Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(480)

Side by Side Diff: net/http/http_network_transaction.cc

Issue 2805039: SPDY: Make sure we don't try to send https/wss over an unauthenticated, but encrypted SSL socket. (Closed) Base URL: http://src.chromium.org/git/chromium.git
Patch Set: Propagate error codes. Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_network_transaction.h ('k') | net/spdy/spdy_http_stream_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/http_network_transaction.h" 5 #include "net/http/http_network_transaction.h"
6 6
7 #include "base/compiler_specific.h" 7 #include "base/compiler_specific.h"
8 #include "base/field_trial.h" 8 #include "base/field_trial.h"
9 #include "base/format_macros.h" 9 #include "base/format_macros.h"
10 #include "base/histogram.h" 10 #include "base/histogram.h"
(...skipping 270 matching lines...) Expand 10 before | Expand all | Expand 10 after
281 user_callback_(NULL), 281 user_callback_(NULL),
282 session_(session), 282 session_(session),
283 request_(NULL), 283 request_(NULL),
284 pac_request_(NULL), 284 pac_request_(NULL),
285 connection_(new ClientSocketHandle), 285 connection_(new ClientSocketHandle),
286 reused_socket_(false), 286 reused_socket_(false),
287 headers_valid_(false), 287 headers_valid_(false),
288 logged_response_time_(false), 288 logged_response_time_(false),
289 using_ssl_(false), 289 using_ssl_(false),
290 using_spdy_(false), 290 using_spdy_(false),
291 spdy_certificate_error_(OK),
291 alternate_protocol_mode_( 292 alternate_protocol_mode_(
292 g_use_alternate_protocols ? kUnspecified : 293 g_use_alternate_protocols ? kUnspecified :
293 kDoNotUseAlternateProtocol), 294 kDoNotUseAlternateProtocol),
294 read_buf_len_(0), 295 read_buf_len_(0),
295 next_state_(STATE_NONE) { 296 next_state_(STATE_NONE) {
296 session->ssl_config_service()->GetSSLConfig(&ssl_config_); 297 session->ssl_config_service()->GetSSLConfig(&ssl_config_);
297 if (g_next_protos) 298 if (g_next_protos)
298 ssl_config_.next_protos = *g_next_protos; 299 ssl_config_.next_protos = *g_next_protos;
299 if (!g_tls_intolerant_servers) 300 if (!g_tls_intolerant_servers)
300 g_tls_intolerant_servers = new std::set<std::string>; 301 g_tls_intolerant_servers = new std::set<std::string>;
(...skipping 834 matching lines...) Expand 10 before | Expand all | Expand 10 after
1135 if (alternate_protocol_mode_ == kUsingAlternateProtocol && 1136 if (alternate_protocol_mode_ == kUsingAlternateProtocol &&
1136 alternate_protocol_ == HttpAlternateProtocols::NPN_SPDY_1 && 1137 alternate_protocol_ == HttpAlternateProtocols::NPN_SPDY_1 &&
1137 !using_spdy_) { 1138 !using_spdy_) {
1138 // We tried using the NPN_SPDY_1 alternate protocol, but failed, so we 1139 // We tried using the NPN_SPDY_1 alternate protocol, but failed, so we
1139 // fallback. 1140 // fallback.
1140 MarkBrokenAlternateProtocolAndFallback(); 1141 MarkBrokenAlternateProtocolAndFallback();
1141 return OK; 1142 return OK;
1142 } 1143 }
1143 1144
1144 if (IsCertificateError(result)) { 1145 if (IsCertificateError(result)) {
1145 result = HandleCertificateError(result); 1146 if (using_spdy_ && request_->url.SchemeIs("http")) {
1146 if (result == OK && !connection_->socket()->IsConnectedAndIdle()) { 1147 // We ignore certificate errors for http over spdy.
1147 connection_->socket()->Disconnect(); 1148 spdy_certificate_error_ = result;
1148 connection_->Reset(); 1149 result = OK;
1149 next_state_ = STATE_INIT_CONNECTION; 1150 } else {
1150 return result; 1151 result = HandleCertificateError(result);
1152 if (result == OK && !connection_->socket()->IsConnectedAndIdle()) {
1153 connection_->socket()->Disconnect();
1154 connection_->Reset();
1155 next_state_ = STATE_INIT_CONNECTION;
1156 return result;
1157 }
1151 } 1158 }
1152 } 1159 }
1153 1160
1154 if (result == OK) { 1161 if (result == OK) {
1155 DCHECK(ssl_connect_start_time_ != base::TimeTicks()); 1162 DCHECK(ssl_connect_start_time_ != base::TimeTicks());
1156 base::TimeDelta connect_duration = 1163 base::TimeDelta connect_duration =
1157 base::TimeTicks::Now() - ssl_connect_start_time_; 1164 base::TimeTicks::Now() - ssl_connect_start_time_;
1158 1165
1159 if (using_spdy_) { 1166 if (using_spdy_) {
1160 UMA_HISTOGRAM_CUSTOM_TIMES("Net.SpdyConnectionLatency", 1167 UMA_HISTOGRAM_CUSTOM_TIMES("Net.SpdyConnectionLatency",
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after
1487 scoped_refptr<SpdySession> spdy_session; 1494 scoped_refptr<SpdySession> spdy_session;
1488 1495
1489 if (spdy_pool->HasSession(endpoint_)) { 1496 if (spdy_pool->HasSession(endpoint_)) {
1490 spdy_session = spdy_pool->Get(endpoint_, session_, net_log_); 1497 spdy_session = spdy_pool->Get(endpoint_, session_, net_log_);
1491 } else { 1498 } else {
1492 // SPDY is negotiated using the TLS next protocol negotiation (NPN) 1499 // SPDY is negotiated using the TLS next protocol negotiation (NPN)
1493 // extension, so |connection_| must contain an SSLClientSocket. 1500 // extension, so |connection_| must contain an SSLClientSocket.
