diff options
| author | sergeyu <sergeyu@chromium.org> | 2015-06-16 13:43:04 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-06-16 20:44:40 +0000 |
| commit | 0144249b934d0869a20a69931e6ec261c5cb27da (patch) | |
| tree | d65e092a722c22ef42bc0fd0671c70acf1d9ea12 /remoting/protocol | |
| parent | 5e21faa01fbaa436ce253f2cdcf2b384b744d10a (diff) | |
| download | chromium_src-0144249b934d0869a20a69931e6ec261c5cb27da.zip chromium_src-0144249b934d0869a20a69931e6ec261c5cb27da.tar.gz chromium_src-0144249b934d0869a20a69931e6ec261c5cb27da.tar.bz2 | |
Require ECDHE cipher in remoting client.
Also added support for enable_ecdhe flag in SSLClientSocketOpenSSL and
SSLClientSocketNSS. It's not really needed with NSS as the client
is only compiled with BoringSSL, but added it anyway for consistency.
BUG=481163
Review URL: https://codereview.chromium.org/1191623002
Cr-Commit-Position: refs/heads/master@{#334684}
Diffstat (limited to 'remoting/protocol')
| -rw-r--r-- | remoting/protocol/ssl_hmac_channel_authenticator.cc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/remoting/protocol/ssl_hmac_channel_authenticator.cc b/remoting/protocol/ssl_hmac_channel_authenticator.cc index d047ec1..0a7c1d3 100644 --- a/remoting/protocol/ssl_hmac_channel_authenticator.cc +++ b/remoting/protocol/ssl_hmac_channel_authenticator.cc @@ -138,6 +138,7 @@ void SslHmacChannelAuthenticator::SecureAndAuthenticate( ssl_config.cert_io_enabled = false; ssl_config.rev_checking_enabled = false; ssl_config.allowed_bad_certs.push_back(cert_and_status); + ssl_config.require_ecdhe = true; net::HostPortPair host_and_port(kSslFakeHostName, 0); net::SSLClientSocketContext context; |