Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(190)

Side by Side Diff: net/socket/client_socket_pool_manager.cc

Issue 2099673003: Delete TLS version fallback code in net/http. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@fallback-die-die-die-2
Patch Set: fix build Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/client_socket_pool_manager.h" 5 #include "net/socket/client_socket_pool_manager.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/strings/stringprintf.h" 10 #include "base/strings/stringprintf.h"
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after
109 // Determine the host and port to connect to. 109 // Determine the host and port to connect to.
110 std::string connection_group = origin_host_port.ToString(); 110 std::string connection_group = origin_host_port.ToString();
111 DCHECK(!connection_group.empty()); 111 DCHECK(!connection_group.empty());
112 if (group_type == ClientSocketPoolManager::FTP_GROUP) { 112 if (group_type == ClientSocketPoolManager::FTP_GROUP) {
113 // Combining FTP with forced SPDY over SSL would be a "path to madness". 113 // Combining FTP with forced SPDY over SSL would be a "path to madness".
114 // Make sure we never do that. 114 // Make sure we never do that.
115 DCHECK(!using_ssl); 115 DCHECK(!using_ssl);
116 connection_group = "ftp/" + connection_group; 116 connection_group = "ftp/" + connection_group;
117 } 117 }
118 if (using_ssl) { 118 if (using_ssl) {
119 // All connections in a group should use the same SSLConfig settings.
120 // Encode version_max in the connection group's name, unless it's the
121 // default version_max. (We want the common case to use the shortest
122 // encoding). A version_max of TLS 1.1 is encoded as "ssl(max:3.2)/"
123 // rather than "tlsv1.1/" because the actual protocol version, which
124 // is selected by the server, may not be TLS 1.1. Do not encode
125 // version_min in the connection group's name because version_min
126 // should be the same for all connections, whereas version_max may
127 // change for version fallbacks.
128 std::string prefix = "ssl/"; 119 std::string prefix = "ssl/";
129 if (ssl_config_for_origin.version_max != kDefaultSSLVersionMax) {
130 switch (ssl_config_for_origin.version_max) {
131 case SSL_PROTOCOL_VERSION_TLS1_2:
132 prefix = "ssl(max:3.3)/";
133 break;
134 case SSL_PROTOCOL_VERSION_TLS1_1:
135 prefix = "ssl(max:3.2)/";
136 break;
137 case SSL_PROTOCOL_VERSION_TLS1:
138 prefix = "ssl(max:3.1)/";
139 break;
140 default:
141 CHECK(false);
142 break;
143 }
144 }
145 // Place sockets with and without deprecated ciphers into separate 120 // Place sockets with and without deprecated ciphers into separate
146 // connection groups. 121 // connection groups.
147 if (ssl_config_for_origin.deprecated_cipher_suites_enabled) 122 if (ssl_config_for_origin.deprecated_cipher_suites_enabled)
148 prefix += "deprecatedciphers/"; 123 prefix += "deprecatedciphers/";
149 connection_group = prefix + connection_group; 124 connection_group = prefix + connection_group;
150 } 125 }
151 126
152 ClientSocketPool::RespectLimits respect_limits = 127 ClientSocketPool::RespectLimits respect_limits =
153 ClientSocketPool::RespectLimits::ENABLED; 128 ClientSocketPool::RespectLimits::ENABLED;
154 if ((request_load_flags & LOAD_IGNORE_LIMITS) != 0) 129 if ((request_load_flags & LOAD_IGNORE_LIMITS) != 0)
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after
481 int num_preconnect_streams) { 456 int num_preconnect_streams) {
482 return InitSocketPoolHelper( 457 return InitSocketPoolHelper(
483 group_type, endpoint, request_extra_headers, request_load_flags, 458 group_type, endpoint, request_extra_headers, request_load_flags,
484 request_priority, session, proxy_info, expect_spdy, ssl_config_for_origin, 459 request_priority, session, proxy_info, expect_spdy, ssl_config_for_origin,
485 ssl_config_for_proxy, /*force_tunnel=*/false, privacy_mode, net_log, 460 ssl_config_for_proxy, /*force_tunnel=*/false, privacy_mode, net_log,
486 num_preconnect_streams, NULL, HttpNetworkSession::NORMAL_SOCKET_POOL, 461 num_preconnect_streams, NULL, HttpNetworkSession::NORMAL_SOCKET_POOL,
487 OnHostResolutionCallback(), CompletionCallback()); 462 OnHostResolutionCallback(), CompletionCallback());
488 } 463 }
489 464
490 } // namespace net 465 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698