зеркало из https://github.com/electron/electron.git
--cipher-suite-blacklist is also removed
This commit is contained in:
Cheng Zhao
Kevin Sawicki
Родитель
dc9000f344
Коммит
1a15b45736
|
|
@ -15,7 +15,6 @@
|
|||
#include "atom/browser/net/atom_cert_verifier.h"
|
||||
#include "atom/browser/net/atom_ct_delegate.h"
|
||||
#include "atom/browser/net/atom_network_delegate.h"
|
||||
#include "atom/browser/net/atom_ssl_config_service.h"
|
||||
#include "atom/browser/net/atom_url_request_job_factory.h"
|
||||
#include "atom/browser/net/http_protocol_handler.h"
|
||||
#include "atom/browser/web_view_manager.h"
|
||||
|
|
@ -198,10 +197,6 @@ std::unique_ptr<net::CertVerifier> AtomBrowserContext::CreateCertVerifier() {
|
|||
return base::WrapUnique(new AtomCertVerifier(ct_delegate_.get()));
|
||||
}
|
||||
|
||||
net::SSLConfigService* AtomBrowserContext::CreateSSLConfigService() {
|
||||
return new AtomSSLConfigService;
|
||||
}
|
||||
|
||||
std::vector<std::string> AtomBrowserContext::GetCookieableSchemes() {
|
||||
auto default_schemes = brightray::BrowserContext::GetCookieableSchemes();
|
||||
const auto& standard_schemes = atom::api::GetStandardSchemes();
|
||||
|
|
|
|||
|
|
@ -41,7 +41,6 @@ class AtomBrowserContext : public brightray::BrowserContext {
|
|||
net::HttpCache::BackendFactory* CreateHttpCacheBackendFactory(
|
||||
const base::FilePath& base_path) override;
|
||||
std::unique_ptr<net::CertVerifier> CreateCertVerifier() override;
|
||||
net::SSLConfigService* CreateSSLConfigService() override;
|
||||
std::vector<std::string> GetCookieableSchemes() override;
|
||||
net::TransportSecurityState::RequireCTDelegate* GetRequireCTDelegate()
|
||||
override;
|
||||
|
|
|
|||
|
|
@ -1,68 +0,0 @@
|
|||
// Copyright (c) 2015 GitHub, Inc.
|
||||
// Use of this source code is governed by the MIT license that can be
|
||||
// found in the LICENSE file.
|
||||
|
||||
#include "atom/browser/net/atom_ssl_config_service.h"
|
||||
|
||||
#include <string>
|
||||
#include <vector>
|
||||
|
||||
#include "atom/common/options_switches.h"
|
||||
#include "base/command_line.h"
|
||||
#include "base/strings/string_split.h"
|
||||
#include "content/public/browser/browser_thread.h"
|
||||
#include "net/socket/ssl_client_socket.h"
|
||||
#include "net/ssl/ssl_cipher_suite_names.h"
|
||||
|
||||
namespace atom {
|
||||
|
||||
namespace {
|
||||
|
||||
uint16_t GetSSLProtocolVersion(const std::string& version_string) {
|
||||
uint16_t version = 0; // Invalid
|
||||
if (version_string == "tls1")
|
||||
version = net::SSL_PROTOCOL_VERSION_TLS1;
|
||||
else if (version_string == "tls1.1")
|
||||
version = net::SSL_PROTOCOL_VERSION_TLS1_1;
|
||||
else if (version_string == "tls1.2")
|
||||
version = net::SSL_PROTOCOL_VERSION_TLS1_2;
|
||||
return version;
|
||||
}
|
||||
|
||||
std::vector<uint16_t> ParseCipherSuites(
|
||||
const std::vector<std::string>& cipher_strings) {
|
||||
std::vector<uint16_t> cipher_suites;
|
||||
cipher_suites.reserve(cipher_strings.size());
|
||||
|
||||
for (auto& cipher_string : cipher_strings) {
|
||||
uint16_t cipher_suite = 0;
|
||||
if (!net::ParseSSLCipherString(cipher_string, &cipher_suite)) {
|
||||
LOG(ERROR) << "Ignoring unrecognised cipher suite : "
|
||||
<< cipher_string;
|
||||
continue;
|
||||
}
|
||||
cipher_suites.push_back(cipher_suite);
|
||||
}
|
||||
return cipher_suites;
|
||||
}
|
||||
|
||||
} // namespace
|
||||
|
||||
AtomSSLConfigService::AtomSSLConfigService() {
|
||||
auto cmd_line = base::CommandLine::ForCurrentProcess();
|
||||
if (cmd_line->HasSwitch(switches::kCipherSuiteBlacklist)) {
|
||||
auto cipher_strings = base::SplitString(
|
||||
cmd_line->GetSwitchValueASCII(switches::kCipherSuiteBlacklist),
|
||||
",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
|
||||
config_.disabled_cipher_suites = ParseCipherSuites(cipher_strings);
|
||||
}
|
||||
}
|
||||
|
||||
AtomSSLConfigService::~AtomSSLConfigService() {
|
||||
}
|
||||
|
||||
void AtomSSLConfigService::GetSSLConfig(net::SSLConfig* config) {
|
||||
*config = config_;
|
||||
}
|
||||
|
||||
} // namespace atom
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
// Copyright (c) 2015 GitHub, Inc.
