Require ECDHE cipher in remoting client.

net/socket/ssl_client_socket_nss.cc

Index: net/socket/ssl_client_socket_nss.cc
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index a1abc620edc0444f664dbeceefe106fbfb5d636b..8a1a9915fed0a8718db6599c172af4b2a54ad7b2 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -2761,6 +2761,23 @@ int SSLClientSocketNSS::InitializeSSLOptions() {
     return ERR_NO_SSL_VERSIONS_ENABLED;
   }
 
+  if (ssl_config_.require_ecdhe) {
+    const PRUint16* const ssl_ciphers = SSL_GetImplementedCiphers();
+    const PRUint16 num_ciphers = SSL_GetNumImplementedCiphers();
+
+    // Require forward security by iterating over the cipher suites and

[davidben, 2015/06/16 19:18:21]

Nit: Maybe just:

  // Iterate over the cipher suites and disable all those that don't use ECDHE.

Since DHE nominally also gets us forward secrecy, but (a) DHE is very sad
because of the group size issue and (b) isn't sufficient for our purposes here
anyway.

[Sergey Ulanov, 2015/06/16 19:29:07]

Done. Also updated the same comment in ssl_server_socket_nss.cc

+    // disabling all those that don't use ECDHE.
+    for (unsigned i = 0; i < num_ciphers; i++) {
+      SSLCipherSuiteInfo info;
+      if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info, sizeof(info)) ==
+          SECSuccess) {
+        if (strcmp(info.keaTypeName, "ECDHE") != 0) {
+          SSL_CipherPrefSet(nss_fd_, ssl_ciphers[i], PR_FALSE);
+        }
+      }
+    }
+  }
+
   if (ssl_config_.version_fallback) {
     rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALLBACK_SCSV, PR_TRUE);
     if (rv != SECSuccess) {