summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net/ssl/ssl_config_service.cc6
1 files changed, 3 insertions, 3 deletions
diff --git a/net/ssl/ssl_config_service.cc b/net/ssl/ssl_config_service.cc
index 0561e7f..604d7f0 100644
--- a/net/ssl/ssl_config_service.cc
+++ b/net/ssl/ssl_config_service.cc
@@ -20,9 +20,9 @@ static uint16 g_default_version_min = SSL_PROTOCOL_VERSION_SSL3;
static uint16 g_default_version_max =
#if defined(USE_OPENSSL)
-#if defined(SSL_OP_NO_TLSv1_2)
- SSL_PROTOCOL_VERSION_TLS1_2;
-#elif defined(SSL_OP_NO_TLSv1_1)
+// TODO(wtc): do not enable TLS 1.2 until we can keep ClientHello under 256
+// bytes. See http://crbug.com/245500 and http://crbug.com/247691.
+#if defined(SSL_OP_NO_TLSv1_1)
SSL_PROTOCOL_VERSION_TLS1_1;
#else
SSL_PROTOCOL_VERSION_TLS1;
generated by cgit v1.1 at 2025-03-28 04:25:41 +0000