Linux: allow TLS renegotiation.

Renegotiation was disabled when we switched to using our internal
version of NSS. The default in the new versions is to prohibit
renegotiation. However, since we are a client this is rather
pointless. An attacker can easily convince us to start a new TLS
connection to a host if they wish.

http://codereview.chromium.org/501178

BUG=none
TEST=Go to a site that uses renegotiation (generally because they want to request a client-side cert).

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@35596 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 15 insertions, 0 deletions

diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index c013ed8..ed76611 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -314,6 +314,21 @@ int SSLClientSocketNSS::InitializeSSLOptions() {
      LOG(INFO) << "SSL_ENABLE_DEFLATE failed.  Old system nss?";
 #endif
 
+#ifdef SSL_ENABLE_RENEGOTIATION
+  // We allow servers to request renegotiation. Since we're a client,
+  // prohibiting this is rather a waste of time. Only servers are in a position
+  // to prevent renegotiation attacks.
+  // http://extendedsubset.com/?p=8
+  //
+  // This should be changed when NSS 3.12.6 comes out with support for the
+  // renegotiation info extension.
+  // http://code.google.com/p/chromium/issues/detail?id=31647
+  rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_RENEGOTIATION,
+                     SSL_RENEGOTIATE_UNRESTRICTED);
+  if (rv != SECSuccess)
+     LOG(INFO) << "SSL_ENABLE_RENEGOTIATION failed.";
+#endif
+
 #ifdef SSL_NEXT_PROTO_NEGOTIATED
   if (!ssl_config_.next_protos.empty()) {
     rv = SSL_SetNextProtoNego(