Check whether to enable token binding in preconnect.cc

net/http/http_network_transaction.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_network_transaction.h"
 
 #include <set>
 #include <utility>
 #include <vector>
 
@@ skipping 105 matching lines @@
       request_headers_(),
       read_buf_len_(0),
       total_received_bytes_(0),
       total_sent_bytes_(0),
       next_state_(STATE_NONE),
       establishing_tunnel_(false),
       websocket_handshake_stream_base_create_helper_(NULL),
       net_error_details_() {
   session->ssl_config_service()->GetSSLConfig(&server_ssl_config_);
   session->GetAlpnProtos(&server_ssl_config_.alpn_protos);
   session->GetNpnProtos(&server_ssl_config_.npn_protos);

[mmenke, 2016/04/13 16:21:05]

I think these three lines are no longer needed?

[nharper, 2016/04/18 22:22:55]

If I fix two NPN tests in http_network_transaction_unittest.cc, net_unittests
passes with these lines removed. I'm not entirely sure that nothing uses
HttpNetworkTransaction between construction and the call to Start.

   proxy_ssl_config_ = server_ssl_config_;
 }
 
 HttpNetworkTransaction::~HttpNetworkTransaction() {
   if (stream_.get()) {
     // TODO(mbelshe): The stream_ should be able to compute whether or not the
     //                stream should be kept alive.  No reason to compute here
     //                and pass it in.
     if (!stream_->CanReuseConnection() || next_state_ != STATE_NONE) {
       stream_->Close(true /* not reusable */);
@@ skipping 10 matching lines @@
   if (request_ && request_->upload_data_stream)
     request_->upload_data_stream->Reset();  // Invalidate pending callbacks.
 }
 
 int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info,
                                   const CompletionCallback& callback,
                                   const BoundNetLog& net_log) {
   net_log_ = net_log;
   request_ = request_info;
 
+  // Now that we have an HttpRequestInfo object, update server_ssl_config_.
+  session_->GetSSLConfig(*request_, &server_ssl_config_);
+
   if (request_->load_flags & LOAD_DISABLE_CERT_REVOCATION_CHECKING) {
     server_ssl_config_.rev_checking_enabled = false;
     proxy_ssl_config_.rev_checking_enabled = false;
   }
 
   if (request_->load_flags & LOAD_PREFETCH)
     response_.unused_since_prefetch = true;
 
-  // Channel ID is disabled if privacy mode is enabled for this request.
-  if (request_->privacy_mode == PRIVACY_MODE_ENABLED) {
-    server_ssl_config_.channel_id_enabled = false;
-  } else if (session_->params().enable_token_binding &&
-             session_->params().channel_id_service) {
-    server_ssl_config_.token_binding_params.push_back(TB_PARAM_ECDSAP256);
-  }
-
   next_state_ = STATE_NOTIFY_BEFORE_CREATE_STREAM;
   int rv = DoLoop(OK);
   if (rv == ERR_IO_PENDING)
     callback_ = callback;
   return rv;
 }
 
 int HttpNetworkTransaction::RestartIgnoringLastError(
     const CompletionCallback& callback) {
   DCHECK(!stream_.get());
@@ skipping 1621 matching lines @@
   DCHECK(stream_request_);
 
   // Since the transaction can restart with auth credentials, it may create a
   // stream more than once. Accumulate all of the connection attempts across
   // those streams by appending them to the vector:
   for (const auto& attempt : stream_request_->connection_attempts())
     connection_attempts_.push_back(attempt);
 }
 
 }  // namespace net