Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(207)

Unified Diff: net/socket/ssl_client_socket_nss.cc

Issue 1727133002: Expose TLS settings in the Security panel overview, and call out individual obsolete settings. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Reintroduce IsSecureTLSCipherSuite() as its negative and update tests. Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/socket/ssl_client_socket_nss.cc
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index e3d0a36bde4cab2402d52c77c3da0638615b7bad..a1014680df449b8f7758e7aa89b23a0e3f421e6f 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -1270,7 +1270,7 @@ SECStatus SSLClientSocketNSS::Core::CanFalseStartCallback(
SSL_GetChannelInfo(socket, &channel_info, sizeof(channel_info));
if (ok != SECSuccess || channel_info.length != sizeof(channel_info) ||
channel_info.protocolVersion < SSL_LIBRARY_VERSION_TLS_1_2 ||
- !IsSecureTLSCipherSuite(channel_info.cipherSuite)) {
+ IsObsoleteTLSCipherSuite(channel_info.cipherSuite)) {
estark 2016/04/18 11:46:44 I thought this change would be unnecessary based o
estark 2016/04/18 11:47:35 Also, presumably there's a corresponding change ne
davidben 2016/04/19 17:47:01 BoringSSL does the False Start check internally. T
estark 2016/04/19 21:31:47 Oh, gotcha, ok. Confusion about patch set 4 descri
lgarron 2016/04/25 23:56:54 Sorry, I made the patch description concise to the
*can_false_start = PR_FALSE;
return SECSuccess;
}

Powered by Google App Engine
This is Rietveld 408576698