net/http/http_proxy_client_socket_wrapper.cc - Issue 2688173002: Don't rely on SSL cipher fallback in proxy auth.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/http/http_proxy_client_socket_wrapper.cc

Issue 2688173002: Don't rely on SSL cipher fallback in proxy auth. (Closed)

Patch Set: unnecessary virtual Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/http/http_proxy_client_socket_wrapper.cc

diff --git a/net/http/http_proxy_client_socket_wrapper.cc b/net/http/http_proxy_client_socket_wrapper.cc

index 0d939118eb62422d79f2c9fd735a6bde9aa71610..bd664b6c2b432e52131b2aaff407119f55cfd147 100644

--- a/net/http/http_proxy_client_socket_wrapper.cc

+++ b/net/http/http_proxy_client_socket_wrapper.cc

@@ -60,6 +60,7 @@ HttpProxyClientSocketWrapper::HttpProxyClientSocketWrapper(

user_agent_(user_agent),

endpoint_(endpoint),

spdy_session_pool_(spdy_session_pool),

+ has_restarted_(false),

tunnel_(tunnel),

proxy_delegate_(proxy_delegate),

using_spdy_(false),

@@ -595,13 +596,33 @@ int HttpProxyClientSocketWrapper::DoRestartWithAuth() {

int HttpProxyClientSocketWrapper::DoRestartWithAuthComplete(int result) {

DCHECK_NE(ERR_IO_PENDING, result);

// If the connection could not be reused to attempt to send proxy auth

- // credentials, try reconnecting. If auth credentials were sent, pass the

- // error on to caller, even if the credentials may have passed a close message

- // from the server in flight.

- if (result == ERR_UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH) {

- // If can't reuse the connection, attempt to create a new one.

+ // credentials, try reconnecting. Do not reset the HttpAuthController in this

+ // case; the server may, for instance, send "Proxy-Connection: close" and

+ // expect that each leg of the authentication progress on separate

+ // connections.

+ bool reconnect = result == ERR_UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH;

+ // If auth credentials were sent but the connection was closed, the server may

+ // have timed out while the user was selecting credentials. Retry once.

+ if (!has_restarted_ &&

+ (result == ERR_CONNECTION_CLOSED || result == ERR_CONNECTION_RESET ||

+ result == ERR_CONNECTION_ABORTED ||

+ result == ERR_SOCKET_NOT_CONNECTED)) {

+ reconnect = true;

+ has_restarted_ = true;

+ // Release any auth state bound to the connection. The new connection will

+ // start the current scheme from scratch.

+ if (http_auth_controller_)

+ http_auth_controller_->OnConnectionClosed();

+ }

+ if (reconnect) {

+ // Attempt to create a new one.

transport_socket_.reset();

// Reconnect with HIGHEST priority to get in front of other requests that

// don't yet have the information |http_auth_controller_| does.

// TODO(mmenke): This may still result in waiting in line, if there are

« no previous file with comments | « net/http/http_proxy_client_socket_wrapper.h ('k') | no next file » | no next file with comments »