| Index: net/base/ssl_config_service.cc
|
| diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service.cc
|
| index 9a448959f1fe3238120e0c3cd2fe5bc937714c95..80a8aa1c513e7abd4433e7b6956322de35f73d56 100644
|
| --- a/net/base/ssl_config_service.cc
|
| +++ b/net/base/ssl_config_service.cc
|
| @@ -23,7 +23,7 @@ SSLConfig::SSLConfig()
|
| : rev_checking_enabled(true), ssl3_enabled(true),
|
| tls1_enabled(true), dnssec_enabled(false), snap_start_enabled(false),
|
| dns_cert_provenance_checking_enabled(false),
|
| - mitm_proxies_allowed(false), false_start_enabled(true),
|
| + false_start_enabled(true),
|
| send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) {
|
| }
|
|
|
| @@ -54,36 +54,6 @@ SSLConfigService* SSLConfigService::CreateSystemSSLConfigService() {
|
| }
|
|
|
| // static
|
| -bool SSLConfigService::IsKnownStrictTLSServer(const std::string& hostname) {
|
| - // If you wish to add an entry to this list, please contact agl AT chromium
|
| - // DOT org.
|
| - //
|
| - // If this list starts growing, it'll need to be something more efficient
|
| - // than a linear list.
|
| - static const char kStrictServers[][22] = {
|
| - "www.google.com",
|
| - "mail.google.com",
|
| - "www.gmail.com",
|
| - "docs.google.com",
|
| - "clients1.google.com",
|
| - "sunshinepress.org",
|
| - "www.sunshinepress.org",
|
| -
|
| - // Removed until we update the XMPP servers with the renegotiation
|
| - // extension.
|
| - // "gmail.com",
|
| - };
|
| -
|
| - for (size_t i = 0; i < arraysize(kStrictServers); i++) {
|
| - // Note that the hostname is normalised to lower-case by this point.
|
| - if (strcmp(hostname.c_str(), kStrictServers[i]) == 0)
|
| - return true;
|
| - }
|
| -
|
| - return false;
|
| -}
|
| -
|
| -// static
|
| bool SSLConfigService::IsKnownFalseStartIncompatibleServer(
|
| const std::string& hostname) {
|
| return SSLFalseStartBlacklist::IsMember(hostname.c_str());
|
| @@ -91,7 +61,6 @@ bool SSLConfigService::IsKnownFalseStartIncompatibleServer(
|
|
|
| static bool g_dnssec_enabled = false;
|
| static bool g_false_start_enabled = true;
|
| -static bool g_mitm_proxies_allowed = false;
|
| static bool g_snap_start_enabled = false;
|
| static bool g_dns_cert_provenance_checking = false;
|
|
|
| @@ -116,16 +85,6 @@ bool SSLConfigService::snap_start_enabled() {
|
| }
|
|
|
| // static
|
| -void SSLConfigService::AllowMITMProxies() {
|
| - g_mitm_proxies_allowed = true;
|
| -}
|
| -
|
| -// static
|
| -bool SSLConfigService::mitm_proxies_allowed() {
|
| - return g_mitm_proxies_allowed;
|
| -}
|
| -
|
| -// static
|
| void SSLConfigService::DisableFalseStart() {
|
| g_false_start_enabled = false;
|
| }
|
| @@ -160,7 +119,6 @@ SSLConfigService::~SSLConfigService() {
|
| void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) {
|
| ssl_config->dnssec_enabled = g_dnssec_enabled;
|
| ssl_config->false_start_enabled = g_false_start_enabled;
|
| - ssl_config->mitm_proxies_allowed = g_mitm_proxies_allowed;
|
| ssl_config->snap_start_enabled = g_snap_start_enabled;
|
| ssl_config->dns_cert_provenance_checking_enabled =
|
| g_dns_cert_provenance_checking;
|
|
|
Chromium Code Reviews
Issue 6792032:
net: remove forced renegotiation checks (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src