| commit | 514aeafb81f823103d35c83132b508e3e5814808 | |
| author | willchan@chromium.org <willchan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Fri, 23 May 2014 10:31:51 +0000 (23 10:31 +0000) | ||
| committer | willchan@chromium.org <willchan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Fri, 23 May 2014 10:31:51 +0000 (23 10:31 +0000) | ||
| tree | 07444179c4b84ae8a574e17bcc0007134626de76 | treesnapshot (tar.gz zip) |
| parent | 2993b0bddff7fef278e78eed3d31bae4ff1e1d11 | commitdiff |
Fail the SPDY transaction if it does not meet TLS base requirements.
* Generally follows guidelines in https://http2.github.io/http2-spec/#TLSUsage.
* Apply only to SPDY4+ versions
* Fail the stream job if the TLS version for SPDY is too old (<1.2)
* Fail the stream job if the TLS cipher suite is sucky. Note that we're stricter here than the HTTP/2 spec.
Also added while implementing this CL:
* Add SSLConnectionStatus setters.
* Add ability for SSLSocketDataProvider to set SSLConnectionStatus.
* Add modern cipher suite check into net/ssl.
BUG=374957
Review URL: https://codereview.chromium.org/291093002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@272467 0039d316-1c4b-4281-b951-d872f2087c98
* Generally follows guidelines in https://http2.github.io/http2-spec/#TLSUsage.
* Apply only to SPDY4+ versions
* Fail the stream job if the TLS version for SPDY is too old (<1.2)
* Fail the stream job if the TLS cipher suite is sucky. Note that we're stricter here than the HTTP/2 spec.
Also added while implementing this CL:
* Add SSLConnectionStatus setters.
* Add ability for SSLSocketDataProvider to set SSLConnectionStatus.
* Add modern cipher suite check into net/ssl.
BUG=374957
Review URL: https://codereview.chromium.org/291093002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@272467 0039d316-1c4b-4281-b951-d872f2087c98
13 files changed: