Add a new allowLegacyUnsafeRenegotiation
property to SecurityContext
#48513
Labels
area-core-library
SDK core library issues (core, async, ...); use area-vm or area-web for platform specific libraries.
enhancement-breaking-change
An enhancement which is breaking.
library-io
Change
I propose that we add a new boolean
allowLegacyUnsafeRenegotiation
property toSecurityContext
.If set, it would allow client sockets to renegotiate TLS connections if requested to by the server (see #47841).
Rationale
The
SecurityContext
API is already property based and implementing this as a constructor argument would be inconsistent with the rest of the API (where the only constructor argument is one that cannot be logically set after construction). Also, parameterizing all future functionality as constructor arguments does not seem scalable.Impact
All classes that
implements SecurityContext
(withoutextends Mock
or equivalentnoSuchMethod
implementation) will need to be updated.There are no such classes in Flutter or at Google.
Mitigation
Users must implement the
allowLegacyUnsafeRenegotiation
property.The text was updated successfully, but these errors were encountered: