| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <openssl/bio.h> | 8 #include <openssl/bio.h> |
| 9 #include <openssl/bytestring.h> | 9 #include <openssl/bytestring.h> |
| 10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
| 11 #include <openssl/evp.h> | 11 #include <openssl/evp.h> |
| 12 #include <openssl/mem.h> | 12 #include <openssl/mem.h> |
| 13 #include <openssl/ssl.h> | 13 #include <openssl/ssl.h> |
| 14 #include <string.h> | 14 #include <string.h> |
| 15 | 15 |
| 16 #include <utility> | 16 #include <utility> |
| 17 | 17 |
| 18 #include "base/bind.h" | 18 #include "base/bind.h" |
| 19 #include "base/callback_helpers.h" | 19 #include "base/callback_helpers.h" |
| 20 #include "base/feature_list.h" | 20 #include "base/feature_list.h" |
| 21 #include "base/lazy_instance.h" | 21 #include "base/lazy_instance.h" |
| 22 #include "base/macros.h" | 22 #include "base/macros.h" |
| 23 #include "base/memory/singleton.h" | 23 #include "base/memory/singleton.h" |
| 24 #include "base/metrics/field_trial.h" |
| 24 #include "base/metrics/histogram_macros.h" | 25 #include "base/metrics/histogram_macros.h" |
| 25 #include "base/metrics/sparse_histogram.h" | 26 #include "base/metrics/sparse_histogram.h" |
| 26 #include "base/profiler/scoped_tracker.h" | 27 #include "base/profiler/scoped_tracker.h" |
| 27 #include "base/strings/string_number_conversions.h" | 28 #include "base/strings/string_number_conversions.h" |
| 28 #include "base/strings/string_piece.h" | 29 #include "base/strings/string_piece.h" |
| 29 #include "base/synchronization/lock.h" | 30 #include "base/synchronization/lock.h" |
| 30 #include "base/threading/thread_local.h" | 31 #include "base/threading/thread_local.h" |
| 31 #include "base/trace_event/trace_event.h" | 32 #include "base/trace_event/trace_event.h" |
| 32 #include "base/values.h" | 33 #include "base/values.h" |
| 33 #include "crypto/auto_cbb.h" | 34 #include "crypto/auto_cbb.h" |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 | 68 |
| 68 // This constant can be any non-negative/non-zero value (eg: it does not | 69 // This constant can be any non-negative/non-zero value (eg: it does not |
| 69 // overlap with any value of the net::Error range, including net::OK). | 70 // overlap with any value of the net::Error range, including net::OK). |
| 70 const int kNoPendingResult = 1; | 71 const int kNoPendingResult = 1; |
| 71 | 72 |
| 72 // If a client doesn't have a list of protocols that it supports, but | 73 // If a client doesn't have a list of protocols that it supports, but |
| 73 // the server supports NPN, choosing "http/1.1" is the best answer. | 74 // the server supports NPN, choosing "http/1.1" is the best answer. |
| 74 const char kDefaultSupportedNPNProtocol[] = "http/1.1"; | 75 const char kDefaultSupportedNPNProtocol[] = "http/1.1"; |
| 75 | 76 |
| 76 // Default size of the internal BoringSSL buffers. | 77 // Default size of the internal BoringSSL buffers. |
| 77 const int KDefaultOpenSSLBufferSize = 17 * 1024; | 78 const int kDefaultOpenSSLBufferSize = 17 * 1024; |
| 78 | 79 |
| 79 // TLS extension number use for Token Binding. | 80 // TLS extension number use for Token Binding. |
| 80 const unsigned int kTbExtNum = 24; | 81 const unsigned int kTbExtNum = 24; |
| 81 | 82 |
| 82 // Token Binding ProtocolVersions supported. | 83 // Token Binding ProtocolVersions supported. |
| 83 const uint8_t kTbProtocolVersionMajor = 0; | 84 const uint8_t kTbProtocolVersionMajor = 0; |
| 84 const uint8_t kTbProtocolVersionMinor = 8; | 85 const uint8_t kTbProtocolVersionMinor = 8; |
| 85 const uint8_t kTbMinProtocolVersionMajor = 0; | 86 const uint8_t kTbMinProtocolVersionMajor = 0; |
| 86 const uint8_t kTbMinProtocolVersionMinor = 6; | 87 const uint8_t kTbMinProtocolVersionMinor = 6; |
| 87 | 88 |
