Index: net/socket/ssl_client_socket.cc |
diff --git a/net/socket/ssl_client_socket.cc b/net/socket/ssl_client_socket.cc |
index 3c3858e3ae3b6cf299255df600473fd01dc9fc0d..93be1d31a8317f76f3be271c35035b43cad393c8 100644 |
--- a/net/socket/ssl_client_socket.cc |
+++ b/net/socket/ssl_client_socket.cc |
@@ -4,9 +4,11 @@ |
#include "net/socket/ssl_client_socket.h" |
+#include "base/feature_list.h" |
#include "base/metrics/histogram_macros.h" |
#include "base/metrics/sparse_histogram.h" |
#include "base/strings/string_util.h" |
+#include "build/build_config.h" |
#include "crypto/ec_private_key.h" |
#include "net/base/net_errors.h" |
#include "net/socket/ssl_client_socket_impl.h" |
@@ -15,6 +17,14 @@ |
namespace net { |
+namespace { |
+#if !defined(OS_NACL) |
+const base::Feature kPostQuantumExperiment{"SSLPostQuantumExperiment", |
jwd
2016/08/01 15:53:53
We tend not to like features including "experiment
mab
2016/08/09 21:04:41
OK, leaving alone. Would you have called it "SSLP
jwd
2016/08/10 17:39:26
Probably SSLPostQuantum, but I might have gone wit
|
+ base::FEATURE_DISABLED_BY_DEFAULT}; |
+#endif |
+ |
+} // namespace |
+ |
SSLClientSocket::SSLClientSocket() |
: signed_cert_timestamps_received_(false), |
stapled_ocsp_response_received_(false), |
@@ -98,6 +108,14 @@ bool SSLClientSocket::IgnoreCertError(int error, int load_flags) { |
IsCertificateError(error); |
} |
+// static |
+bool SSLClientSocket::IsPostQuantumExperimentEnabled() { |
+#if !defined(OS_NACL) |
+ return base::FeatureList::IsEnabled(kPostQuantumExperiment); |
+#endif |
+ return false; |
+} |
+ |
void SSLClientSocket::RecordNegotiationExtension() { |
if (negotiation_extension_ == kExtensionUnknown) |
return; |