OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_stream_factory_impl_job.h" | 5 #include "net/http/http_stream_factory_impl_job.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 1255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1266 // that client authentication errors can be distinguished between those | 1266 // that client authentication errors can be distinguished between those |
1267 // originating from the proxy server (ERR_PROXY_CONNECTION_FAILED) and | 1267 // originating from the proxy server (ERR_PROXY_CONNECTION_FAILED) and |
1268 // those originating from the endpoint (ERR_SSL_PROTOCOL_ERROR / | 1268 // those originating from the endpoint (ERR_SSL_PROTOCOL_ERROR / |
1269 // ERR_BAD_SSL_CLIENT_AUTH_CERT). | 1269 // ERR_BAD_SSL_CLIENT_AUTH_CERT). |
1270 // TODO(rch): This assumes that the HTTPS proxy will only request a | 1270 // TODO(rch): This assumes that the HTTPS proxy will only request a |
1271 // client certificate during the initial handshake. | 1271 // client certificate during the initial handshake. |
1272 // http://crbug.com/59292 | 1272 // http://crbug.com/59292 |
1273 ssl_config->false_start_enabled = false; | 1273 ssl_config->false_start_enabled = false; |
1274 } | 1274 } |
1275 | 1275 |
1276 enum { | |
1277 FALLBACK_NONE = 0, // SSL version fallback did not occur. | |
1278 FALLBACK_SSL3 = 1, // Fell back to SSL 3.0. | |
1279 FALLBACK_TLS1 = 2, // Fell back to TLS 1.0. | |
1280 FALLBACK_TLS1_1 = 3, // Fell back to TLS 1.1. | |
1281 FALLBACK_MAX | |
1282 }; | |
1283 | |
1284 int fallback = FALLBACK_NONE; | |
1285 if (ssl_config->version_fallback) { | |
1286 switch (ssl_config->version_max) { | |
1287 case SSL_PROTOCOL_VERSION_SSL3: | |
1288 fallback = FALLBACK_SSL3; | |
1289 break; | |
1290 case SSL_PROTOCOL_VERSION_TLS1: | |
1291 fallback = FALLBACK_TLS1; | |
1292 break; | |
1293 case SSL_PROTOCOL_VERSION_TLS1_1: | |
1294 fallback = FALLBACK_TLS1_1; | |
1295 break; | |
1296 } | |
1297 } | |
1298 UMA_HISTOGRAM_ENUMERATION("Net.ConnectionUsedSSLVersionFallback", | |
1299 fallback, FALLBACK_MAX); | |
1300 | |
1301 UMA_HISTOGRAM_BOOLEAN("Net.ConnectionUsedSSLDeprecatedCipherFallback", | |
1302 ssl_config->enable_deprecated_cipher_suites); | |
1303 | |
1304 // We also wish to measure the amount of fallback connections for a host that | |
1305 // we know implements TLS up to 1.2. Ideally there would be no fallback here | |
1306 // but high numbers of SSLv3 would suggest that SSLv3 fallback is being | |
1307 // caused by network middleware rather than buggy HTTPS servers. | |
1308 const std::string& host = server.host(); | |
1309 if (!is_proxy && | |
1310 host.size() >= 10 && | |
1311 host.compare(host.size() - 10, 10, "google.com") == 0 && | |
1312 (host.size() == 10 || host[host.size()-11] == '.')) { | |
1313 UMA_HISTOGRAM_ENUMERATION("Net.GoogleConnectionUsedSSLVersionFallback", | |
1314 fallback, FALLBACK_MAX); | |
1315 } | |
1316 | |
1317 if (request_info_.load_flags & LOAD_VERIFY_EV_CERT) | 1276 if (request_info_.load_flags & LOAD_VERIFY_EV_CERT) |
1318 ssl_config->verify_ev_cert = true; | 1277 ssl_config->verify_ev_cert = true; |
1319 | 1278 |
1320 // Disable Channel ID if privacy mode is enabled. | 1279 // Disable Channel ID if privacy mode is enabled. |
1321 if (request_info_.privacy_mode == PRIVACY_MODE_ENABLED) | 1280 if (request_info_.privacy_mode == PRIVACY_MODE_ENABLED) |
1322 ssl_config->channel_id_enabled = false; | 1281 ssl_config->channel_id_enabled = false; |
1323 } | 1282 } |
1324 | 1283 |
1325 | 1284 |
1326 int HttpStreamFactoryImpl::Job::ReconsiderProxyAfterError(int error) { | 1285 int HttpStreamFactoryImpl::Job::ReconsiderProxyAfterError(int error) { |
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1550 | 1509 |
1551 void HttpStreamFactoryImpl::Job:: | 1510 void HttpStreamFactoryImpl::Job:: |
1552 MaybeCopyConnectionAttemptsFromClientSocketHandleToRequest() { | 1511 MaybeCopyConnectionAttemptsFromClientSocketHandleToRequest() { |
1553 if (IsOrphaned() || !connection_) | 1512 if (IsOrphaned() || !connection_) |
1554 return; | 1513 return; |
1555 | 1514 |
1556 request_->AddConnectionAttempts(connection_->connection_attempts()); | 1515 request_->AddConnectionAttempts(connection_->connection_attempts()); |
1557 } | 1516 } |
1558 | 1517 |
1559 } // namespace net | 1518 } // namespace net |
OLD | NEW |