summaryrefslogtreecommitdiffstats
path: root/net/socket
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket')
-rw-r--r--net/socket/ssl_client_socket_nss.cc6
1 files changed, 5 insertions, 1 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index ed76611..bcb57f1 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -309,7 +309,11 @@ int SSLClientSocketNSS::InitializeSSLOptions() {
#endif
#ifdef SSL_ENABLE_DEFLATE
- rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, PR_TRUE);
+ // Some web servers have been found to break if TLS is used *or* if DEFLATE
+ // is advertised. Thus, if TLS is disabled (probably because we are doing
+ // SSLv3 fallback), we disable DEFLATE also.
+ // See http://crbug.com/31628
+ rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_DEFLATE, ssl_config_.tls1_enabled);
if (rv != SECSuccess)
LOG(INFO) << "SSL_ENABLE_DEFLATE failed. Old system nss?";
#endif
generated by cgit v1.1 at 2025-02-14 01:47:04 +0000