| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 1150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1161 | 1161 |
| 1162 switch (error) { | 1162 switch (error) { |
| 1163 case ERR_SSL_PROTOCOL_ERROR: | 1163 case ERR_SSL_PROTOCOL_ERROR: |
| 1164 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH: | 1164 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH: |
| 1165 case ERR_SSL_DECOMPRESSION_FAILURE_ALERT: | 1165 case ERR_SSL_DECOMPRESSION_FAILURE_ALERT: |
| 1166 case ERR_SSL_BAD_RECORD_MAC_ALERT: | 1166 case ERR_SSL_BAD_RECORD_MAC_ALERT: |
| 1167 if (server_ssl_config_.tls1_enabled) { | 1167 if (server_ssl_config_.tls1_enabled) { |
| 1168 // This could be a TLS-intolerant server, an SSL 3.0 server that | 1168 // This could be a TLS-intolerant server, an SSL 3.0 server that |
| 1169 // chose a TLS-only cipher suite or a server with buggy DEFLATE | 1169 // chose a TLS-only cipher suite or a server with buggy DEFLATE |
| 1170 // support. Turn off TLS 1.0, DEFLATE support and retry. | 1170 // support. Turn off TLS 1.0, DEFLATE support and retry. |
| 1171 session_->http_stream_factory()->AddTLSIntolerantServer( | 1171 LOG(WARNING) << "Falling back to SSLv3 because host is TLS intolerant: " |
| 1172 HostPortPair::FromURL(request_->url)); | 1172 << GetHostAndPort(request_->url); |
| 1173 server_ssl_config_.tls1_enabled = false; |
| 1174 server_ssl_config_.ssl3_fallback = true; |
| 1173 ResetConnectionAndRequestForResend(); | 1175 ResetConnectionAndRequestForResend(); |
| 1174 error = OK; | 1176 error = OK; |
| 1175 } | 1177 } |
| 1176 break; | 1178 break; |
| 1177 } | 1179 } |
| 1178 return error; | 1180 return error; |
| 1179 } | 1181 } |
| 1180 | 1182 |
| 1181 // This method determines whether it is safe to resend the request after an | 1183 // This method determines whether it is safe to resend the request after an |
| 1182 // IO error. It can only be called in response to request header or body | 1184 // IO error. It can only be called in response to request header or body |
| (...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1371 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, | 1373 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, |
| 1372 state); | 1374 state); |
| 1373 break; | 1375 break; |
| 1374 } | 1376 } |
| 1375 return description; | 1377 return description; |
| 1376 } | 1378 } |
| 1377 | 1379 |
| 1378 #undef STATE_CASE | 1380 #undef STATE_CASE |
| 1379 | 1381 |
| 1380 } // namespace net | 1382 } // namespace net |
| OLD | NEW |