summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSelim Gurun <sgurun@google.com>2012-03-28 09:14:25 -0700
committerThe Android Automerger <android-build@android.com>2012-03-28 16:42:31 -0700
commitd473d7ae9135c9ca149a361b78366a753e1c0d5f (patch)
tree0b01485fcf78982c17a3b3ae915160c6f2fea9bb
parent731158395b8ae1105c69cc42dae6244385f6b4ff (diff)
downloadexternal_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.zip
external_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.tar.gz
external_chromium-d473d7ae9135c9ca149a361b78366a753e1c0d5f.tar.bz2
Disable TLSv1.2 and TLSv1.1.
Bug: 6234791 Temporarily disabling TLSv1.1 and TLSv1.2 as some sites do not seem to like it (agl reports 2% of sites have issues). Change-Id: I182bc8296e2fa2681ca2c997b5524c0135b385bf
-rw-r--r--net/socket/ssl_client_socket_openssl.cc6
1 files changed, 6 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc
index b9c3e02..30a5f48 100644
--- a/net/socket/ssl_client_socket_openssl.cc
+++ b/net/socket/ssl_client_socket_openssl.cc
@@ -447,6 +447,12 @@ bool SSLClientSocketOpenSSL::Init() {
options.ConfigureFlag(SSL_OP_NO_SSLv2, true);
options.ConfigureFlag(SSL_OP_NO_SSLv3, !ssl_config_.ssl3_enabled);
options.ConfigureFlag(SSL_OP_NO_TLSv1, !ssl_config_.tls1_enabled);
+#ifdef SSL_OP_NO_TLSv1_1
+ options.ConfigureFlag(SSL_OP_NO_TLSv1_1, true);
+#endif
+#ifdef SSL_OP_NO_TLSv1_2
+ options.ConfigureFlag(SSL_OP_NO_TLSv1_2, true);
+#endif
#if defined(SSL_OP_NO_COMPRESSION)
// If TLS was disabled also disable compression, to provide maximum site