| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 1067 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1078 do { | 1078 do { |
| 1079 rv = BufferSend(); | 1079 rv = BufferSend(); |
| 1080 if (rv != ERR_IO_PENDING && rv != 0) | 1080 if (rv != ERR_IO_PENDING && rv != 0) |
| 1081 network_moved = true; | 1081 network_moved = true; |
| 1082 } while (rv > 0); | 1082 } while (rv > 0); |
| 1083 if (transport_read_error_ == OK && BufferRecv() != ERR_IO_PENDING) | 1083 if (transport_read_error_ == OK && BufferRecv() != ERR_IO_PENDING) |
| 1084 network_moved = true; | 1084 network_moved = true; |
| 1085 return network_moved; | 1085 return network_moved; |
| 1086 } | 1086 } |
| 1087 | 1087 |
| 1088 uint16_t SSLClientSocketOpenSSL::GetCipherSuite() { | |
| 1089 const SSL_CIPHER* cipher = SSL_get_current_cipher(ssl_); | |
| 1090 if (!cipher) | |
| 1091 return 0; | |
| 1092 return static_cast<uint16_t>(SSL_CIPHER_get_id(cipher)); | |
| 1093 } | |
| 1094 | |
| 1095 // TODO(cbentzel): Remove including "base/threading/thread_local.h" and | 1088 // TODO(cbentzel): Remove including "base/threading/thread_local.h" and |
| 1096 // g_first_run_completed once crbug.com/424386 is fixed. | 1089 // g_first_run_completed once crbug.com/424386 is fixed. |
| 1097 base::LazyInstance<base::ThreadLocalBoolean>::Leaky g_first_run_completed = | 1090 base::LazyInstance<base::ThreadLocalBoolean>::Leaky g_first_run_completed = |
| 1098 LAZY_INSTANCE_INITIALIZER; | 1091 LAZY_INSTANCE_INITIALIZER; |
| 1099 | 1092 |
| 1100 int SSLClientSocketOpenSSL::DoHandshake() { | 1093 int SSLClientSocketOpenSSL::DoHandshake() { |
| 1101 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 1094 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 1102 | 1095 |
| 1103 int rv; | 1096 int rv; |
| 1104 | 1097 |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1171 ssl_failure_state_ = SSL_FAILURE_CLIENT_AUTH; | 1164 ssl_failure_state_ = SSL_FAILURE_CLIENT_AUTH; |
| 1172 } else if (ERR_GET_LIB(error_info.error_code) == ERR_LIB_SSL && | 1165 } else if (ERR_GET_LIB(error_info.error_code) == ERR_LIB_SSL && |
| 1173 ERR_GET_REASON(error_info.error_code) == | 1166 ERR_GET_REASON(error_info.error_code) == |
| 1174 SSL_R_OLD_SESSION_VERSION_NOT_RETURNED) { | 1167 SSL_R_OLD_SESSION_VERSION_NOT_RETURNED) { |
| 1175 ssl_failure_state_ = SSL_FAILURE_SESSION_MISMATCH; | 1168 ssl_failure_state_ = SSL_FAILURE_SESSION_MISMATCH; |
| 1176 } else if (cipher && npn_status_ != kNextProtoUnsupported) { | 1169 } else if (cipher && npn_status_ != kNextProtoUnsupported) { |
| 1177 ssl_failure_state_ = SSL_FAILURE_NEXT_PROTO; | 1170 ssl_failure_state_ = SSL_FAILURE_NEXT_PROTO; |
| 1178 } else { | 1171 } else { |
| 1179 ssl_failure_state_ = SSL_FAILURE_UNKNOWN; | 1172 ssl_failure_state_ = SSL_FAILURE_UNKNOWN; |
| 1180 } | 1173 } |
| 1181 | |
| 1182 // TODO(davidben): Remove this once https://crbug.com/593963 is resolved. | |
| 1183 if (net_error == ERR_SSL_PROTOCOL_ERROR) { | |
| 1184 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.SSLProtocolErrorCipher.Connect", | |
| 1185 GetCipherSuite()); | |
| 1186 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.SSLProtocolErrorReason.Connect", | |
| 1187 ERR_GET_REASON(error_info.error_code)); | |
| 1188 } | |
| 1189 } | 1174 } |
| 1190 | 1175 |
| 1191 GotoState(STATE_HANDSHAKE_COMPLETE); | 1176 GotoState(STATE_HANDSHAKE_COMPLETE); |
| 1192 return net_error; | 1177 return net_error; |
| 1193 } | 1178 } |
| 1194 | 1179 |
| 1195 int SSLClientSocketOpenSSL::DoHandshakeComplete(int result) { | 1180 int SSLClientSocketOpenSSL::DoHandshakeComplete(int result) { |
| 1196 if (result < 0) | 1181 if (result < 0) |
| 1197 return result; | 1182 return result; |
| 1198 | 1183 |
| (...skipping 458 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1657 // No bytes were returned. Return the pending read error immediately. | 1642 // No bytes were returned. Return the pending read error immediately. |
| 1658 DCHECK_NE(kNoPendingResult, pending_read_error_); | 1643 DCHECK_NE(kNoPendingResult, pending_read_error_); |
| 1659 rv = pending_read_error_; | 1644 rv = pending_read_error_; |
| 1660 pending_read_error_ = kNoPendingResult; | 1645 pending_read_error_ = kNoPendingResult; |
| 1661 } | 1646 } |
| 1662 | 1647 |
| 1663 if (rv >= 0) { | 1648 if (rv >= 0) { |
