| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/ssl.h> | 10 #include <openssl/ssl.h> |
| (...skipping 472 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 483 options.ConfigureFlag(SSL_OP_NO_TLSv1_1, !tls1_1_enabled); | 483 options.ConfigureFlag(SSL_OP_NO_TLSv1_1, !tls1_1_enabled); |
| 484 #endif | 484 #endif |
| 485 #if defined(SSL_OP_NO_TLSv1_2) | 485 #if defined(SSL_OP_NO_TLSv1_2) |
| 486 bool tls1_2_enabled = | 486 bool tls1_2_enabled = |
| 487 (ssl_config_.version_min <= SSL_PROTOCOL_VERSION_TLS1_2 && | 487 (ssl_config_.version_min <= SSL_PROTOCOL_VERSION_TLS1_2 && |
| 488 ssl_config_.version_max >= SSL_PROTOCOL_VERSION_TLS1_2); | 488 ssl_config_.version_max >= SSL_PROTOCOL_VERSION_TLS1_2); |
| 489 options.ConfigureFlag(SSL_OP_NO_TLSv1_2, !tls1_2_enabled); | 489 options.ConfigureFlag(SSL_OP_NO_TLSv1_2, !tls1_2_enabled); |
| 490 #endif | 490 #endif |
| 491 | 491 |
| 492 #if defined(SSL_OP_NO_COMPRESSION) | 492 #if defined(SSL_OP_NO_COMPRESSION) |
| 493 // If TLS was disabled also disable compression, to provide maximum site | 493 options.ConfigureFlag(SSL_OP_NO_COMPRESSION, true); |
| 494 // compatibility in the case of protocol fallback. See http://crbug.com/31628 | |
| 495 options.ConfigureFlag(SSL_OP_NO_COMPRESSION, | |
| 496 ssl_config_.version_max < SSL_PROTOCOL_VERSION_TLS1); | |
| 497 #endif | 494 #endif |
| 498 | 495 |
| 499 // TODO(joth): Set this conditionally, see http://crbug.com/55410 | 496 // TODO(joth): Set this conditionally, see http://crbug.com/55410 |
| 500 options.ConfigureFlag(SSL_OP_LEGACY_SERVER_CONNECT, true); | 497 options.ConfigureFlag(SSL_OP_LEGACY_SERVER_CONNECT, true); |
| 501 | 498 |
| 502 SSL_set_options(ssl_, options.set_mask); | 499 SSL_set_options(ssl_, options.set_mask); |
| 503 SSL_clear_options(ssl_, options.clear_mask); | 500 SSL_clear_options(ssl_, options.clear_mask); |
| 504 | 501 |
| 505 // Same as above, this time for the SSL mode. | 502 // Same as above, this time for the SSL mode. |
| 506 SslSetClearMask mode; | 503 SslSetClearMask mode; |
| (...skipping 814 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1321 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, | 1318 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, |
| 1322 user_write_buf_->data()); | 1319 user_write_buf_->data()); |
| 1323 return rv; | 1320 return rv; |
| 1324 } | 1321 } |
| 1325 | 1322 |
| 1326 int err = SSL_get_error(ssl_, rv); | 1323 int err = SSL_get_error(ssl_, rv); |
| 1327 return MapOpenSSLError(err, err_tracer); | 1324 return MapOpenSSLError(err, err_tracer); |
| 1328 } | 1325 } |
| 1329 | 1326 |
| 1330 } // namespace net | 1327 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10825183:
net: disable TLS compression with OpenSSL. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src