diff options
author | Selim Gurun <sgurun@google.com> | 2012-03-28 09:14:25 -0700 |
---|---|---|
committer | The Android Automerger <android-build@android.com> | 2012-03-28 16:42:31 -0700 |
commit | d473d7ae9135c9ca149a361b78366a753e1c0d5f (patch) | |
tree | 0b01485fcf78982c17a3b3ae915160c6f2fea9bb | |
parent | 731158395b8ae1105c69cc42dae6244385f6b4ff (diff) | |
download | external_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.zip external_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.tar.gz external_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.tar.bz2 |
Disable TLSv1.2 and TLSv1.1.
Bug: 6234791
Temporarily disabling TLSv1.1 and TLSv1.2 as some sites do not seem
to like it (agl reports 2% of sites have issues).
Change-Id: I182bc8296e2fa2681ca2c997b5524c0135b385bf
-rw-r--r-- | net/socket/ssl_client_socket_openssl.cc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc index b9c3e02..30a5f48 100644 --- a/net/socket/ssl_client_socket_openssl.cc +++ b/net/socket/ssl_client_socket_openssl.cc @@ -447,6 +447,12 @@ bool SSLClientSocketOpenSSL::Init() { options.ConfigureFlag(SSL_OP_NO_SSLv2, true); options.ConfigureFlag(SSL_OP_NO_SSLv3, !ssl_config_.ssl3_enabled); options.ConfigureFlag(SSL_OP_NO_TLSv1, !ssl_config_.tls1_enabled); +#ifdef SSL_OP_NO_TLSv1_1 + options.ConfigureFlag(SSL_OP_NO_TLSv1_1, true); +#endif +#ifdef SSL_OP_NO_TLSv1_2 + options.ConfigureFlag(SSL_OP_NO_TLSv1_2, true); +#endif #if defined(SSL_OP_NO_COMPRESSION) // If TLS was disabled also disable compression, to provide maximum site |