diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-17 00:56:40 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-17 00:56:40 +0000 |
| commit | e7bad86e5d70c158115cefb90dc50a2c5fd84f39 (patch) | |
| tree | a54dc8b704dceb8ec1decb60b1dcdc6088180526 /net/base | |
| parent | 81e0a85082ccf4b14f48ed5229baa2cbd8642ad4 (diff) | |
| download | chromium_src-e7bad86e5d70c158115cefb90dc50a2c5fd84f39.zip chromium_src-e7bad86e5d70c158115cefb90dc50a2c5fd84f39.tar.gz chromium_src-e7bad86e5d70c158115cefb90dc50a2c5fd84f39.tar.bz2 | |
Revert the workaround for servers that use tiny DH keys.
Add the new error code ERR_SSL_WEAK_SERVER_KEY for these
broken servers.
Use the new SSL_RENEGOTIATE_TRANSITIONAL option. On the
client side it is equivalent to SSL_RENEGOTIATE_UNRESTRICTED.
R=agl
BUG=51694
TEST=Visit https://portal-plumprod.cgc.enbridge.com and
https://www.citylink.com.au. The network error page
should display the error message:
Error 129 (net::ERR_SSL_WEAK_SERVER_KEY): Unknown error.
Review URL: http://codereview.chromium.org/3149012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56283 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base')
| -rw-r--r-- | net/base/net_error_list.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/base/net_error_list.h b/net/base/net_error_list.h index 1a0e242..5fe0846 100644 --- a/net/base/net_error_list.h +++ b/net/base/net_error_list.h @@ -168,6 +168,9 @@ NET_ERROR(PROXY_AUTH_REQUESTED, -127) // A known TLS strict server didn't offer the renegotiation extension. NET_ERROR(SSL_UNSAFE_NEGOTIATION, -128) +// The SSL server is using a weak cryptographic key. +NET_ERROR(SSL_WEAK_SERVER_KEY, -129) + // Certificate error codes // // The values of certificate error codes must be consecutive. |