| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/ssl_config.h" | 5 #include "net/ssl/ssl_config.h" |
| 6 | 6 |
| 7 #if defined(USE_OPENSSL) | 7 #if defined(USE_OPENSSL) |
| 8 #include <openssl/ssl.h> | 8 #include <openssl/ssl.h> |
| 9 #endif | 9 #endif |
| 10 | 10 |
| 11 namespace net { | 11 namespace net { |
| 12 | 12 |
| 13 const uint16 kDefaultSSLVersionMin = SSL_PROTOCOL_VERSION_SSL3; | 13 const uint16 kDefaultSSLVersionMin = SSL_PROTOCOL_VERSION_SSL3; |
| 14 | 14 |
| 15 const uint16 kDefaultSSLVersionMax = | 15 const uint16 kDefaultSSLVersionMax = |
| 16 #if defined(USE_OPENSSL) | 16 #if defined(USE_OPENSSL) |
| 17 #if defined(SSL_OP_NO_TLSv1_2) | 17 #if defined(SSL_OP_NO_TLSv1_2) |
| 18 SSL_PROTOCOL_VERSION_TLS1_2; | 18 SSL_PROTOCOL_VERSION_TLS1_2; |
| 19 #elif defined(SSL_OP_NO_TLSv1_1) | 19 #elif defined(SSL_OP_NO_TLSv1_1) |
| 20 SSL_PROTOCOL_VERSION_TLS1_1; | 20 SSL_PROTOCOL_VERSION_TLS1_1; |
| 21 #else | 21 #else |
| 22 SSL_PROTOCOL_VERSION_TLS1; | 22 SSL_PROTOCOL_VERSION_TLS1; |
| 23 #endif | 23 #endif |
| 24 #else | 24 #else |
| 25 SSL_PROTOCOL_VERSION_TLS1_2; | 25 SSL_PROTOCOL_VERSION_TLS1_2; |
| 26 #endif | 26 #endif |
| 27 | 27 |
| 28 const uint16 kDefaultSSLVersionFallbackMin = SSL_PROTOCOL_VERSION_TLS1; |
| 29 |
| 28 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} | 30 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} |
| 29 | 31 |
| 30 SSLConfig::CertAndStatus::~CertAndStatus() {} | 32 SSLConfig::CertAndStatus::~CertAndStatus() {} |
| 31 | 33 |
| 32 SSLConfig::SSLConfig() | 34 SSLConfig::SSLConfig() |
| 33 : rev_checking_enabled(false), | 35 : rev_checking_enabled(false), |
| 34 rev_checking_required_local_anchors(false), | 36 rev_checking_required_local_anchors(false), |
| 35 version_min(kDefaultSSLVersionMin), | 37 version_min(kDefaultSSLVersionMin), |
| 36 version_max(kDefaultSSLVersionMax), | 38 version_max(kDefaultSSLVersionMax), |
| 39 version_fallback_min(kDefaultSSLVersionFallbackMin), |
| 37 channel_id_enabled(true), | 40 channel_id_enabled(true), |
| 38 false_start_enabled(true), | 41 false_start_enabled(true), |
| 39 signed_cert_timestamps_enabled(true), | 42 signed_cert_timestamps_enabled(true), |
| 40 require_forward_secrecy(false), | 43 require_forward_secrecy(false), |
| 41 send_client_cert(false), | 44 send_client_cert(false), |
| 42 verify_ev_cert(false), | 45 verify_ev_cert(false), |
| 43 version_fallback(false), | 46 version_fallback(false), |
| 44 cert_io_enabled(true) { | 47 cert_io_enabled(true) { |
| 45 } | 48 } |
| 46 | 49 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 60 if (der_cert == allowed_bad_certs[i].der_cert) { | 63 if (der_cert == allowed_bad_certs[i].der_cert) { |
| 61 if (cert_status) | 64 if (cert_status) |
| 62 *cert_status = allowed_bad_certs[i].cert_status; | 65 *cert_status = allowed_bad_certs[i].cert_status; |
| 63 return true; | 66 return true; |
| 64 } | 67 } |
| 65 } | 68 } |
| 66 return false; | 69 return false; |
| 67 } | 70 } |
| 68 | 71 |
| 69 } // namespace net | 72 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 619463002:
net: disable SSLv3 fallback. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master