Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
1632913002:
Add a note to avoid SSLServerSocket in new code. (Closed)
|
Created:
4 years, 11 months ago by davidben Modified:
4 years, 6 months ago Reviewers:
Ryan Sleevi CC:
chromium-reviews, cbentzel+watch_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionAdd a note to avoid SSLServerSocket in new code.
This class is not maintained as a production-quality SSL server. Add a note
that it shouldn't be used outside of tests.
BUG=621176
Committed: https://crrev.com/582222f7cac62a2e4c528655892fdb470c3fbd95
Cr-Commit-Position: refs/heads/master@{#400502}
Patch Set 1 #
Total comments: 1
Patch Set 2 : Add a note to avoid SSLServerSocket in new code. #Messages
Total messages: 15 (5 generated)
davidben@chromium.org changed reviewers: + rsleevi@chromium.org
Happy to tweak the text or put it elsewhere if you prefer.
https://codereview.chromium.org/1632913002/diff/1/net/socket/ssl_server_socket.h File net/socket/ssl_server_socket.h (right): https://codereview.chromium.org/1632913002/diff/1/net/socket/ssl_server_socke... net/socket/ssl_server_socket.h:14: // This header should not be used in new code, outside of unit tests. That seems sort of small and hard to miss. The header-level documentation goes before the includes (per https://google.github.io/styleguide/cppguide.html#File_Comments ) // found in the LICENSE file. // // NOTE: This class is provided to support existing Chromium // consumers; it is NOT intended for use in NEW code. In // particular, it is explicitly NOT supported on iOS and has no // such plans for the forseeable future. Configuring a TLS // server correctly is a dangerous, security-sensitive activity // with many subtle nuances, and thus care should be taken to // discuss with //net/OWNERS before any new usages. // // As such, this header should be treated as an internal // implementation detail of //net (where it's used for some // unit test infrastructure), not as appropriate for general use. // // TODO(rsleevi? davidben?): See https://crbug.com/foo for more // details. And we should file a bug capturing our collective grumps on it :)
Old CL poke?
On 2016/01/25 22:21:05, Ryan Sleevi wrote: > https://codereview.chromium.org/1632913002/diff/1/net/socket/ssl_server_socket.h > File net/socket/ssl_server_socket.h (right): > > https://codereview.chromium.org/1632913002/diff/1/net/socket/ssl_server_socke... > net/socket/ssl_server_socket.h:14: // This header should not be used in new > code, outside of unit tests. > That seems sort of small and hard to miss. > > The header-level documentation goes before the includes (per > https://google.github.io/styleguide/cppguide.html#File_Comments ) > > // found in the LICENSE file. > // > // NOTE: This class is provided to support existing Chromium > // consumers; it is NOT intended for use in NEW code. In > // particular, it is explicitly NOT supported on iOS and has no > // such plans for the forseeable future. Configuring a TLS > // server correctly is a dangerous, security-sensitive activity > // with many subtle nuances, and thus care should be taken to > // discuss with //net/OWNERS before any new usages. > // > // As such, this header should be treated as an internal > // implementation detail of //net (where it's used for some > // unit test infrastructure), not as appropriate for general use. > // > // TODO(rsleevi? davidben?): See https://crbug.com/foo for more > // details. > > And we should file a bug capturing our collective grumps on it :) Er, what do you want the bug to say? Like what concrete task should the bug be about?
On 2016/06/10 18:17:54, davidben wrote: > Er, what do you want the bug to say? Like what concrete task should the bug be > about? Well, when last we talked, it was either "Make SSL servers a first class citizen of //net" (now that we're on BoringSSL everywhere, it's reasonable), or "Get rid of this from //net and move it to embedders" (with all the tradeoffs that entails) Since that proposed comment, it's now supported on iOS (right?), and some of the BS re: server caching can be resolved, so it's a question of "What would it take to make this be something we'd Support(tm) in a way we don't care who uses it"
Description was changed from ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=580686 ========== to ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=621176 ==========
Revised comment
lgtm
The CQ bit was checked by davidben@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1632913002/20001
Message was sent while issue was closed.
Description was changed from ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=621176 ========== to ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=621176 ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001)
Message was sent while issue was closed.
Description was changed from ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=621176 ========== to ========== Add a note to avoid SSLServerSocket in new code. This class is not maintained as a production-quality SSL server. Add a note that it shouldn't be used outside of tests. BUG=621176 Committed: https://crrev.com/582222f7cac62a2e4c528655892fdb470c3fbd95 Cr-Commit-Position: refs/heads/master@{#400502} ==========
Message was sent while issue was closed.
Patchset 2 (id:??) landed as https://crrev.com/582222f7cac62a2e4c528655892fdb470c3fbd95 Cr-Commit-Position: refs/heads/master@{#400502} |
