summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-21 08:58:41 +0000
committerwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-21 08:58:41 +0000
commit8cff950cdc0822e7e9ec212d5f3b383d05d28503 (patch)
tree926df84ebab3a85d93ddd843f054bc5e40c24d5c /net
parenta490ce9acfdd23bf37400cd98ca6b70a5402e1e4 (diff)
downloadchromium_src-8cff950cdc0822e7e9ec212d5f3b383d05d28503.zip
chromium_src-8cff950cdc0822e7e9ec212d5f3b383d05d28503.tar.gz
chromium_src-8cff950cdc0822e7e9ec212d5f3b383d05d28503.tar.bz2
Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to
prevent ClientHello from being larger than 256 bytes. Some broken servers can't handle a large ClientHello. R=agl@chromium.org,rsleevi@chromium.org BUG=90392,245500,247691 TEST=none Review URL: https://chromiumcodereview.appspot.com/17094016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207759 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
-rw-r--r--net/ssl/ssl_config_service.cc6
1 files changed, 3 insertions, 3 deletions
diff --git a/net/ssl/ssl_config_service.cc b/net/ssl/ssl_config_service.cc
index 0561e7f..604d7f0 100644
--- a/net/ssl/ssl_config_service.cc
+++ b/net/ssl/ssl_config_service.cc
@@ -20,9 +20,9 @@ static uint16 g_default_version_min = SSL_PROTOCOL_VERSION_SSL3;
static uint16 g_default_version_max =
#if defined(USE_OPENSSL)
-#if defined(SSL_OP_NO_TLSv1_2)
- SSL_PROTOCOL_VERSION_TLS1_2;
-#elif defined(SSL_OP_NO_TLSv1_1)
+// TODO(wtc): do not enable TLS 1.2 until we can keep ClientHello under 256
+// bytes. See http://crbug.com/245500 and http://crbug.com/247691.
+#if defined(SSL_OP_NO_TLSv1_1)
SSL_PROTOCOL_VERSION_TLS1_1;
#else
SSL_PROTOCOL_VERSION_TLS1;
generated by cgit v1.1 at 2025-02-07 09:04:47 +0000