|
||||
// Use of this source code is governed by the MIT license that can be
|
||||
// found in the LICENSE file.
|
||||
|
||||
#ifndef ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_
|
||||
#define ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_
|
||||
|
||||
#include "net/ssl/ssl_config_service.h"
|
||||
|
||||
namespace atom {
|
||||
|
||||
class AtomSSLConfigService : public net::SSLConfigService {
|
||||
public:
|
||||
AtomSSLConfigService();
|
||||
~AtomSSLConfigService() override;
|
||||
|
||||
// net::SSLConfigService:
|
||||
void GetSSLConfig(net::SSLConfig* config) override;
|
||||
|
||||
private:
|
||||
net::SSLConfig config_;
|
||||
|
||||
DISALLOW_COPY_AND_ASSIGN(AtomSSLConfigService);
|
||||
};
|
||||
|
||||
} // namespace atom
|
||||
|
||||
#endif // ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_
|
||||
|
|
@ -150,9 +150,6 @@ const char kRegisterServiceWorkerSchemes[] = "register-service-worker-schemes";
|
|||
// Register schemes as secure.
|
||||
const char kSecureSchemes[] = "secure-schemes";
|
||||
|
||||
// Comma-separated list of SSL cipher suites to disable.
|
||||
const char kCipherSuiteBlacklist[] = "cipher-suite-blacklist";
|
||||
|
||||
// The browser process app model ID
|
||||
const char kAppUserModelId[] = "app-user-model-id";
|
||||
|
||||
|
|
|
|||
|
|
@ -78,7 +78,6 @@ extern const char kDisableHttpCache[];
|
|||
extern const char kStandardSchemes[];
|
||||
extern const char kRegisterServiceWorkerSchemes[];
|
||||
extern const char kSecureSchemes[];
|
||||
extern const char kCipherSuiteBlacklist[];
|
||||
extern const char kAppUserModelId[];
|
||||
|
||||
extern const char kBackgroundColor[];
|
||||
|
|
|
|||
|
|
@ -97,10 +97,6 @@ pepper flash pluginの`version`を設定します。
|
|||
|
||||
ネットログイベントを保存し、`path`に書き込みを有効化します。
|
||||
|
||||
## --cipher-suite-blacklist=`cipher_suites`
|
||||
|
||||
無効にするために、SSL暗号スイートのカンマ区切りのリストを指定します。
|
||||
|
||||
## --disable-renderer-backgrounding
|
||||
|
||||
不可視のページのレンダラープロセスの優先度を下げることからChromiumを防ぎます。
|
||||
|
|
|
|||
|
|
@ -138,10 +138,6 @@ Pepper 플래시 플러그인의 버전을 설정합니다.
|
|||
|
||||
Net log 이벤트를 활성화하고 `path`에 로그를 기록합니다.
|
||||
|
||||
## --cipher-suite-blacklist=`cipher_suites`
|
||||
|
||||
SSL 암호화를 비활성화할 대상 목록을 지정합니다. (`,`로 구분)
|
||||
|
||||
## --disable-renderer-backgrounding
|
||||
|
||||
Chromium이 렌더러 프로세스의 보이지 않는 페이지의 우선순위를 낮추는 것을 방지합니다.
|
||||
|
|
|
|||
|
|
@ -102,10 +102,6 @@ app.commandLine.appendSwitch('proxy-bypass-list', '<local>;*.google.com;*foo.com
|
|||
|
||||
使网络日志事件能够被读写到 `path`.
|
||||
|
||||
## --cipher-suite-blacklist=`cipher_suites`
|
||||
|
||||
指定逗号分隔的 SSL 密码套件 列表实效.
|
||||
|
||||
## --disable-renderer-backgrounding
|
||||
|
||||
防止 Chromium 降低隐藏的渲染进程优先级.
|
||||
|
|
|
|||
|
|
@ -136,10 +136,6 @@ Sets the `version` of the pepper flash plugin.
|
|||
|
||||
Enables net log events to be saved and writes them to `path`.
|
||||
|
||||
## --cipher-suite-blacklist=`cipher_suites`
|
||||
|
||||
Specifies comma-separated list of SSL cipher suites to disable.
|
||||
|
||||
## --disable-renderer-backgrounding
|
||||
|
||||
Prevents Chromium from lowering the priority of invisible pages' renderer
|
||||
|
|
|
|||
|
|
@ -245,8 +245,6 @@
|
|||
'atom/browser/net/atom_cookie_delegate.h',
|
||||
'atom/browser/net/atom_network_delegate.cc',
|
||||
'atom/browser/net/atom_network_delegate.h',
|
||||
'atom/browser/net/atom_ssl_config_service.cc',
|
||||
'atom/browser/net/atom_ssl_config_service.h',
|
||||
'atom/browser/net/atom_url_request.cc',
|
||||
'atom/browser/net/atom_url_request.h',
|
||||
'atom/browser/net/atom_url_request_job_factory.cc',
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче