| commit | 43166b8adf749c6672eca0cd4a39399cf27d4761 | [log] [tgz] |
|---|---|---|
| author | torbjorng <torbjorng@webrtc.org> | Fri Mar 11 08:06:47 2016 |
| committer | Commit bot <commit-bot@chromium.org> | Fri Mar 11 08:06:55 2016 |
| tree | ba54717954e0e7cb202ef67738b976f3fc73d2b1 | |
| parent | 737f4b8d12a44909814f8f481579a2e88adc834e [diff] |
Add IsAcceptableCipher, use instead of GetDefaultCipher. The old code insists on exact cipher suite matches with hardwired expectations. It does this matching parameterized with key type (RSA vs ECDSA) and TLS version (DTLS vs TLS and version 1.0 vs 1.2). This CL changes things to check against a white-list of cipher suites, with the check parameterized with key type (again RSA vs ECDSA). Then separately checks TLS version since the old implicit check of TLS version by means of resulting cipher suite was too blunt. Using a white list for cipher suites isn't perfect, but it is safe and requires minimal maintenance. It allows compatibility with not just one exact version of underlying crypto lib, but any version with reasonable defaults. The CL also re-enables critical tests which had to be disabled recently to allow a boringssl roll. BUG=webrtc:5634 Review URL: https://codereview.webrtc.org/1774583002 Cr-Commit-Position: refs/heads/master@{#11951}
WebRTC is a free, open software project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs. The WebRTC components have been optimized to best serve this purpose.
Our mission: To enable rich, high-quality RTC applications to be developed for the browser, mobile platforms, and IoT devices, and allow them all to communicate via a common set of protocols.
The WebRTC initiative is a project supported by Google, Mozilla and Opera, amongst others. This page is maintained by the Google Chrome team.
See http://www.webrtc.org/native-code/development for instructions on how to get started developing with the native code.