| Index: webrtc/base/opensslstreamadapter.cc
|
| diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc
|
| index 622c714a16c17505fcff4d2a42589ca0378efa91..270faa0809f42013c01aeb35854d7c98b3b9cc1f 100644
|
| --- a/webrtc/base/opensslstreamadapter.cc
|
| +++ b/webrtc/base/opensslstreamadapter.cc
|
| @@ -160,10 +160,12 @@
|
| static int kDefaultSslEcCipher12 =
|
| static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
|
| // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable.
|
| +// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when
|
| +// available.
|
| static int kDefaultSslCipher12NoAesGcm =
|
| - static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
|
| + static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD);
|
| static int kDefaultSslEcCipher12NoAesGcm =
|
| - static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
|
| + static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD);
|
| #else // !OPENSSL_IS_BORINGSSL
|
| // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't
|
| // change between TLS 1.0 and TLS 1.2 with the current setup.
|
| @@ -171,7 +173,7 @@
|
| static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
|
| static int kDefaultSslEcCipher12 =
|
| static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
|
| -#endif // OPENSSL_IS_BORINGSSL
|
| +#endif
|
|
|
| #if defined(_MSC_VER)
|
| #pragma warning(pop)
|
|
|
Chromium Code Reviews
Issue 1586183002:
Revert of Update with new default boringssl no-aes cipher suites. Re-enable tests. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master