OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/client_socket_pool_manager.h" | 5 #include "net/socket/client_socket_pool_manager.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
109 // Determine the host and port to connect to. | 109 // Determine the host and port to connect to. |
110 std::string connection_group = origin_host_port.ToString(); | 110 std::string connection_group = origin_host_port.ToString(); |
111 DCHECK(!connection_group.empty()); | 111 DCHECK(!connection_group.empty()); |
112 if (group_type == ClientSocketPoolManager::FTP_GROUP) { | 112 if (group_type == ClientSocketPoolManager::FTP_GROUP) { |
113 // Combining FTP with forced SPDY over SSL would be a "path to madness". | 113 // Combining FTP with forced SPDY over SSL would be a "path to madness". |
114 // Make sure we never do that. | 114 // Make sure we never do that. |
115 DCHECK(!using_ssl); | 115 DCHECK(!using_ssl); |
116 connection_group = "ftp/" + connection_group; | 116 connection_group = "ftp/" + connection_group; |
117 } | 117 } |
118 if (using_ssl) { | 118 if (using_ssl) { |
119 // All connections in a group should use the same SSLConfig settings. | |
120 // Encode version_max in the connection group's name, unless it's the | |
121 // default version_max. (We want the common case to use the shortest | |
122 // encoding). A version_max of TLS 1.1 is encoded as "ssl(max:3.2)/" | |
123 // rather than "tlsv1.1/" because the actual protocol version, which | |
124 // is selected by the server, may not be TLS 1.1. Do not encode | |
125 // version_min in the connection group's name because version_min | |
126 // should be the same for all connections, whereas version_max may | |
127 // change for version fallbacks. | |
128 std::string prefix = "ssl/"; | 119 std::string prefix = "ssl/"; |
129 if (ssl_config_for_origin.version_max != kDefaultSSLVersionMax) { | |
130 switch (ssl_config_for_origin.version_max) { | |
131 case SSL_PROTOCOL_VERSION_TLS1_2: | |
132 prefix = "ssl(max:3.3)/"; | |
133 break; | |
134 case SSL_PROTOCOL_VERSION_TLS1_1: | |
135 prefix = "ssl(max:3.2)/"; | |
136 break; | |
137 case SSL_PROTOCOL_VERSION_TLS1: | |
138 prefix = "ssl(max:3.1)/"; | |
139 break; | |
140 default: | |
141 CHECK(false); | |
142 break; | |
143 } | |
144 } | |
145 // Place sockets with and without deprecated ciphers into separate | 120 // Place sockets with and without deprecated ciphers into separate |
146 // connection groups. | 121 // connection groups. |
147 if (ssl_config_for_origin.deprecated_cipher_suites_enabled) | 122 if (ssl_config_for_origin.deprecated_cipher_suites_enabled) |
148 prefix += "deprecatedciphers/"; | 123 prefix += "deprecatedciphers/"; |
149 connection_group = prefix + connection_group; | 124 connection_group = prefix + connection_group; |
150 } | 125 } |
151 | 126 |
152 ClientSocketPool::RespectLimits respect_limits = | 127 ClientSocketPool::RespectLimits respect_limits = |
153 ClientSocketPool::RespectLimits::ENABLED; | 128 ClientSocketPool::RespectLimits::ENABLED; |
154 if ((request_load_flags & LOAD_IGNORE_LIMITS) != 0) | 129 if ((request_load_flags & LOAD_IGNORE_LIMITS) != 0) |
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
481 int num_preconnect_streams) { | 456 int num_preconnect_streams) { |
482 return InitSocketPoolHelper( | 457 return InitSocketPoolHelper( |
483 group_type, endpoint, request_extra_headers, request_load_flags, | 458 group_type, endpoint, request_extra_headers, request_load_flags, |
484 request_priority, session, proxy_info, expect_spdy, ssl_config_for_origin, | 459 request_priority, session, proxy_info, expect_spdy, ssl_config_for_origin, |
485 ssl_config_for_proxy, /*force_tunnel=*/false, privacy_mode, net_log, | 460 ssl_config_for_proxy, /*force_tunnel=*/false, privacy_mode, net_log, |
486 num_preconnect_streams, NULL, HttpNetworkSession::NORMAL_SOCKET_POOL, | 461 num_preconnect_streams, NULL, HttpNetworkSession::NORMAL_SOCKET_POOL, |
487 OnHostResolutionCallback(), CompletionCallback()); | 462 OnHostResolutionCallback(), CompletionCallback()); |
488 } | 463 } |
489 | 464 |
490 } // namespace net | 465 } // namespace net |
OLD | NEW |