Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3617)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/net/ssl_config_service_manager_pref.cc

Issue 14125003: Do not roll back to SSL 3.0 for Google properties. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Cleanup before sending for reviews. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('j') | chrome/common/chrome_switches.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/ssl_config_service_manager_pref.cc
diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc
index c193463d0d4287968998f13cc0e32041685b386a..47195c046cce50d7cf70ec5f1fa36087fa7616fb 100644
--- a/chrome/browser/net/ssl_config_service_manager_pref.cc
+++ b/chrome/browser/net/ssl_config_service_manager_pref.cc
@@ -64,7 +64,7 @@ std::vector<uint16> ParseCipherSuites(
// Returns the string representation of an SSL protocol version. Returns an
// empty string on error.
-std::string SSLProtocolVersionToString(uint16 version) {
+std::string SSLConfig::SSLProtocolVersionToString(uint16 version) {
Ryan Sleevi 2013/04/17 18:01:27 I believe you should revert these changes - it's n
thaidn_google 2013/04/17 20:14:40 Oh right. Good catch! This should be caught if I w
switch (version) {
case net::SSL_PROTOCOL_VERSION_SSL3:
return "ssl3";
@@ -82,7 +82,7 @@ std::string SSLProtocolVersionToString(uint16 version) {
// Returns the SSL protocol version (as a uint16) represented by a string.
// Returns 0 if the string is invalid.
-uint16 SSLProtocolVersionFromString(const std::string& version_str) {
+uint16 SSLConfig::SSLProtocolVersionFromString(const std::string& version_str) {
uint16 version = 0; // Invalid.
if (version_str == "ssl3") {
version = net::SSL_PROTOCOL_VERSION_SSL3;
@@ -180,6 +180,7 @@ class SSLConfigServiceManagerPref
StringPrefMember ssl_version_max_;
BooleanPrefMember channel_id_enabled_;
BooleanPrefMember ssl_record_splitting_disabled_;
+ BooleanPrefMember ssl_version_min_preloaded_disabled_;
// The cached list of disabled SSL cipher suites.
std::vector<uint16> disabled_cipher_suites_;
@@ -219,6 +220,8 @@ SSLConfigServiceManagerPref::SSLConfigServiceManagerPref(
prefs::kEnableOriginBoundCerts, local_state, local_state_callback);
ssl_record_splitting_disabled_.Init(
prefs::kDisableSSLRecordSplitting, local_state, local_state_callback);
+ ssl_version_min_preloaded_disabled_.Init(
+ prefs::kDisableSSLVersionMinPreloaded, local_state, local_state_callback);
local_state_change_registrar_.Init(local_state);
local_state_change_registrar_.Add(
@@ -260,6 +263,9 @@ void SSLConfigServiceManagerPref::RegisterPrefs(PrefRegistrySimple* registry) {
default_config.channel_id_enabled);
registry->RegisterBooleanPref(prefs::kDisableSSLRecordSplitting,
!default_config.false_start_enabled);
+ registry->RegisterBooleanPref(
+ prefs::kDisableSSLVersionMinPreloaded,
+ default_config.ssl_version_min_preloaded_disabled);
registry->RegisterListPref(prefs::kCipherSuiteBlacklist);
}
@@ -298,8 +304,10 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
std::string version_max_str = ssl_version_max_.GetValue();
config->version_min = net::SSLConfigService::default_version_min();
config->version_max = net::SSLConfigService::default_version_max();
- uint16 version_min = SSLProtocolVersionFromString(version_min_str);
- uint16 version_max = SSLProtocolVersionFromString(version_max_str);
+ uint16 version_min = SSLProtocolVersionFromString(
+ version_min_str);
+ uint16 version_max = SSLProtocolVersionFromString(
+ version_max_str);
wtc 2013/04/17 19:49:50 Why reformat these two lines?
thaidn_google 2013/04/17 22:16:07 Done.
if (version_min) {
// TODO(wtc): get the minimum SSL protocol version supported by the
// SSLClientSocket class. Right now it happens to be the same as the
@@ -321,6 +329,8 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
config->channel_id_enabled = false;
// disabling False Start also happens to disable record splitting.
config->false_start_enabled = !ssl_record_splitting_disabled_.GetValue();
+ config->ssl_version_min_preloaded_disabled =
+ ssl_version_min_preloaded_disabled_.GetValue();
SSLConfigServicePref::SetSSLConfigFlags(config);
}
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('j') | chrome/common/chrome_switches.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698