Index: net/socket/ssl_client_socket_impl.cc |
diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc |
index b8db10f14f38dff4b5bdc11c3df902495baeaa2e..849aa1086cbddb7827ccf2f9f461420f6836b967 100644 |
--- a/net/socket/ssl_client_socket_impl.cc |
+++ b/net/socket/ssl_client_socket_impl.cc |
@@ -1058,6 +1058,11 @@ int SSLClientSocketImpl::DoHandshakeComplete(int result) { |
if (result < 0) |
return result; |
+ if (ssl_config_.version_interference_probe) { |
+ DCHECK_LT(ssl_config_.version_max, TLS1_3_VERSION); |
+ return ERR_SSL_VERSION_INTERFERENCE; |
+ } |
+ |
SSLContext::GetInstance()->session_cache()->ResetLookupCount( |
GetSessionCacheKey()); |
// Check that if token binding was negotiated, then extended master secret |
@@ -1677,16 +1682,20 @@ void SSLClientSocketImpl::AddCTInfoToSSLInfo(SSLInfo* ssl_info) const { |
std::string SSLClientSocketImpl::GetSessionCacheKey() const { |
std::string result = host_and_port_.ToString(); |
- result.append("/"); |
+ result.push_back('/'); |
result.append(ssl_session_cache_shard_); |
- result.append("/"); |
+ result.push_back('/'); |
if (ssl_config_.deprecated_cipher_suites_enabled) |
- result.append("deprecated"); |
+ result.push_back('1'); |
svaldez
2017/04/10 19:10:32
Change these numbers to be different if you don't
davidben
2017/04/10 19:52:25
I think then we'll start playing silly games aroun
|
- result.append("/"); |
+ result.push_back('/'); |
if (ssl_config_.channel_id_enabled) |
- result.append("channelid"); |
+ result.push_back('1'); |
+ |
+ result.push_back('/'); |
+ if (ssl_config_.version_interference_probe) |
+ result.push_back('1'); |
return result; |
} |