| (...skipping 822 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 910 if (!unused.AssignFromIPLiteral(host_and_port_.host()) && | 911 if (!unused.AssignFromIPLiteral(host_and_port_.host()) && |
| 911 !SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str())) { | 912 !SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str())) { |
| 912 return ERR_UNEXPECTED; | 913 return ERR_UNEXPECTED; |
| 913 } | 914 } |
| 914 | 915 |
| 915 ScopedSSL_SESSION session = | 916 ScopedSSL_SESSION session = |
| 916 context->session_cache()->Lookup(GetSessionCacheKey()); | 917 context->session_cache()->Lookup(GetSessionCacheKey()); |
| 917 if (session) | 918 if (session) |
| 918 SSL_set_session(ssl_, session.get()); | 919 SSL_set_session(ssl_, session.get()); |
| 919 | 920 |
| 921 // Get read and write buffer sizes from field trials, if possible. If values |
| 922 // not present, use default. Also make sure values are in reasonable range. |
| 923 int send_buffer_size = kDefaultOpenSSLBufferSize; |
| 924 #if !defined(OS_NACL) |
| 925 int override_send_buffer_size; |
| 926 if (base::StringToInt(base::FieldTrialList::FindFullName("SSLBufferSizeSend"), |
| 927 &override_send_buffer_size)) { |
| 928 send_buffer_size = override_send_buffer_size; |
| 929 send_buffer_size = std::max(send_buffer_size, 1000); |
| 930 send_buffer_size = |
| 931 std::min(send_buffer_size, 2 * kDefaultOpenSSLBufferSize); |
| 932 } |
| 933 #endif // !defined(OS_NACL) |
| 920 send_buffer_ = new GrowableIOBuffer(); | 934 send_buffer_ = new GrowableIOBuffer(); |
| 921 send_buffer_->SetCapacity(KDefaultOpenSSLBufferSize); | 935 send_buffer_->SetCapacity(send_buffer_size); |
| 936 |
| 937 int recv_buffer_size = kDefaultOpenSSLBufferSize; |
| 938 #if !defined(OS_NACL) |
| 939 int override_recv_buffer_size; |
| 940 if (base::StringToInt(base::FieldTrialList::FindFullName("SSLBufferSizeRecv"), |
| 941 &override_recv_buffer_size)) { |
| 942 recv_buffer_size = override_recv_buffer_size; |
| 943 recv_buffer_size = std::max(recv_buffer_size, 1000); |
| 944 recv_buffer_size = |
| 945 std::min(recv_buffer_size, 2 * kDefaultOpenSSLBufferSize); |
| 946 } |
| 947 #endif // !defined(OS_NACL) |
| 922 recv_buffer_ = new GrowableIOBuffer(); | 948 recv_buffer_ = new GrowableIOBuffer(); |
| 923 recv_buffer_->SetCapacity(KDefaultOpenSSLBufferSize); | 949 recv_buffer_->SetCapacity(recv_buffer_size); |
| 924 | 950 |
| 925 BIO* ssl_bio = NULL; | 951 BIO* ssl_bio = NULL; |
| 926 | 952 |
| 927 // SSLClientSocketImpl retains ownership of the BIO buffers. | 953 // SSLClientSocketImpl retains ownership of the BIO buffers. |
| 928 if (!BIO_new_bio_pair_external_buf( | 954 if (!BIO_new_bio_pair_external_buf( |
| 929 &ssl_bio, send_buffer_->capacity(), | 955 &ssl_bio, send_buffer_->capacity(), |
| 930 reinterpret_cast<uint8_t*>(send_buffer_->data()), &transport_bio_, | 956 reinterpret_cast<uint8_t*>(send_buffer_->data()), &transport_bio_, |
| 931 recv_buffer_->capacity(), | 957 recv_buffer_->capacity(), |
| 932 reinterpret_cast<uint8_t*>(recv_buffer_->data()))) | 958 reinterpret_cast<uint8_t*>(recv_buffer_->data()))) |
| 933 return ERR_UNEXPECTED; | 959 return ERR_UNEXPECTED; |
| (...skipping 1389 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2323 if (rv != OK) { | 2349 if (rv != OK) { |
| 2324 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); | 2350 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); |
| 2325 return; | 2351 return; |
| 2326 } | 2352 } |
| 2327 | 2353 |
| 2328 net_log_.EndEvent(NetLog::TYPE_SSL_CONNECT, | 2354 net_log_.EndEvent(NetLog::TYPE_SSL_CONNECT, |
| 2329 base::Bind(&NetLogSSLInfoCallback, base::Unretained(this))); | 2355 base::Bind(&NetLogSSLInfoCallback, base::Unretained(this))); |
| 2330 } | 2356 } |
| 2331 | 2357 |
| 2332 } // namespace net | 2358 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2092563002:
Set up field trials for SSL read/write buffer sizes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master