| 1664 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_RECEIVED, rv, | 1649 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_RECEIVED, rv, |
| 1665 user_read_buf_->data()); | 1650 user_read_buf_->data()); |
| 1666 } else if (rv != ERR_IO_PENDING) { | 1651 } else if (rv != ERR_IO_PENDING) { |
| 1667 // TODO(davidben): Remove this once https://crbug.com/593963 is resolved. | |
| 1668 if (rv == ERR_SSL_PROTOCOL_ERROR) { | |
| 1669 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.SSLProtocolErrorCipher.Read", | |
| 1670 GetCipherSuite()); | |
| 1671 UMA_HISTOGRAM_SPARSE_SLOWLY( | |
| 1672 "Net.SSLProtocolErrorReason.Read", | |
| 1673 ERR_GET_REASON(pending_read_error_info_.error_code)); | |
| 1674 } | |
| 1675 | |
| 1676 net_log_.AddEvent( | 1652 net_log_.AddEvent( |
| 1677 NetLog::TYPE_SSL_READ_ERROR, | 1653 NetLog::TYPE_SSL_READ_ERROR, |
| 1678 CreateNetLogOpenSSLErrorCallback(rv, pending_read_ssl_error_, | 1654 CreateNetLogOpenSSLErrorCallback(rv, pending_read_ssl_error_, |
| 1679 pending_read_error_info_)); | 1655 pending_read_error_info_)); |
| 1680 pending_read_ssl_error_ = SSL_ERROR_NONE; | 1656 pending_read_ssl_error_ = SSL_ERROR_NONE; |
| 1681 pending_read_error_info_ = OpenSSLErrorInfo(); | 1657 pending_read_error_info_ = OpenSSLErrorInfo(); |
| 1682 } | 1658 } |
| 1683 return rv; | 1659 return rv; |
| 1684 } | 1660 } |
| 1685 | 1661 |
| 1686 int SSLClientSocketOpenSSL::DoPayloadWrite() { | 1662 int SSLClientSocketOpenSSL::DoPayloadWrite() { |
| 1687 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 1663 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 1688 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); | 1664 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); |
| 1689 | 1665 |
| 1690 if (rv >= 0) { | 1666 if (rv >= 0) { |
| 1691 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, | 1667 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, |
| 1692 user_write_buf_->data()); | 1668 user_write_buf_->data()); |
| 1693 return rv; | 1669 return rv; |
| 1694 } | 1670 } |
| 1695 | 1671 |
| 1696 int ssl_error = SSL_get_error(ssl_, rv); | 1672 int ssl_error = SSL_get_error(ssl_, rv); |
| 1697 if (ssl_error == SSL_ERROR_WANT_PRIVATE_KEY_OPERATION) | 1673 if (ssl_error == SSL_ERROR_WANT_PRIVATE_KEY_OPERATION) |
| 1698 return ERR_IO_PENDING; | 1674 return ERR_IO_PENDING; |
| 1699 OpenSSLErrorInfo error_info; | 1675 OpenSSLErrorInfo error_info; |
| 1700 int net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, | 1676 int net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, |
| 1701 &error_info); | 1677 &error_info); |
| 1702 | 1678 |
| 1703 if (net_error != ERR_IO_PENDING) { | 1679 if (net_error != ERR_IO_PENDING) { |
| 1704 // TODO(davidben): Remove this once https://crbug.com/593963 is resolved. | |
| 1705 if (net_error == ERR_SSL_PROTOCOL_ERROR) { | |
| 1706 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.SSLProtocolErrorCipher.Write", | |
| 1707 GetCipherSuite()); | |
| 1708 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.SSLProtocolErrorReason.Write", | |
| 1709 ERR_GET_REASON(error_info.error_code)); | |
| 1710 } | |
| 1711 | |
| 1712 net_log_.AddEvent( | 1680 net_log_.AddEvent( |
| 1713 NetLog::TYPE_SSL_WRITE_ERROR, | 1681 NetLog::TYPE_SSL_WRITE_ERROR, |
| 1714 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); | 1682 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
| 1715 } | 1683 } |
| 1716 return net_error; | 1684 return net_error; |
| 1717 } | 1685 } |
| 1718 | 1686 |
| 1719 void SSLClientSocketOpenSSL::PumpReadWriteEvents() { | 1687 void SSLClientSocketOpenSSL::PumpReadWriteEvents() { |
| 1720 int rv_read = ERR_IO_PENDING; | 1688 int rv_read = ERR_IO_PENDING; |
| 1721 int rv_write = ERR_IO_PENDING; | 1689 int rv_write = ERR_IO_PENDING; |
| (...skipping 625 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2347 tb_was_negotiated_ = true; | 2315 tb_was_negotiated_ = true; |
| 2348 return 1; | 2316 return 1; |
| 2349 } | 2317 } |
| 2350 } | 2318 } |
| 2351 | 2319 |
| 2352 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; | 2320 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; |
| 2353 return 0; | 2321 return 0; |
| 2354 } | 2322 } |
| 2355 | 2323 |
| 2356 } // namespace net | 2324 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1800883002:
Revert "Add histograms to track down the cause of ERR_SSL_PROTOCOL_ERROR." (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master