Index: net/socket/ssl_client_socket_impl.cc |
diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc |
index c993fa8fb23da2d1d58c35731b3801a19283ff11..978a3018d73509e8ae1d09bd8a86972baadc5a3e 100644 |
--- a/net/socket/ssl_client_socket_impl.cc |
+++ b/net/socket/ssl_client_socket_impl.cc |
@@ -1042,6 +1042,12 @@ int SSLClientSocketImpl::Init() { |
if (cert_verifier_->SupportsOCSPStapling()) |
SSL_enable_ocsp_stapling(ssl_.get()); |
+ // Configure BoringSSL to allow renegotiations. Once the initial handshake |
+ // completes, if renegotiations are not allowed, the default reject value will |
+ // be restored. This is done in this order to permit a BoringSSL |
+ // optimization. See https://crbug.com/boringssl/123. |
+ SSL_set_renegotiate_mode(ssl_.get(), ssl_renegotiate_freely); |
+ |
return OK; |
} |
@@ -1180,8 +1186,8 @@ int SSLClientSocketImpl::DoHandshakeComplete(int result) { |
SSL_get0_signed_cert_timestamp_list(ssl_.get(), &sct_list, &sct_list_len); |
set_signed_cert_timestamps_received(sct_list_len != 0); |
- if (IsRenegotiationAllowed()) |
- SSL_set_renegotiate_mode(ssl_.get(), ssl_renegotiate_freely); |
+ if (!IsRenegotiationAllowed()) |
+ SSL_set_renegotiate_mode(ssl_.get(), ssl_renegotiate_never); |
uint16_t signature_algorithm = SSL_get_peer_signature_algorithm(ssl_.get()); |
if (signature_algorithm != 0) { |