Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1338)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/net/ssl_config_service_manager_pref.cc

Issue 14125003: Do not roll back to SSL 3.0 for Google properties. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix a bug that prevents TLS 1.1 -> TLS 1.0 fallback. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('j') | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/ssl_config_service_manager_pref.cc
diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc
index c193463d0d4287968998f13cc0e32041685b386a..cd77ac9565eb59b58126a94fc05e63a8571d39f1 100644
--- a/chrome/browser/net/ssl_config_service_manager_pref.cc
+++ b/chrome/browser/net/ssl_config_service_manager_pref.cc
@@ -180,6 +180,7 @@ class SSLConfigServiceManagerPref
StringPrefMember ssl_version_max_;
BooleanPrefMember channel_id_enabled_;
BooleanPrefMember ssl_record_splitting_disabled_;
+ BooleanPrefMember ssl3_verlback_enabled_;
wtc 2013/04/18 18:15:34 Typo: ssl3_verlback_enabled_ => ssl3_fallback_enab
// The cached list of disabled SSL cipher suites.
std::vector<uint16> disabled_cipher_suites_;
@@ -219,6 +220,8 @@ SSLConfigServiceManagerPref::SSLConfigServiceManagerPref(
prefs::kEnableOriginBoundCerts, local_state, local_state_callback);
ssl_record_splitting_disabled_.Init(
prefs::kDisableSSLRecordSplitting, local_state, local_state_callback);
+ ssl3_versionk_enabled_.Init(
wtc 2013/04/18 18:15:34 Typo: ssl3_versionk_enabled_ => ssl3_fallback_enab
+ prefs::kEnableSSL3Fallback, local_state, local_state_callback);
local_state_change_registrar_.Init(local_state);
local_state_change_registrar_.Add(
@@ -260,6 +263,9 @@ void SSLConfigServiceManagerPref::RegisterPrefs(PrefRegistrySimple* registry) {
default_config.channel_id_enabled);
registry->RegisterBooleanPref(prefs::kDisableSSLRecordSplitting,
!default_config.false_start_enabled);
+ registry->RegisterBooleanPref(
+ prefs::kEnableSSL3Fallback,
+ default_config.ssl3_fallback_enabled);
wtc 2013/04/18 18:15:34 Nit: you may be able to format this call in two li
registry->RegisterListPref(prefs::kCipherSuiteBlacklist);
}
@@ -321,6 +327,8 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
config->channel_id_enabled = false;
// disabling False Start also happens to disable record splitting.
config->false_start_enabled = !ssl_record_splitting_disabled_.GetValue();
+ config->ssl3_fallback_enabled =
+ ssl3_fallback_enabled_.GetValue();
wtc 2013/04/18 18:15:34 This should fit on one line now: config->ssl3_fa
SSLConfigServicePref::SetSSLConfigFlags(config);
}
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('j') | chrome/browser/net/ssl_config_service_manager_pref_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698