Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(555)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 1405383003: IsSecureTLSCipherSuite should not classify DHE_RSA as secure. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket.cc ('k') | net/spdy/spdy_session.cc » ('j') | net/ssl/ssl_cipher_suite_names_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 1244 matching lines...) Expand 10 before | Expand all | Expand 10 after
1255 if (rv != SECSuccess || !negotiated_extension) { 1255 if (rv != SECSuccess || !negotiated_extension) {
1256 *can_false_start = PR_FALSE; 1256 *can_false_start = PR_FALSE;
1257 return SECSuccess; 1257 return SECSuccess;
1258 } 1258 }
1259 1259
1260 SSLChannelInfo channel_info; 1260 SSLChannelInfo channel_info;
1261 SECStatus ok = 1261 SECStatus ok =
1262 SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info)); 1262 SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info));
1263 if (ok != SECSuccess || channel_info.length != sizeof(channel_info) || 1263 if (ok != SECSuccess || channel_info.length != sizeof(channel_info) ||
1264 channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 || 1264 channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 ||
1265 !IsFalseStartableTLSCipherSuite(channel_info.cipherSuite)) { 1265 !IsSecureTLSCipherSuite(channel_info.cipherSuite)) {
1266 *can_false_start = PR_FALSE; 1266 *can_false_start = PR_FALSE;
1267 return SECSuccess; 1267 return SECSuccess;
1268 } 1268 }
1269 1269
1270 return SSL_RecommendedCanFalseStart(socket, can_false_start); 1270 return SSL_RecommendedCanFalseStart(socket, can_false_start);
1271 } 1271 }
1272 1272
1273 // static 1273 // static
1274 void SSLClientSocketNSS::Core::HandshakeCallback( 1274 void SSLClientSocketNSS::Core::HandshakeCallback(
1275 PRFileDesc* socket, 1275 PRFileDesc* socket,
(...skipping 1908 matching lines...) Expand 10 before | Expand all | Expand 10 after
3184 return channel_id_service_; 3184 return channel_id_service_;
3185 } 3185 }
3186 3186
3187 SSLFailureState SSLClientSocketNSS::GetSSLFailureState() const { 3187 SSLFailureState SSLClientSocketNSS::GetSSLFailureState() const {
3188 if (completed_handshake_) 3188 if (completed_handshake_)
3189 return SSL_FAILURE_NONE; 3189 return SSL_FAILURE_NONE;
3190 return SSL_FAILURE_UNKNOWN; 3190 return SSL_FAILURE_UNKNOWN;
3191 } 3191 }
3192 3192
3193 } // namespace net 3193 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket.cc ('k') | net/spdy/spdy_session.cc » ('j') | net/ssl/ssl_cipher_suite_names_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698