LOG_IF(WARNING, rv != 1) << "SSL_set_cipher_list('" << command
+                           << "') returned " << rv;
+
   return OK;
 }