Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(150)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1139013002: Completely remove SSLv3 support. (Closed)

Created:
5 years, 7 months ago by davidben
Modified:
5 years, 7 months ago
Reviewers:
scheib, Ryan Sleevi
CC:
chromium-reviews, chromium-apps-reviews_chromium.org, cbentzel+watch_chromium.org, extensions-reviews_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Completely remove SSLv3 support. It's been off by default since Chrome 40 with a policy opt-in. The policy was documented to stop working after Chrome 43, so remove all logic for SSL 3.0. Chrome will no longer honor a --ssl-version-min=ssl3 flag and the option is removed from about:flags. This CL also removes the SSL 3.0 support from the extensions' TLS socket API. BUG=487730 Committed: https://crrev.com/b937d6c4aaf04dcdd6823dd5092a3716cf3e9d5e Cr-Commit-Position: refs/heads/master@{#329805}

Patch Set 1 #

Patch Set 2 : #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+96 lines, -172 lines) Patch
M chrome/app/generated_resources.grd View 1 chunk +0 lines, -3 lines 0 comments Download
M chrome/browser/about_flags.cc View 1 chunk +0 lines, -2 lines 0 comments Download
M chrome/browser/net/ssl_config_service_manager_pref.cc View 1 chunk +1 line, -3 lines 0 comments Download
M chrome/browser/net/ssl_config_service_manager_pref_unittest.cc View 3 chunks +31 lines, -4 lines 0 comments Download
M chrome/common/chrome_switches.h View 1 chunk +0 lines, -1 line 0 comments Download
M chrome/common/chrome_switches.cc View 1 chunk +4 lines, -7 lines 0 comments Download
M extensions/browser/api/socket/tls_socket.cc View 1 chunk +1 line, -3 lines 1 comment Download
M extensions/common/api/socket.idl View 1 chunk +1 line, -2 lines 0 comments Download
M extensions/common/api/sockets_tcp.idl View 1 chunk +1 line, -2 lines 0 comments Download
M net/http/http_network_transaction.cc View 2 chunks +2 lines, -5 lines 0 comments Download
M net/http/http_network_transaction_ssl_unittest.cc View 1 4 chunks +15 lines, -15 lines 0 comments Download
M net/http/http_network_transaction_unittest.cc View 3 chunks +4 lines, -11 lines 0 comments Download
M net/http/transport_security_state_static.json View 1 chunk +0 lines, -7 lines 0 comments Download
M net/socket/client_socket_pool_manager.cc View 1 chunk +0 lines, -3 lines 0 comments Download
M net/socket/ssl_client_socket_nss.cc View 2 chunks +2 lines, -10 lines 0 comments Download
M net/socket/ssl_client_socket_openssl.cc View 4 chunks +6 lines, -22 lines 1 comment Download
M net/socket/ssl_server_socket_openssl.cc View 1 chunk +5 lines, -15 lines 0 comments Download
M net/ssl/ssl_config.h View 3 chunks +2 lines, -5 lines 0 comments Download
M net/ssl/ssl_config_service_unittest.cc View 3 chunks +6 lines, -6 lines 0 comments Download
M net/url_request/url_request_unittest.cc View 7 chunks +15 lines, -46 lines 0 comments Download

Messages

Total messages: 9 (2 generated)
davidben
https://codereview.chromium.org/1139013002/diff/20001/extensions/browser/api/socket/tls_socket.cc File extensions/browser/api/socket/tls_socket.cc (right): https://codereview.chromium.org/1139013002/diff/20001/extensions/browser/api/socket/tls_socket.cc#newcode26 extensions/browser/api/socket/tls_socket.cc:26: if (version_str == "tls1") { NOTE: Unlike the rest ...
5 years, 7 months ago (2015-05-13 20:46:19 UTC) #2
davidben
(Oh, scheib for extensions and rsleevi for general review)
5 years, 7 months ago (2015-05-13 20:46:52 UTC) #3
Ryan Sleevi
lgtm
5 years, 7 months ago (2015-05-13 22:10:22 UTC) #4
scheib
extensions/* LGTM
5 years, 7 months ago (2015-05-13 22:23:54 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1139013002/20001
5 years, 7 months ago (2015-05-14 04:49:53 UTC) #7
commit-bot: I haz the power
Committed patchset #2 (id:20001)
5 years, 7 months ago (2015-05-14 04:53:50 UTC) #8
commit-bot: I haz the power
5 years, 7 months ago (2015-05-14 04:54:42 UTC) #9
Message was sent while issue was closed. 
Patchset 2 (id:??) landed as
https://crrev.com/b937d6c4aaf04dcdd6823dd5092a3716cf3e9d5e
Cr-Commit-Position: refs/heads/master@{#329805}

Powered by Google App Engine
This is Rietveld 408576698