OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 1150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1161 | 1161 |
1162 switch (error) { | 1162 switch (error) { |
1163 case ERR_SSL_PROTOCOL_ERROR: | 1163 case ERR_SSL_PROTOCOL_ERROR: |
1164 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH: | 1164 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH: |
1165 case ERR_SSL_DECOMPRESSION_FAILURE_ALERT: | 1165 case ERR_SSL_DECOMPRESSION_FAILURE_ALERT: |
1166 case ERR_SSL_BAD_RECORD_MAC_ALERT: | 1166 case ERR_SSL_BAD_RECORD_MAC_ALERT: |
1167 if (server_ssl_config_.tls1_enabled) { | 1167 if (server_ssl_config_.tls1_enabled) { |
1168 // This could be a TLS-intolerant server, an SSL 3.0 server that | 1168 // This could be a TLS-intolerant server, an SSL 3.0 server that |
1169 // chose a TLS-only cipher suite or a server with buggy DEFLATE | 1169 // chose a TLS-only cipher suite or a server with buggy DEFLATE |
1170 // support. Turn off TLS 1.0, DEFLATE support and retry. | 1170 // support. Turn off TLS 1.0, DEFLATE support and retry. |
1171 session_->http_stream_factory()->AddTLSIntolerantServer( | 1171 LOG(WARNING) << "Falling back to SSLv3 because host is TLS intolerant: " |
1172 HostPortPair::FromURL(request_->url)); | 1172 << GetHostAndPort(request_->url); |
| 1173 server_ssl_config_.tls1_enabled = false; |
| 1174 server_ssl_config_.ssl3_fallback = true; |
1173 ResetConnectionAndRequestForResend(); | 1175 ResetConnectionAndRequestForResend(); |
1174 error = OK; | 1176 error = OK; |
1175 } | 1177 } |
1176 break; | 1178 break; |
1177 } | 1179 } |
1178 return error; | 1180 return error; |
1179 } | 1181 } |
1180 | 1182 |
1181 // This method determines whether it is safe to resend the request after an | 1183 // This method determines whether it is safe to resend the request after an |
1182 // IO error. It can only be called in response to request header or body | 1184 // IO error. It can only be called in response to request header or body |
(...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1371 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, | 1373 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, |
1372 state); | 1374 state); |
1373 break; | 1375 break; |
1374 } | 1376 } |
1375 return description; | 1377 return description; |
1376 } | 1378 } |
1377 | 1379 |
1378 #undef STATE_CASE | 1380 #undef STATE_CASE |
1379 | 1381 |
1380 } // namespace net | 1382 } // namespace net |
OLD | NEW |