diff --git a/atom/browser/atom_browser_context.cc b/atom/browser/atom_browser_context.cc index 1bab4a968d3..d20d653c7d9 100644 --- a/atom/browser/atom_browser_context.cc +++ b/atom/browser/atom_browser_context.cc @@ -15,7 +15,6 @@ #include "atom/browser/net/atom_cert_verifier.h" #include "atom/browser/net/atom_ct_delegate.h" #include "atom/browser/net/atom_network_delegate.h" -#include "atom/browser/net/atom_ssl_config_service.h" #include "atom/browser/net/atom_url_request_job_factory.h" #include "atom/browser/net/http_protocol_handler.h" #include "atom/browser/web_view_manager.h" @@ -198,10 +197,6 @@ std::unique_ptr AtomBrowserContext::CreateCertVerifier() { return base::WrapUnique(new AtomCertVerifier(ct_delegate_.get())); } -net::SSLConfigService* AtomBrowserContext::CreateSSLConfigService() { - return new AtomSSLConfigService; -} - std::vector AtomBrowserContext::GetCookieableSchemes() { auto default_schemes = brightray::BrowserContext::GetCookieableSchemes(); const auto& standard_schemes = atom::api::GetStandardSchemes(); diff --git a/atom/browser/atom_browser_context.h b/atom/browser/atom_browser_context.h index f149e62cb27..340c8f46626 100644 --- a/atom/browser/atom_browser_context.h +++ b/atom/browser/atom_browser_context.h @@ -41,7 +41,6 @@ class AtomBrowserContext : public brightray::BrowserContext { net::HttpCache::BackendFactory* CreateHttpCacheBackendFactory( const base::FilePath& base_path) override; std::unique_ptr CreateCertVerifier() override; - net::SSLConfigService* CreateSSLConfigService() override; std::vector GetCookieableSchemes() override; net::TransportSecurityState::RequireCTDelegate* GetRequireCTDelegate() override; diff --git a/atom/browser/net/atom_ssl_config_service.cc b/atom/browser/net/atom_ssl_config_service.cc deleted file mode 100644 index 84d3583a530..00000000000 --- a/atom/browser/net/atom_ssl_config_service.cc +++ /dev/null @@ -1,68 +0,0 @@ -// Copyright (c) 2015 GitHub, Inc. -// Use of this source code is governed by the MIT license that can be -// found in the LICENSE file. - -#include "atom/browser/net/atom_ssl_config_service.h" - -#include -#include - -#include "atom/common/options_switches.h" -#include "base/command_line.h" -#include "base/strings/string_split.h" -#include "content/public/browser/browser_thread.h" -#include "net/socket/ssl_client_socket.h" -#include "net/ssl/ssl_cipher_suite_names.h" - -namespace atom { - -namespace { - -uint16_t GetSSLProtocolVersion(const std::string& version_string) { - uint16_t version = 0; // Invalid - if (version_string == "tls1") - version = net::SSL_PROTOCOL_VERSION_TLS1; - else if (version_string == "tls1.1") - version = net::SSL_PROTOCOL_VERSION_TLS1_1; - else if (version_string == "tls1.2") - version = net::SSL_PROTOCOL_VERSION_TLS1_2; - return version; -} - -std::vector ParseCipherSuites( - const std::vector& cipher_strings) { - std::vector cipher_suites; - cipher_suites.reserve(cipher_strings.size()); - - for (auto& cipher_string : cipher_strings) { - uint16_t cipher_suite = 0; - if (!net::ParseSSLCipherString(cipher_string, &cipher_suite)) { - LOG(ERROR) << "Ignoring unrecognised cipher suite : " - << cipher_string; - continue; - } - cipher_suites.push_back(cipher_suite); - } - return cipher_suites; -} - -} // namespace - -AtomSSLConfigService::AtomSSLConfigService() { - auto cmd_line = base::CommandLine::ForCurrentProcess(); - if (cmd_line->HasSwitch(switches::kCipherSuiteBlacklist)) { - auto cipher_strings = base::SplitString( - cmd_line->GetSwitchValueASCII(switches::kCipherSuiteBlacklist), - ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY); - config_.disabled_cipher_suites = ParseCipherSuites(cipher_strings); - } -} - -AtomSSLConfigService::~AtomSSLConfigService() { -} - -void AtomSSLConfigService::GetSSLConfig(net::SSLConfig* config) { - *config = config_; -} - -} // namespace atom diff --git a/atom/browser/net/atom_ssl_config_service.h b/atom/browser/net/atom_ssl_config_service.h deleted file mode 100644 index 2e3ac4f6c59..00000000000 --- a/atom/browser/net/atom_ssl_config_service.h +++ /dev/null @@ -1,28 +0,0 @@ -// Copyright (c) 2015 GitHub, Inc. -// Use of this source code is governed by the MIT license that can be -// found in the LICENSE file. - -#ifndef ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_ -#define ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_ - -#include "net/ssl/ssl_config_service.h" - -namespace atom { - -class AtomSSLConfigService : public net::SSLConfigService { - public: - AtomSSLConfigService(); - ~AtomSSLConfigService() override; - - // net::SSLConfigService: - void GetSSLConfig(net::SSLConfig* config) override; - - private: - net::SSLConfig config_; - - DISALLOW_COPY_AND_ASSIGN(AtomSSLConfigService); -}; - -} // namespace atom - -#endif // ATOM_BROWSER_NET_ATOM_SSL_CONFIG_SERVICE_H_ diff --git a/atom/common/options_switches.cc b/atom/common/options_switches.cc index 51bba5f9272..4729a28127d 100644 --- a/atom/common/options_switches.cc +++ b/atom/common/options_switches.cc @@ -150,9 +150,6 @@ const char kRegisterServiceWorkerSchemes[] = "register-service-worker-schemes"; // Register schemes as secure. const char kSecureSchemes[] = "secure-schemes"; -// Comma-separated list of SSL cipher suites to disable. -const char kCipherSuiteBlacklist[] = "cipher-suite-blacklist"; - // The browser process app model ID const char kAppUserModelId[] = "app-user-model-id"; diff --git a/atom/common/options_switches.h b/atom/common/options_switches.h index 340b130998e..c81ab529cfe 100644 --- a/atom/common/options_switches.h +++ b/atom/common/options_switches.h @@ -78,7 +78,6 @@ extern const char kDisableHttpCache[]; extern const char kStandardSchemes[]; extern const char kRegisterServiceWorkerSchemes[]; extern const char kSecureSchemes[]; -extern const char kCipherSuiteBlacklist[]; extern const char kAppUserModelId[]; extern const char kBackgroundColor[]; diff --git a/docs-translations/jp/api/chrome-command-line-switches.md b/docs-translations/jp/api/chrome-command-line-switches.md index 63a6ca57366..d8845c8ef77 100644 --- a/docs-translations/jp/api/chrome-command-line-switches.md +++ b/docs-translations/jp/api/chrome-command-line-switches.md @@ -97,10 +97,6 @@ pepper flash pluginの`version`を設定します。 ネットログイベントを保存し、`path`に書き込みを有効化します。 -## --cipher-suite-blacklist=`cipher_suites` - -無効にするために、SSL暗号スイートのカンマ区切りのリストを指定します。 - ## --disable-renderer-backgrounding 不可視のページのレンダラープロセスの優先度を下げることからChromiumを防ぎます。 diff --git a/docs-translations/ko-KR/api/chrome-command-line-switches.md b/docs-translations/ko-KR/api/chrome-command-line-switches.md index 53cd1a54964..b2178fa3633 100644 --- a/docs-translations/ko-KR/api/chrome-command-line-switches.md +++ b/docs-translations/ko-KR/api/chrome-command-line-switches.md @@ -138,10 +138,6 @@ Pepper 플래시 플러그인의 버전을 설정합니다. Net log 이벤트를 활성화하고 `path`에 로그를 기록합니다. -## --cipher-suite-blacklist=`cipher_suites` - -SSL 암호화를 비활성화할 대상 목록을 지정합니다. (`,`로 구분) - ## --disable-renderer-backgrounding Chromium이 렌더러 프로세스의 보이지 않는 페이지의 우선순위를 낮추는 것을 방지합니다. diff --git a/docs-translations/zh-CN/api/chrome-command-line-switches.md b/docs-translations/zh-CN/api/chrome-command-line-switches.md index 782617cbf10..8bb540e4427 100644 --- a/docs-translations/zh-CN/api/chrome-command-line-switches.md +++ b/docs-translations/zh-CN/api/chrome-command-line-switches.md @@ -102,10 +102,6 @@ app.commandLine.appendSwitch('proxy-bypass-list', ';*.google.com;*foo.com 使网络日志事件能够被读写到 `path`. -## --cipher-suite-blacklist=`cipher_suites` - -指定逗号分隔的 SSL 密码套件 列表实效. - ## --disable-renderer-backgrounding 防止 Chromium 降低隐藏的渲染进程优先级. diff --git a/docs/api/chrome-command-line-switches.md b/docs/api/chrome-command-line-switches.md index 5849b24aab8..5bc1a99e952 100644 --- a/docs/api/chrome-command-line-switches.md +++ b/docs/api/chrome-command-line-switches.md @@ -136,10 +136,6 @@ Sets the `version` of the pepper flash plugin. Enables net log events to be saved and writes them to `path`. -## --cipher-suite-blacklist=`cipher_suites` - -Specifies comma-separated list of SSL cipher suites to disable. - ## --disable-renderer-backgrounding Prevents Chromium from lowering the priority of invisible pages' renderer diff --git a/filenames.gypi b/filenames.gypi index 0f7597d09ef..636cbb60638 100644 --- a/filenames.gypi +++ b/filenames.gypi @@ -245,8 +245,6 @@ 'atom/browser/net/atom_cookie_delegate.h', 'atom/browser/net/atom_network_delegate.cc', 'atom/browser/net/atom_network_delegate.h', - 'atom/browser/net/atom_ssl_config_service.cc', - 'atom/browser/net/atom_ssl_config_service.h', 'atom/browser/net/atom_url_request.cc', 'atom/browser/net/atom_url_request.h', 'atom/browser/net/atom_url_request_job_factory.cc',