| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 #include "net/http/http_proxy_client_socket_pool.h" | 40 #include "net/http/http_proxy_client_socket_pool.h" |
| 41 #include "net/http/http_request_headers.h" | 41 #include "net/http/http_request_headers.h" |
| 42 #include "net/http/http_request_info.h" | 42 #include "net/http/http_request_info.h" |
| 43 #include "net/http/http_response_headers.h" | 43 #include "net/http/http_response_headers.h" |
| 44 #include "net/http/http_response_info.h" | 44 #include "net/http/http_response_info.h" |
| 45 #include "net/http/http_server_properties.h" | 45 #include "net/http/http_server_properties.h" |
| 46 #include "net/http/http_status_code.h" | 46 #include "net/http/http_status_code.h" |
| 47 #include "net/http/http_stream_base.h" | 47 #include "net/http/http_stream_base.h" |
| 48 #include "net/http/http_stream_factory.h" | 48 #include "net/http/http_stream_factory.h" |
| 49 #include "net/http/http_util.h" | 49 #include "net/http/http_util.h" |
| 50 #include "net/http/transport_security_state.h" |
| 50 #include "net/http/url_security_manager.h" | 51 #include "net/http/url_security_manager.h" |
| 51 #include "net/socket/client_socket_factory.h" | 52 #include "net/socket/client_socket_factory.h" |
| 52 #include "net/socket/socks_client_socket_pool.h" | 53 #include "net/socket/socks_client_socket_pool.h" |
| 53 #include "net/socket/ssl_client_socket.h" | 54 #include "net/socket/ssl_client_socket.h" |
| 54 #include "net/socket/ssl_client_socket_pool.h" | 55 #include "net/socket/ssl_client_socket_pool.h" |
| 55 #include "net/socket/transport_client_socket_pool.h" | 56 #include "net/socket/transport_client_socket_pool.h" |
| 56 #include "net/spdy/spdy_http_stream.h" | 57 #include "net/spdy/spdy_http_stream.h" |
| 57 #include "net/spdy/spdy_session.h" | 58 #include "net/spdy/spdy_session.h" |
| 58 #include "net/spdy/spdy_session_pool.h" | 59 #include "net/spdy/spdy_session_pool.h" |
| 59 #include "net/ssl/ssl_cert_request_info.h" | 60 #include "net/ssl/ssl_cert_request_info.h" |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 | 171 |
| 171 net_log_ = net_log; | 172 net_log_ = net_log; |
| 172 request_ = request_info; | 173 request_ = request_info; |
| 173 start_time_ = base::Time::Now(); | 174 start_time_ = base::Time::Now(); |
| 174 | 175 |
| 175 if (request_->load_flags & LOAD_DISABLE_CERT_REVOCATION_CHECKING) { | 176 if (request_->load_flags & LOAD_DISABLE_CERT_REVOCATION_CHECKING) { |
| 176 server_ssl_config_.rev_checking_enabled = false; | 177 server_ssl_config_.rev_checking_enabled = false; |
| 177 proxy_ssl_config_.rev_checking_enabled = false; | 178 proxy_ssl_config_.rev_checking_enabled = false; |
| 178 } | 179 } |
| 179 | 180 |
| 181 // Adjust the minimum version of SSL that Chrome should use. |
| 182 bool sni_available = |
| 183 server_ssl_config_.version_max >= SSL_PROTOCOL_VERSION_TLS1 || |
| 184 server_ssl_config_.version_fallback; |
| 185 const std::string& host = request_->url.host(); |
| 186 TransportSecurityState::DomainState domain_state; |
| 187 if (session_->params().transport_security_state->GetDomainState( |
| 188 host, sni_available, &domain_state)) { |
| 189 switch (domain_state.ssl_version_min) { |
| 190 case SSL_CONNECTION_VERSION_SSL3: |
| 191 server_ssl_config_.version_min = SSL_PROTOCOL_VERSION_SSL3; |
| 192 break; |
| 193 case SSL_CONNECTION_VERSION_TLS1: |
| 194 server_ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1; |
| 195 break; |
| 196 case SSL_CONNECTION_VERSION_TLS1_1: |
| 197 server_ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1_1; |
| 198 break; |
| 199 case SSL_CONNECTION_VERSION_TLS1_2: |
| 200 server_ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1_2; |
| 201 break; |
| 202 default: |
| 203 break; |
| 204 } |
| 205 } |
| 206 |
| 180 next_state_ = STATE_CREATE_STREAM; | 207 next_state_ = STATE_CREATE_STREAM; |
| 181 int rv = DoLoop(OK); | 208 int rv = DoLoop(OK); |
| 182 if (rv == ERR_IO_PENDING) | 209 if (rv == ERR_IO_PENDING) |
| 183 callback_ = callback; | 210 callback_ = callback; |
| 184 return rv; | 211 return rv; |
| 185 } | 212 } |
| 186 | 213 |
| 187 int HttpNetworkTransaction::RestartIgnoringLastError( | 214 int HttpNetworkTransaction::RestartIgnoringLastError( |
| 188 const CompletionCallback& callback) { | 215 const CompletionCallback& callback) { |
| 189 DCHECK(!stream_.get()); | 216 DCHECK(!stream_.get()); |
| (...skipping 1271 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1461 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, | 1488 description = base::StringPrintf("Unknown state 0x%08X (%u)", state, |
| 1462 state); | 1489 state); |
| 1463 break; | 1490 break; |
| 1464 } | 1491 } |
| 1465 return description; | 1492 return description; |
| 1466 } | 1493 } |
| 1467 | 1494 |
| 1468 #undef STATE_CASE | 1495 #undef STATE_CASE |
| 1469 | 1496 |
| 1470 } // namespace net | 1497 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14125003:
Do not roll back to SSL 3.0 for Google properties. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master