net/ssl/ssl_failure_state.h - Issue 1127623005: Gather metrics classifying the cause of the TLS fallback.

Side by Side Diff: net/ssl/ssl_failure_state.h

Issue 1127623005: Gather metrics classifying the cause of the TLS fallback. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@fallback-required

Patch Set: rebase Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2015 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef NET_SSL_SSL_FAILURE_STATE_H_

	6 #define NET_SSL_SSL_FAILURE_STATE_H_

	7

	8 namespace net {

	9

	10 // Gives more information about the state of the handshake when it failed. This
	Ryan Sleevi 2015/05/13 22:26:37 s/the handshake/TLS handshake/ s/when it failed/w s/the handshake/TLS handshake/ s/when it failed/when it fails/? Is this documenting too much about the API? That is, the "gives" verb is a property of the socket, this enum doesn't give anything. // Describes the most likely cause for the TLS handshake failure. This is an // approximation used to classify the causes of TLS version fallback. or something like that? davidben 2015/05/14 23:24:34 Yeah, your's is much better. DOne. Show quoted text On 2015/05/13 22:26:37, Ryan Sleevi wrote: > s/the handshake/TLS handshake/ > > s/when it failed/when it fails/? > > Is this documenting too much about the API? That is, the "gives" verb is a > property of the socket, this enum doesn't give anything. > > // Describes the most likely cause for the TLS handshake failure. This is an > // approximation used to classify the causes of TLS version fallback. > > or something like that? Yeah, your's is much better. DOne.
	11 // is used to classify on causes of the TLS version fallback. These values are

	12 // used in histograms, so new values must be appended.

	13 enum SSLFailureState {

	14 // The connection was successful.

	15 kSSLFailureNone = 0,

	16 // The connection failed for unknown reasons.

	17 kSSLFailureUnknown = 1,

	18 // The connection failed after sending ClientHello and before receiving

	19 // ServerHello.

	20 kSSLFailureClientHello = 2,

	21 // The connection failed after negotiating TLS_RSA_WITH_AES_128_GCM_SHA256 or

	22 // TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 and completing the client's second

	23 // leg. Some Microsoft IIS servers fail at this point. See

	24 // https://crbug.com/433406.

	25 kSSLFailureBuggyGCM = 3,

	26 // The connection failed after CertificateVerify was sent. Some servers are

	27 // known to incorrectly implement TLS 1.2 client auth.

	28 kSSLFailureClientAuth = 4,

	29 // The connection failed because the server attempted to resume a session at

	30 // the wrong version. Some versions of OpenSSL may do this in rare

	31 // circumstances. See https://crbug.com/441456

	32 kSSLFailureSessionMismatch = 5,

	33 // The connection failed after sending the NextProto message. Some F5 servers

	34 // fail to parse such messages in TLS 1.1 and TLS 1.2, but not 1.0. See

	35 // https://crbug.com/466977.

	36 kSSLFailureNextProto = 6,
	Ryan Sleevi 2015/05/13 22:26:37 style: Newlines between each value would help (eg style: Newlines between each value would help (eg line 15+16, line 17+18, line 20+21, etc) davidben 2015/05/14 23:24:34 Done. Show quoted text On 2015/05/13 22:26:37, Ryan Sleevi wrote: > style: Newlines between each value would help (eg line 15+16, line 17+18, line > 20+21, etc) Done.
	37

	38 kSSLFailureMax,

	39 };

	40

	41 } // namespace net

	42

	43 #endif // NET_SSL_SSL_FAILURE_STATE_H_

OLD	NEW

« net/socket/ssl_client_socket_openssl.cc ('K') | « net/socket/ssl_client_socket_pool.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »