Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(720)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ssl_client_socket_nss.cc

Issue 131085: Linux: Fallback to SSL if server closes early during TLS handshake. (Closed)
Patch Set: Add braces. Created 11 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code GetDefaultCertNickname(), derived from 5 // This file includes code GetDefaultCertNickname(), derived from
6 // nsNSSCertificate::defaultServerNickName() 6 // nsNSSCertificate::defaultServerNickName()
7 // in mozilla/security/manager/ssl/src/nsNSSCertificate.cpp 7 // in mozilla/security/manager/ssl/src/nsNSSCertificate.cpp
8 // and SSLClientSocketNSS::DoVerifyCertComplete() derived from 8 // and SSLClientSocketNSS::DoVerifyCertComplete() derived from
9 // AuthCertificateCallback() in 9 // AuthCertificateCallback() in
10 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 10 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
(...skipping 673 matching lines...) Expand 10 before | Expand all | Expand 10 after
684 EnterFunction(""); 684 EnterFunction("");
685 int net_error = net::OK; 685 int net_error = net::OK;
686 int rv = SSL_ForceHandshake(nss_fd_); 686 int rv = SSL_ForceHandshake(nss_fd_);
687 687
688 if (rv == SECSuccess) { 688 if (rv == SECSuccess) {
689 // SSL handshake is completed. Let's verify the certificate. 689 // SSL handshake is completed. Let's verify the certificate.
690 GotoState(STATE_VERIFY_CERT); 690 GotoState(STATE_VERIFY_CERT);
691 // Done! 691 // Done!
692 } else { 692 } else {
693 PRErrorCode prerr = PR_GetError(); 693 PRErrorCode prerr = PR_GetError();
694 net_error = NetErrorFromNSPRError(prerr); 694
695 // If the server closed on us, it is a protocol error.
696 // Some TLS-intolerant servers do this when we request TLS.
697 if (prerr == PR_END_OF_FILE_ERROR) {
698 net_error = ERR_SSL_PROTOCOL_ERROR;
699 } else {
700 net_error = NetErrorFromNSPRError(prerr);
701 }
695 702
696 // If not done, stay in this state 703 // If not done, stay in this state
697 if (net_error == ERR_IO_PENDING) { 704 if (net_error == ERR_IO_PENDING) {
698 GotoState(STATE_HANDSHAKE_READ); 705 GotoState(STATE_HANDSHAKE_READ);
699 } else { 706 } else {
700 LOG(ERROR) << "handshake failed; NSS error code " << prerr 707 LOG(ERROR) << "handshake failed; NSS error code " << prerr
701 << ", net_error " << net_error; 708 << ", net_error " << net_error;
702 } 709 }
703 } 710 }
704 711
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
804 if (prerr == PR_WOULD_BLOCK_ERROR) { 811 if (prerr == PR_WOULD_BLOCK_ERROR) {
805 GotoState(STATE_PAYLOAD_WRITE); 812 GotoState(STATE_PAYLOAD_WRITE);
806 return ERR_IO_PENDING; 813 return ERR_IO_PENDING;
807 } 814 }
808 user_buf_ = NULL; 815 user_buf_ = NULL;
809 LeaveFunction(""); 816 LeaveFunction("");
810 return NetErrorFromNSPRError(prerr); 817 return NetErrorFromNSPRError(prerr);
811 } 818 }
812 819
813 } // namespace net 820 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698