From 109c1679d462802b7abb241f4d42e25cffcbcd31 Mon Sep 17 00:00:00 2001
From: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Date: Sun, 27 Sep 2015 23:06:40 +0200
Subject: add tls1_1, tls1_2 settings, remove sslv3 fallback code, disable RC4

Change-Id: I9ab98fbeb040a4a2a0e8ba3c5e260f61303ed199
---
 chrome/browser/net/ssl_config_service_manager_pref.cc | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'chrome/browser')

diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc
index 71e385b..fe31117 100644
--- a/chrome/browser/net/ssl_config_service_manager_pref.cc
+++ b/chrome/browser/net/ssl_config_service_manager_pref.cc
@@ -92,6 +92,8 @@ class SSLConfigServiceManagerPref
   BooleanPrefMember rev_checking_enabled_;
   BooleanPrefMember ssl3_enabled_;
   BooleanPrefMember tls1_enabled_;
+  BooleanPrefMember tls1_1_enabled_;
+  BooleanPrefMember tls1_2_enabled_;
 
   scoped_refptr<SSLConfigServicePref> ssl_config_service_;
 
@@ -114,6 +116,8 @@ SSLConfigServiceManagerPref::SSLConfigServiceManagerPref(
                              local_state, this);
   ssl3_enabled_.Init(prefs::kSSL3Enabled, local_state, this);
   tls1_enabled_.Init(prefs::kTLS1Enabled, local_state, this);
+  tls1_1_enabled_.Init(prefs::kTLS1_1Enabled, local_state, this);
+  tls1_2_enabled_.Init(prefs::kTLS1_2Enabled, local_state, this);
 
   // Initialize from UI thread.  This is okay as there shouldn't be anything on
   // the IO thread trying to access it yet.
@@ -135,6 +139,14 @@ void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) {
     prefs->RegisterBooleanPref(prefs::kTLS1Enabled,
                                default_config.tls1_enabled);
   }
+  if (!prefs->FindPreference(prefs::kTLS1_1Enabled)) {
+    prefs->RegisterBooleanPref(prefs::kTLS1_1Enabled,
+                               default_config.tls1_1_enabled);
+  }
+  if (!prefs->FindPreference(prefs::kTLS1_2Enabled)) {
+    prefs->RegisterBooleanPref(prefs::kTLS1_2Enabled,
+                               default_config.tls1_2_enabled);
+  }
 }
 
 // static
@@ -194,6 +206,8 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
   config->rev_checking_enabled = rev_checking_enabled_.GetValue();
   config->ssl3_enabled = ssl3_enabled_.GetValue();
   config->tls1_enabled = tls1_enabled_.GetValue();
+  config->tls1_1_enabled = tls1_1_enabled_.GetValue();
+  config->tls1_2_enabled = tls1_2_enabled_.GetValue();
   SSLConfigServicePref::SetSSLConfigFlags(config);
 }
 
-- 
cgit v1.1