| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 1131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1142 next_handshake_state_ = STATE_HANDSHAKE_COMPLETE; | 1142 next_handshake_state_ = STATE_HANDSHAKE_COMPLETE; |
| 1143 return net_error; | 1143 return net_error; |
| 1144 } | 1144 } |
| 1145 | 1145 |
| 1146 int SSLClientSocketImpl::DoHandshakeComplete(int result) { | 1146 int SSLClientSocketImpl::DoHandshakeComplete(int result) { |
| 1147 if (result < 0) | 1147 if (result < 0) |
| 1148 return result; | 1148 return result; |
| 1149 | 1149 |
| 1150 SSLContext::GetInstance()->session_cache()->ResetLookupCount( | 1150 SSLContext::GetInstance()->session_cache()->ResetLookupCount( |
| 1151 GetSessionCacheKey()); | 1151 GetSessionCacheKey()); |
| 1152 // If we got a session from the session cache, log how many concurrent | |
| 1153 // handshakes that session was used in before we finished our handshake. This | |
| 1154 // is only recorded if the session from the cache was actually used, and only | |
| 1155 // if the ALPN protocol is h2 (under the assumption that TLS 1.3 servers will | |
| 1156 // be speaking h2). See https://crbug.com/631988. | |
| 1157 if (ssl_session_cache_lookup_count_ && negotiated_protocol_ == kProtoHTTP2 && | |
| 1158 SSL_session_reused(ssl_.get())) { | |
| 1159 UMA_HISTOGRAM_EXACT_LINEAR("Net.SSLSessionConcurrentLookupCount", | |
| 1160 ssl_session_cache_lookup_count_, 20); | |
| 1161 } | |
| 1162 | |
| 1163 // Check that if token binding was negotiated, then extended master secret | 1152 // Check that if token binding was negotiated, then extended master secret |
| 1164 // and renegotiation indication must also be negotiated. | 1153 // and renegotiation indication must also be negotiated. |
| 1165 if (tb_was_negotiated_ && | 1154 if (tb_was_negotiated_ && |
| 1166 !(SSL_get_extms_support(ssl_.get()) && | 1155 !(SSL_get_extms_support(ssl_.get()) && |
| 1167 SSL_get_secure_renegotiation_support(ssl_.get()))) { | 1156 SSL_get_secure_renegotiation_support(ssl_.get()))) { |
| 1168 return ERR_SSL_PROTOCOL_ERROR; | 1157 return ERR_SSL_PROTOCOL_ERROR; |
| 1169 } | 1158 } |
| 1170 | 1159 |
| 1171 const uint8_t* alpn_proto = NULL; | 1160 const uint8_t* alpn_proto = NULL; |
| 1172 unsigned alpn_len = 0; | 1161 unsigned alpn_len = 0; |
| 1173 SSL_get0_alpn_selected(ssl_.get(), &alpn_proto, &alpn_len); | 1162 SSL_get0_alpn_selected(ssl_.get(), &alpn_proto, &alpn_len); |
| 1174 if (alpn_len > 0) { | 1163 if (alpn_len > 0) { |
| 1175 base::StringPiece proto(reinterpret_cast<const char*>(alpn_proto), | 1164 base::StringPiece proto(reinterpret_cast<const char*>(alpn_proto), |
| 1176 alpn_len); | 1165 alpn_len); |
| 1177 negotiated_protocol_ = NextProtoFromString(proto); | 1166 negotiated_protocol_ = NextProtoFromString(proto); |
| 1178 } | 1167 } |
| 1179 | 1168 |
| 1169 // If we got a session from the session cache, log how many concurrent |
| 1170 // handshakes that session was used in before we finished our handshake. This |
| 1171 // is only recorded if the session from the cache was actually used, and only |
| 1172 // if the ALPN protocol is h2 (under the assumption that TLS 1.3 servers will |
| 1173 // be speaking h2). See https://crbug.com/631988. |
| 1174 if (ssl_session_cache_lookup_count_ && negotiated_protocol_ == kProtoHTTP2 && |
| 1175 SSL_session_reused(ssl_.get())) { |
| 1176 UMA_HISTOGRAM_EXACT_LINEAR("Net.SSLSessionConcurrentLookupCount", |
| 1177 ssl_session_cache_lookup_count_, 20); |
| 1178 } |
| 1179 |
| 1180 RecordNegotiatedProtocol(); | 1180 RecordNegotiatedProtocol(); |
| 1181 RecordChannelIDSupport(); | 1181 RecordChannelIDSupport(); |
| 1182 | 1182 |
| 1183 const uint8_t* ocsp_response_raw; | 1183 const uint8_t* ocsp_response_raw; |
| 1184 size_t ocsp_response_len; | 1184 size_t ocsp_response_len; |
| 1185 SSL_get0_ocsp_response(ssl_.get(), &ocsp_response_raw, &ocsp_response_len); | 1185 SSL_get0_ocsp_response(ssl_.get(), &ocsp_response_raw, &ocsp_response_len); |
| 1186 set_stapled_ocsp_response_received(ocsp_response_len != 0); | 1186 set_stapled_ocsp_response_received(ocsp_response_len != 0); |
| 1187 UMA_HISTOGRAM_BOOLEAN("Net.OCSPResponseStapled", ocsp_response_len != 0); | 1187 UMA_HISTOGRAM_BOOLEAN("Net.OCSPResponseStapled", ocsp_response_len != 0); |
| 1188 | 1188 |
| 1189 const uint8_t* sct_list; | 1189 const uint8_t* sct_list; |
| (...skipping 861 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2051 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && | 2051 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && |
| 2052 !certificate_requested_) { | 2052 !certificate_requested_) { |
| 2053 net_error = ERR_SSL_PROTOCOL_ERROR; | 2053 net_error = ERR_SSL_PROTOCOL_ERROR; |
| 2054 } | 2054 } |
| 2055 } | 2055 } |
| 2056 | 2056 |
| 2057 return net_error; | 2057 return net_error; |
| 2058 } | 2058 } |
| 2059 | 2059 |
| 2060 } // namespace net | 2060 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2723883003:
Fix Net.SSLSessionConcurrentLookupCount metric (Closed)
