diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-10-02 19:42:28 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-10-02 19:42:28 +0000 |
| commit | 951e7c45e47737c4c1bca8f6e97f358bf1b06b7a (patch) | |
| tree | a317ca1fafb1d186497869f5a45636082b4e8865 /net/http/http_network_transaction.cc | |
| parent | a5e6349556b491bde631c592f69fc3ac13fc5b1e (diff) | |
| download | chromium_src-951e7c45e47737c4c1bca8f6e97f358bf1b06b7a.zip chromium_src-951e7c45e47737c4c1bca8f6e97f358bf1b06b7a.tar.gz chromium_src-951e7c45e47737c4c1bca8f6e97f358bf1b06b7a.tar.bz2 | |
net: remove TLS fallback for Google properties.
With Chrome 31, Chrome will not accept a fallback to SSLv3 for Google
properties. If we wish to be able to depend on AES-GCM and ChaCha20+Poly1305
support then we need to ensure that an attacker cannot downgrade us to TLS 1.1
(which doesn't include those options).
This change prototypes a signal to indicate that fallback should
not be allowed. We know that Google properties don't need fallback and this
change allows us to test that networks are not too broken to deploy such a
scheme.
It's possible that defective MITM proxies will cause issues with this. The
--enable-unrestricted-ssl3-fallback option exists for diagnosis of any bug
reports.
BUG=302739
Review URL: https://codereview.chromium.org/25547003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@226529 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_network_transaction.cc')
| -rw-r--r-- | net/http/http_network_transaction.cc | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index 9e24da8..707751a 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -1243,21 +1243,7 @@ int HttpNetworkTransaction::HandleSSLHandshakeError(int error) { // version_max should match the maximum protocol version supported // by the SSLClientSocket class. version_max--; - - // Fallback to the lower SSL version. - // While SSL 3.0 fallback should be eliminated because of security - // reasons, there is a high risk of breaking the servers if this is - // done in general. - // For now SSL 3.0 fallback is disabled for Google servers first, - // and will be expanded to other servers after enough experiences - // have been gained showing that this experiment works well with - // today's Internet. - if (version_max > SSL_PROTOCOL_VERSION_SSL3 || - (server_ssl_config_.unrestricted_ssl3_fallback_enabled || - !TransportSecurityState::IsGooglePinnedProperty( - request_->url.host(), true /* include SNI */))) { - should_fallback = true; - } + should_fallback = true; } break; case ERR_SSL_BAD_RECORD_MAC_ALERT: @@ -1273,6 +1259,22 @@ int HttpNetworkTransaction::HandleSSLHandshakeError(int error) { break; } + // While fallback should be eliminated because of security reasons, + // there is a high risk of breaking the servers if this is done in + // general. + // + // For now fallback is disabled for Google servers first, and will be + // expanded to other servers after enough experiences have been gained + // showing that this experiment works well with today's Internet. + // + // The --enable-unrestricted-ssl3-fallback command-line flag exists to allow + // fallback to any version, all the way down to SSLv3. + if (!server_ssl_config_.unrestricted_ssl3_fallback_enabled && + TransportSecurityState::IsGooglePinnedProperty(request_->url.host(), + true /* include SNI */)) { + should_fallback = false; + } + if (should_fallback) { net_log_.AddEvent( NetLog::TYPE_SSL_VERSION_FALLBACK, |