Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(399)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/transport_security_state.cc

Issue 14125003: Do not roll back to SSL 3.0 for Google properties. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/http/transport_security_state.h ('K') | « net/http/transport_security_state.h ('k') | net/http/transport_security_state_static.h » ('j') | net/http/transport_security_state_static.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_state.cc
diff --git a/net/http/transport_security_state.cc b/net/http/transport_security_state.cc
index 3fb95dde9a30666d7ca20abd212c06be775ed026..1df2f86669991ecbc0dd8bb46af20761cb7103b0 100644
--- a/net/http/transport_security_state.cc
+++ b/net/http/transport_security_state.cc
@@ -545,6 +545,7 @@ struct HSTSPreload {
bool https_required;
PublicKeyPins pins;
SecondLevelDomainName second_level_domain_name;
+ SSL_CONNECTION_VERSION ssl_version_min;
};
static bool HasPreload(const struct HSTSPreload* entries, size_t num_entries,
@@ -558,6 +559,7 @@ static bool HasPreload(const struct HSTSPreload* entries, size_t num_entries,
*ret = false;
} else {
out->include_subdomains = entries[j].include_subdomains;
+ out->ssl_version_min = entries[j].ssl_version_min;
*ret = true;
if (!entries[j].https_required)
out->upgrade_mode = TransportSecurityState::DomainState::MODE_DEFAULT;
@@ -789,7 +791,8 @@ void TransportSecurityState::AddOrUpdateForcedHosts(
TransportSecurityState::DomainState::DomainState()
: upgrade_mode(MODE_FORCE_HTTPS),
created(base::Time::Now()),
- include_subdomains(false) {
+ include_subdomains(false),
+ ssl_version_min(SSL_CONNECTION_VERSION_SSL3) {
}
TransportSecurityState::DomainState::~DomainState() {
« net/http/transport_security_state.h ('K') | « net/http/transport_security_state.h ('k') | net/http/transport_security_state_static.h » ('j') | net/http/transport_security_state_static.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698