zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove support for legacy TLS protocols by default

Browse Source 
Now this requires explicitly passing the
WebRTC-LegacyTlsProtocols/Enabled/ field trial flag or an override.

Bug: webrtc:10261
Change-Id: Ib880bcc50cec0a21dcaa4784c228cacb020e5568
NOKEYCHECK: true
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/190282
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Guido Urdaneta <guidou@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32488}
This commit is contained in:
Guido Urdaneta
2020-10-26 09:55:26 +01:00
committed by Commit Bot
parent 71002a226a
commit ae2e8647aa
3 changed files with 24 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
rtc_base/ssl_stream_adapter.h
View File

@ -93,11 +93,11 @@ bool IsGcmCryptoSuiteName(const std::string& crypto_suite);
enum SSLRole { SSL_CLIENT, SSL_SERVER };
enum SSLMode { SSL_MODE_TLS, SSL_MODE_DTLS };
// Note: TLS_10, TLS_11, and DTLS_10 will all be ignored, and only
// DTLS1_2 will be accepted, if the trial flag
// WebRTC-LegacyTlsProtocols/Disabled/ is passed in. Support for these
// protocol versions will be completely removed in M84 or later.
// TODO(https://bugs.webrtc.org/10261).
// Note: TLS_10, TLS_11, and DTLS_10 will all be ignored, and only DTLS1_2 will
// be accepted unless the trial flag WebRTC-LegacyTlsProtocols/Enabled/ is
// passed in or an explicit override is used. Support for the legacy protocol
// versions will be completely removed in the future.
// See https://bugs.webrtc.org/10261.
enum SSLProtocolVersion {
SSL_PROTOCOL_NOT_GIVEN = -1,
SSL_PROTOCOL_TLS_10 = 0,