| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_proxy_client_socket_wrapper.h" | 5 #include "net/http/http_proxy_client_socket_wrapper.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 53 respect_limits_(respect_limits), | 53 respect_limits_(respect_limits), |
| 54 connect_timeout_duration_(connect_timeout_duration), | 54 connect_timeout_duration_(connect_timeout_duration), |
| 55 proxy_negotiation_timeout_duration_(proxy_negotiation_timeout_duration), | 55 proxy_negotiation_timeout_duration_(proxy_negotiation_timeout_duration), |
| 56 transport_pool_(transport_pool), | 56 transport_pool_(transport_pool), |
| 57 ssl_pool_(ssl_pool), | 57 ssl_pool_(ssl_pool), |
| 58 transport_params_(transport_params), | 58 transport_params_(transport_params), |
| 59 ssl_params_(ssl_params), | 59 ssl_params_(ssl_params), |
| 60 user_agent_(user_agent), | 60 user_agent_(user_agent), |
| 61 endpoint_(endpoint), | 61 endpoint_(endpoint), |
| 62 spdy_session_pool_(spdy_session_pool), | 62 spdy_session_pool_(spdy_session_pool), |
| 63 has_restarted_(false), |
| 63 tunnel_(tunnel), | 64 tunnel_(tunnel), |
| 64 proxy_delegate_(proxy_delegate), | 65 proxy_delegate_(proxy_delegate), |
| 65 using_spdy_(false), | 66 using_spdy_(false), |
| 66 http_auth_controller_( | 67 http_auth_controller_( |
| 67 tunnel ? new HttpAuthController( | 68 tunnel ? new HttpAuthController( |
| 68 HttpAuth::AUTH_PROXY, | 69 HttpAuth::AUTH_PROXY, |
| 69 GURL((ssl_params_.get() ? "https://" : "http://") + | 70 GURL((ssl_params_.get() ? "https://" : "http://") + |
| 70 GetDestination().host_port_pair().ToString()), | 71 GetDestination().host_port_pair().ToString()), |
| 71 http_auth_cache, | 72 http_auth_cache, |
| 72 http_auth_handler_factory) | 73 http_auth_handler_factory) |
| (...skipping 515 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 588 int HttpProxyClientSocketWrapper::DoRestartWithAuth() { | 589 int HttpProxyClientSocketWrapper::DoRestartWithAuth() { |
| 589 DCHECK(transport_socket_); | 590 DCHECK(transport_socket_); |
| 590 | 591 |
| 591 next_state_ = STATE_RESTART_WITH_AUTH_COMPLETE; | 592 next_state_ = STATE_RESTART_WITH_AUTH_COMPLETE; |
| 592 return transport_socket_->RestartWithAuth(base::Bind( | 593 return transport_socket_->RestartWithAuth(base::Bind( |
| 593 &HttpProxyClientSocketWrapper::OnIOComplete, base::Unretained(this))); | 594 &HttpProxyClientSocketWrapper::OnIOComplete, base::Unretained(this))); |
| 594 } | 595 } |
| 595 | 596 |
| 596 int HttpProxyClientSocketWrapper::DoRestartWithAuthComplete(int result) { | 597 int HttpProxyClientSocketWrapper::DoRestartWithAuthComplete(int result) { |
| 597 DCHECK_NE(ERR_IO_PENDING, result); | 598 DCHECK_NE(ERR_IO_PENDING, result); |
| 599 |
| 598 // If the connection could not be reused to attempt to send proxy auth | 600 // If the connection could not be reused to attempt to send proxy auth |
| 599 // credentials, try reconnecting. If auth credentials were sent, pass the | 601 // credentials, try reconnecting. Do not reset the HttpAuthController in this |
| 600 // error on to caller, even if the credentials may have passed a close message | 602 // case; the server may, for instance, send "Proxy-Connection: close" and |
| 601 // from the server in flight. | 603 // expect that each leg of the authentication progress on separate |
| 602 if (result == ERR_UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH) { | 604 // connections. |
| 603 // If can't reuse the connection, attempt to create a new one. | 605 bool reconnect = result == ERR_UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH; |
| 606 |
| 607 // If auth credentials were sent but the connection was closed, the server may |
| 608 // have timed out while the user was selecting credentials. Retry once. |
| 609 if (!has_restarted_ && |
| 610 (result == ERR_CONNECTION_CLOSED || result == ERR_CONNECTION_RESET || |
| 611 result == ERR_CONNECTION_ABORTED || |
| 612 result == ERR_SOCKET_NOT_CONNECTED)) { |
| 613 reconnect = true; |
| 614 has_restarted_ = true; |
| 615 |
| 616 // Release any auth state bound to the connection. The new connection will |
| 617 // start the current scheme from scratch. |
| 618 if (http_auth_controller_) |
| 619 http_auth_controller_->OnConnectionClosed(); |
| 620 } |
| 621 |
| 622 if (reconnect) { |
| 623 // Attempt to create a new one. |
| 604 transport_socket_.reset(); | 624 transport_socket_.reset(); |
| 625 |
| 605 // Reconnect with HIGHEST priority to get in front of other requests that | 626 // Reconnect with HIGHEST priority to get in front of other requests that |
| 606 // don't yet have the information |http_auth_controller_| does. | 627 // don't yet have the information |http_auth_controller_| does. |
| 607 // TODO(mmenke): This may still result in waiting in line, if there are | 628 // TODO(mmenke): This may still result in waiting in line, if there are |
| 608 // other HIGHEST priority requests. Consider a workaround for | 629 // other HIGHEST priority requests. Consider a workaround for |
| 609 // that. Starting the new request before releasing the old | 630 // that. Starting the new request before releasing the old |
| 610 // socket and using RespectLimits::Disabled would work, | 631 // socket and using RespectLimits::Disabled would work, |
| 611 // without exceding the the socket pool limits (Since the old | 632 // without exceding the the socket pool limits (Since the old |
| 612 // socket would free up the extra socket slot when destroyed). | 633 // socket would free up the extra socket slot when destroyed). |
| 613 priority_ = HIGHEST; | 634 priority_ = HIGHEST; |
| 614 next_state_ = STATE_BEGIN_CONNECT; | 635 next_state_ = STATE_BEGIN_CONNECT; |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 659 const HostResolver::RequestInfo& | 680 const HostResolver::RequestInfo& |
| 660 HttpProxyClientSocketWrapper::GetDestination() { | 681 HttpProxyClientSocketWrapper::GetDestination() { |
| 661 if (transport_params_) { | 682 if (transport_params_) { |
| 662 return transport_params_->destination(); | 683 return transport_params_->destination(); |
| 663 } else { | 684 } else { |
| 664 return ssl_params_->GetDirectConnectionParams()->destination(); | 685 return ssl_params_->GetDirectConnectionParams()->destination(); |
| 665 } | 686 } |
| 666 } | 687 } |
| 667 | 688 |
| 668 } // namespace net | 689 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2688173002:
Don't rely on SSL cipher fallback in proxy auth. (Closed)
