OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 #include "components/ssl_config/ssl_config_service_manager.h" | 4 #include "components/ssl_config/ssl_config_service_manager.h" |
5 | 5 |
6 #include <stdint.h> | 6 #include <stdint.h> |
7 | 7 |
8 #include <algorithm> | 8 #include <algorithm> |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
72 // Returns the SSL protocol version (as a uint16_t) represented by a string. | 72 // Returns the SSL protocol version (as a uint16_t) represented by a string. |
73 // Returns 0 if the string is invalid. | 73 // Returns 0 if the string is invalid. |
74 uint16_t SSLProtocolVersionFromString(const std::string& version_str) { | 74 uint16_t SSLProtocolVersionFromString(const std::string& version_str) { |
75 uint16_t version = 0; // Invalid. | 75 uint16_t version = 0; // Invalid. |
76 if (version_str == switches::kSSLVersionTLSv1) { | 76 if (version_str == switches::kSSLVersionTLSv1) { |
77 version = net::SSL_PROTOCOL_VERSION_TLS1; | 77 version = net::SSL_PROTOCOL_VERSION_TLS1; |
78 } else if (version_str == switches::kSSLVersionTLSv11) { | 78 } else if (version_str == switches::kSSLVersionTLSv11) { |
79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; | 79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; |
80 } else if (version_str == switches::kSSLVersionTLSv12) { | 80 } else if (version_str == switches::kSSLVersionTLSv12) { |
81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; | 81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; |
| 82 } else if (version_str == switches::kSSLVersionTLSv13) { |
| 83 version = net::SSL_PROTOCOL_VERSION_TLS1_3; |
82 } | 84 } |
83 return version; | 85 return version; |
84 } | 86 } |
85 | 87 |
86 const base::Feature kDHECiphersFeature{ | 88 const base::Feature kDHECiphersFeature{ |
87 "DHECiphers", base::FEATURE_DISABLED_BY_DEFAULT, | 89 "DHECiphers", base::FEATURE_DISABLED_BY_DEFAULT, |
88 }; | 90 }; |
89 | 91 |
90 } // namespace | 92 } // namespace |
91 | 93 |
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
278 std::string version_min_str = ssl_version_min_.GetValue(); | 280 std::string version_min_str = ssl_version_min_.GetValue(); |
279 std::string version_max_str = ssl_version_max_.GetValue(); | 281 std::string version_max_str = ssl_version_max_.GetValue(); |
280 config->version_min = net::kDefaultSSLVersionMin; | 282 config->version_min = net::kDefaultSSLVersionMin; |
281 config->version_max = net::kDefaultSSLVersionMax; | 283 config->version_max = net::kDefaultSSLVersionMax; |
282 uint16_t version_min = SSLProtocolVersionFromString(version_min_str); | 284 uint16_t version_min = SSLProtocolVersionFromString(version_min_str); |
283 uint16_t version_max = SSLProtocolVersionFromString(version_max_str); | 285 uint16_t version_max = SSLProtocolVersionFromString(version_max_str); |
284 if (version_min) { | 286 if (version_min) { |
285 config->version_min = version_min; | 287 config->version_min = version_min; |
286 } | 288 } |
287 if (version_max) { | 289 if (version_max) { |
288 uint16_t supported_version_max = config->version_max; | 290 config->version_max = version_max; |
289 config->version_max = std::min(supported_version_max, version_max); | |
290 } | 291 } |
291 config->disabled_cipher_suites = disabled_cipher_suites_; | 292 config->disabled_cipher_suites = disabled_cipher_suites_; |
292 config->dhe_enabled = dhe_enabled_.GetValue(); | 293 config->dhe_enabled = dhe_enabled_.GetValue(); |
293 } | 294 } |
294 | 295 |
295 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( | 296 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( |
296 PrefService* local_state) { | 297 PrefService* local_state) { |
297 const base::ListValue* value = | 298 const base::ListValue* value = |
298 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); | 299 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); |
299 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); | 300 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); |
300 } | 301 } |
301 | 302 |
302 //////////////////////////////////////////////////////////////////////////////// | 303 //////////////////////////////////////////////////////////////////////////////// |
303 // SSLConfigServiceManager | 304 // SSLConfigServiceManager |
304 | 305 |
305 namespace ssl_config { | 306 namespace ssl_config { |
306 // static | 307 // static |
307 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( | 308 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( |
308 PrefService* local_state, | 309 PrefService* local_state, |
309 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { | 310 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { |
310 return new SSLConfigServiceManagerPref(local_state, io_task_runner); | 311 return new SSLConfigServiceManagerPref(local_state, io_task_runner); |
311 } | 312 } |
312 | 313 |
313 // static | 314 // static |
314 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { | 315 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { |
315 SSLConfigServiceManagerPref::RegisterPrefs(registry); | 316 SSLConfigServiceManagerPref::RegisterPrefs(registry); |
316 } | 317 } |
317 } // namespace ssl_config | 318 } // namespace ssl_config |
OLD | NEW |