1494 DCHECK(using_ssl_); 1501 DCHECK(using_ssl_);
1495 CHECK(connection_->socket()); 1502 CHECK(connection_->socket());
1496 int error = spdy_pool->GetSpdySessionFromSSLSocket( 1503 int error = spdy_pool->GetSpdySessionFromSSLSocket(
1497 endpoint_, session_, connection_.release(), net_log_, spdy_session); 1504 endpoint_, session_, connection_.release(), net_log_,
1505 spdy_certificate_error_, &spdy_session);
1498 if (error != OK) 1506 if (error != OK)
1499 return error; 1507 return error;
1500 } 1508 }
1501 1509
1502 CHECK(spdy_session.get()); 1510 CHECK(spdy_session.get());
1503 1511
1504 UploadDataStream* upload_data = NULL; 1512 UploadDataStream* upload_data = NULL;
1505 if (request_->upload_data) { 1513 if (request_->upload_data) {
1506 int error_code = OK; 1514 int error_code = OK;
1507 upload_data = UploadDataStream::Create(request_->upload_data, &error_code); 1515 upload_data = UploadDataStream::Create(request_->upload_data, &error_code);
1508 if (!upload_data) 1516 if (!upload_data)
1509 return error_code; 1517 return error_code;
1510 } 1518 }
1511 headers_valid_ = false; 1519 headers_valid_ = false;
1512 scoped_refptr<SpdyStream> spdy_stream; 1520 scoped_refptr<SpdyStream> spdy_stream;
1513 if (request_->method == "GET") 1521 if (request_->method == "GET") {
1514 spdy_stream = spdy_session->GetPushStream(request_->url, net_log_); 1522 int error =
1523 spdy_session->GetPushStream(request_->url, &spdy_stream, net_log_);
1524 if (error != OK)
1525 return error;
1526 }
1515 if (spdy_stream.get()) { 1527 if (spdy_stream.get()) {
1516 DCHECK(spdy_stream->pushed()); 1528 DCHECK(spdy_stream->pushed());
1517 CHECK(spdy_stream->GetDelegate() == NULL); 1529 CHECK(spdy_stream->GetDelegate() == NULL);
1518 spdy_http_stream_.reset(new SpdyHttpStream(spdy_stream)); 1530 spdy_http_stream_.reset(new SpdyHttpStream(spdy_stream));
1519 spdy_http_stream_->InitializeRequest(*request_, base::Time::Now(), NULL); 1531 spdy_http_stream_->InitializeRequest(*request_, base::Time::Now(), NULL);
1520 } else { 1532 } else {
1521 spdy_stream = spdy_session->CreateStream(request_->url, 1533 int error = spdy_session->CreateStream(request_->url,
1522 request_->priority, 1534 request_->priority,
1523 net_log_); 1535 &spdy_stream,
1536 net_log_);
1537 if (error != OK)
1538 return error;
1524 DCHECK(!spdy_stream->pushed()); 1539 DCHECK(!spdy_stream->pushed());
1525 CHECK(spdy_stream->GetDelegate() == NULL); 1540 CHECK(spdy_stream->GetDelegate() == NULL);
1526 spdy_http_stream_.reset(new SpdyHttpStream(spdy_stream)); 1541 spdy_http_stream_.reset(new SpdyHttpStream(spdy_stream));
1527 spdy_http_stream_->InitializeRequest( 1542 spdy_http_stream_->InitializeRequest(
1528 *request_, base::Time::Now(), upload_data); 1543 *request_, base::Time::Now(), upload_data);
1529 } 1544 }
1530 return spdy_http_stream_->SendRequest(&response_, &io_callback_); 1545 return spdy_http_stream_->SendRequest(&response_, &io_callback_);
1531 } 1546 }
1532 1547
1533 int HttpNetworkTransaction::DoSpdySendRequestComplete(int result) { 1548 int HttpNetworkTransaction::DoSpdySendRequestComplete(int result) {
(...skipping 494 matching lines...) Expand 10 before | Expand all | Expand 10 after
2028 endpoint_); 2043 endpoint_);
2029 2044
2030 alternate_protocol_mode_ = kDoNotUseAlternateProtocol; 2045 alternate_protocol_mode_ = kDoNotUseAlternateProtocol;
2031 if (connection_->socket()) 2046 if (connection_->socket())
2032 connection_->socket()->Disconnect(); 2047 connection_->socket()->Disconnect();
2033 connection_->Reset(); 2048 connection_->Reset();
2034 next_state_ = STATE_INIT_CONNECTION; 2049 next_state_ = STATE_INIT_CONNECTION;
2035 } 2050 }
2036 2051
2037 } // namespace net 2052 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_network_transaction.h ('k') | net/spdy/spdy_http_stream_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698