Enable AES_256_GCM ciphers.

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <errno.h>
@@ skipping 953 matching lines @@
   mode.ConfigureFlag(SSL_MODE_CBC_RECORD_SPLITTING, true);
 
   mode.ConfigureFlag(SSL_MODE_ENABLE_FALSE_START,
                      ssl_config_.false_start_enabled);
 
   mode.ConfigureFlag(SSL_MODE_SEND_FALLBACK_SCSV, ssl_config_.version_fallback);
 
   SSL_set_mode(ssl_, mode.set_mask);
   SSL_clear_mode(ssl_, mode.clear_mask);
 
-  // See SSLConfig::disabled_cipher_suites for description of the suites
-  // disabled by default. Note that SHA256 and SHA384 only select HMAC-SHA256
-  // and HMAC-SHA384 cipher suites, not GCM cipher suites with SHA256 or SHA384
-  // as the handshake hash.
-  std::string command("DEFAULT:!SHA256:-SHA384:!AESGCM+AES256:!aPSK");
+  // Use BoringSSL defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers
+  // (note that SHA256 and SHA384 only select legacy CBC ciphers). Also disable
+  // DHE_RSA_WITH_AES_256_GCM_SHA384. Historically, AES_256_GCM was not
+  // supported. As DHE is being deprecated, don't add a cipher only to remove it
+  // immediately.
+  std::string command(
+      "DEFAULT:!SHA256:!SHA384:!DHE-RSA-AES256-GCM-SHA384:!aPSK");
 
   if (ssl_config_.require_ecdhe)
     command.append(":!kRSA:!kDHE");
 
   if (!(ssl_config_.rc4_enabled &&
         ssl_config_.deprecated_cipher_suites_enabled)) {
     command.append(":!RC4");
   }
 
   if (!ssl_config_.deprecated_cipher_suites_enabled) {
@@ skipping 1322 matching lines @@
       tb_was_negotiated_ = true;
       return 1;
     }
   }
 
   *out_alert_value = SSL_AD_ILLEGAL_PARAMETER;
   return 0;
 }
 
 }  // namespace net