| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "components/ssl_config/ssl_config_service_manager.h" | 4 #include "components/ssl_config/ssl_config_service_manager.h" |
| 5 | 5 |
| 6 #include <stdint.h> | 6 #include <stdint.h> |
| 7 | 7 |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 72 // Returns the SSL protocol version (as a uint16_t) represented by a string. | 72 // Returns the SSL protocol version (as a uint16_t) represented by a string. |
| 73 // Returns 0 if the string is invalid. | 73 // Returns 0 if the string is invalid. |
| 74 uint16_t SSLProtocolVersionFromString(const std::string& version_str) { | 74 uint16_t SSLProtocolVersionFromString(const std::string& version_str) { |
| 75 uint16_t version = 0; // Invalid. | 75 uint16_t version = 0; // Invalid. |
| 76 if (version_str == switches::kSSLVersionTLSv1) { | 76 if (version_str == switches::kSSLVersionTLSv1) { |
| 77 version = net::SSL_PROTOCOL_VERSION_TLS1; | 77 version = net::SSL_PROTOCOL_VERSION_TLS1; |
| 78 } else if (version_str == switches::kSSLVersionTLSv11) { | 78 } else if (version_str == switches::kSSLVersionTLSv11) { |
| 79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; | 79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; |
| 80 } else if (version_str == switches::kSSLVersionTLSv12) { | 80 } else if (version_str == switches::kSSLVersionTLSv12) { |
| 81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; | 81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; |
| 82 } else if (version_str == switches::kSSLVersionTLSv13) { |
| 83 version = net::SSL_PROTOCOL_VERSION_TLS1_3; |
| 82 } | 84 } |
| 83 return version; | 85 return version; |
| 84 } | 86 } |
| 85 | 87 |
| 86 const base::Feature kDHECiphersFeature{ | 88 const base::Feature kDHECiphersFeature{ |
| 87 "DHECiphers", base::FEATURE_DISABLED_BY_DEFAULT, | 89 "DHECiphers", base::FEATURE_DISABLED_BY_DEFAULT, |
| 88 }; | 90 }; |
| 89 | 91 |
| 90 } // namespace | 92 } // namespace |
| 91 | 93 |
| (...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 278 std::string version_min_str = ssl_version_min_.GetValue(); | 280 std::string version_min_str = ssl_version_min_.GetValue(); |
| 279 std::string version_max_str = ssl_version_max_.GetValue(); | 281 std::string version_max_str = ssl_version_max_.GetValue(); |
| 280 config->version_min = net::kDefaultSSLVersionMin; | 282 config->version_min = net::kDefaultSSLVersionMin; |
| 281 config->version_max = net::kDefaultSSLVersionMax; | 283 config->version_max = net::kDefaultSSLVersionMax; |
| 282 uint16_t version_min = SSLProtocolVersionFromString(version_min_str); | 284 uint16_t version_min = SSLProtocolVersionFromString(version_min_str); |
| 283 uint16_t version_max = SSLProtocolVersionFromString(version_max_str); | 285 uint16_t version_max = SSLProtocolVersionFromString(version_max_str); |
| 284 if (version_min) { | 286 if (version_min) { |
| 285 config->version_min = version_min; | 287 config->version_min = version_min; |
| 286 } | 288 } |
| 287 if (version_max) { | 289 if (version_max) { |
| 288 uint16_t supported_version_max = config->version_max; | 290 config->version_max = version_max; |
| 289 config->version_max = std::min(supported_version_max, version_max); | |
| 290 } | 291 } |
| 291 config->disabled_cipher_suites = disabled_cipher_suites_; | 292 config->disabled_cipher_suites = disabled_cipher_suites_; |
| 292 config->dhe_enabled = dhe_enabled_.GetValue(); | 293 config->dhe_enabled = dhe_enabled_.GetValue(); |
| 293 } | 294 } |
| 294 | 295 |
| 295 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( | 296 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( |
| 296 PrefService* local_state) { | 297 PrefService* local_state) { |
| 297 const base::ListValue* value = | 298 const base::ListValue* value = |
| 298 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); | 299 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); |
| 299 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); | 300 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); |
| 300 } | 301 } |
| 301 | 302 |
| 302 //////////////////////////////////////////////////////////////////////////////// | 303 //////////////////////////////////////////////////////////////////////////////// |
| 303 // SSLConfigServiceManager | 304 // SSLConfigServiceManager |
| 304 | 305 |
| 305 namespace ssl_config { | 306 namespace ssl_config { |
| 306 // static | 307 // static |
| 307 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( | 308 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( |
| 308 PrefService* local_state, | 309 PrefService* local_state, |
| 309 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { | 310 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { |
| 310 return new SSLConfigServiceManagerPref(local_state, io_task_runner); | 311 return new SSLConfigServiceManagerPref(local_state, io_task_runner); |
| 311 } | 312 } |
| 312 | 313 |
| 313 // static | 314 // static |
| 314 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { | 315 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { |
| 315 SSLConfigServiceManagerPref::RegisterPrefs(registry); | 316 SSLConfigServiceManagerPref::RegisterPrefs(registry); |
| 316 } | 317 } |
| 317 } // namespace ssl_config | 318 } // namespace ssl_config |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2083743002:
Adding TLS 1.3 constants (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master