net/socket/ssl_client_socket_impl.cc - Issue 2656953002: Revert of Remove remnants of DHE support.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_impl.cc

Issue 2656953002: Revert of Remove remnants of DHE support. (Closed)

Patch Set: Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_impl.cc

diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc

index c993fa8fb23da2d1d58c35731b3801a19283ff11..4be80d76f56120d554204cdb41592a77e91709a8 100644

--- a/net/socket/ssl_client_socket_impl.cc

+++ b/net/socket/ssl_client_socket_impl.cc

@@ -993,11 +993,23 @@

SSL_clear_mode(ssl_.get(), mode.clear_mask);

// Use BoringSSL defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers

- // (note that SHA256 and SHA384 only select legacy CBC ciphers).

- std::string command("ALL:!SHA256:!SHA384:!kDHE:!aPSK:!RC4");

+ // (note that SHA256 and SHA384 only select legacy CBC ciphers). Also disable

+ // DHE_RSA_WITH_AES_256_GCM_SHA384. Historically, AES_256_GCM was not

+ // supported. As DHE is being deprecated, don't add a cipher only to remove

+ // it immediately.

+ //

+ // TODO(davidben): Remove the DHE_RSA_WITH_AES_256_GCM_SHA384 exclusion when

+ // the DHEEnabled administrative policy expires.

+ std::string command(

+ "ALL:!SHA256:!SHA384:!DHE-RSA-AES256-GCM-SHA384:!aPSK:!RC4");

if (ssl_config_.require_ecdhe)

command.append(":!kRSA:!kDHE");

+ if (!ssl_config_.deprecated_cipher_suites_enabled) {

+ // Only offer DHE on the second handshake. https://crbug.com/538690

+ command.append(":!kDHE");

+ }

// Additionally disable HMAC-SHA1 ciphers in ECDSA. These are the remaining

// CBC-mode ECDSA ciphers.

@@ -1147,6 +1159,16 @@

SSL_session_reused(ssl_.get())) {

UMA_HISTOGRAM_EXACT_LINEAR("Net.SSLSessionConcurrentLookupCount",

ssl_session_cache_lookup_count_, 20);

+ }

+ // DHE is offered on the deprecated cipher fallback and then rejected

+ // afterwards. This is to aid in diagnosing connection failures because a

+ // server requires DHE ciphers.

+ //

+ // TODO(davidben): A few releases after DHE's removal, remove this logic.

+ if (!ssl_config_.dhe_enabled &&

+ SSL_CIPHER_is_DHE(SSL_get_current_cipher(ssl_.get()))) {

+ return ERR_SSL_OBSOLETE_CIPHER;

}

// Check that if token binding was negotiated, then extended master secret

« no previous file with comments | « components/ssl_config/ssl_config_service_manager_pref.cc ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »