zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert of Update with new default boringssl no-aes cipher suites. Re-enable tests. (patchset #3 id:40001 of https://codereview.webrtc.org/1550773002/ )

Browse Source 
Reason for revert:
We're getting boringssl version conflicts. Reverting for now.

Original issue's description:
> Update with new default boringssl no-aes cipher suites. Re-enable tests.
>
> This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part).
>
> BUG=webrtc:5381
> R=davidben@webrtc.org, henrika@webrtc.org
>
> Committed: https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101
> Cr-Commit-Position: refs/heads/master@{#11250}

TBR=davidben@webrtc.org,henrika@webrtc.org,torbjorng@webrtc.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=webrtc:5381

Review URL: https://codereview.webrtc.org/1586183002

Cr-Commit-Position: refs/heads/master@{#11253}
This commit is contained in:
sprang
2016-01-14 09:14:02 -08:00
committed by Commit bot
parent 2734d77c95
commit 3542013f58
4 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
webrtc/base/opensslstreamadapter.cc
View File

@ -160,10 +160,12 @@ static int kDefaultSslCipher12 =
static int kDefaultSslEcCipher12 =
static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
// Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable.
// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when
// available.
static int kDefaultSslCipher12NoAesGcm =
static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD);
static int kDefaultSslEcCipher12NoAesGcm =
static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD);
#else // !OPENSSL_IS_BORINGSSL
// OpenSSL sorts differently than BoringSSL, so the default cipher doesn't
// change between TLS 1.0 and TLS 1.2 with the current setup.
@ -171,7 +173,7 @@ static int kDefaultSslCipher12 =
static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
static int kDefaultSslEcCipher12 =
static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
#endif // OPENSSL_IS_BORINGSSL
#endif
#if defined(_MSC_VER)
#pragma warning(pop)