net/http/http_network_transaction.cc - Issue 280853002: Preserve transport errors for OpenSSL sockets.

Side by Side Diff: net/http/http_network_transaction.cc

Issue 280853002: Preserve transport errors for OpenSSL sockets. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase. Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/http/http_network_transaction.h"	5 #include "net/http/http_network_transaction.h"

6	6

7 #include <set>	7 #include <set>

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/bind.h"	10 #include "base/bind.h"

(...skipping 1279 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1290 // by the endpoint host, request_->url, rather than considering if they were	1290 // by the endpoint host, request_->url, rather than considering if they were

1291 // generated by the SSL proxy. http://crbug.com/69329	1291 // generated by the SSL proxy. http://crbug.com/69329

1292 int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {	1292 int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {

1293 DCHECK(request_);	1293 DCHECK(request_);

1294 HandleClientAuthError(error);	1294 HandleClientAuthError(error);

1295	1295

1296 bool should_fallback = false;	1296 bool should_fallback = false;

1297 uint16 version_max = server_ssl_config_.version_max;	1297 uint16 version_max = server_ssl_config_.version_max;

1298	1298

1299 switch (error) {	1299 switch (error) {

	1300 case ERR_CONNECTION_CLOSED:

1300 case ERR_SSL_PROTOCOL_ERROR:	1301 case ERR_SSL_PROTOCOL_ERROR:

1301 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH:	1302 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH:

1302 if (version_max >= SSL_PROTOCOL_VERSION_TLS1 &&	1303 if (version_max >= SSL_PROTOCOL_VERSION_TLS1 &&

1303 version_max > server_ssl_config_.version_min) {	1304 version_max > server_ssl_config_.version_min) {

1304 // This could be a TLS-intolerant server or a server that chose a	1305 // This could be a TLS-intolerant server or a server that chose a

1305 // cipher suite defined only for higher protocol versions (such as	1306 // cipher suite defined only for higher protocol versions (such as

1306 // an SSL 3.0 server that chose a TLS-only cipher suite). Fall	1307 // an SSL 3.0 server that chose a TLS-only cipher suite). Fall

1307 // back to the next lower version and retry.	1308 // back to the next lower version and retry.

1308 // NOTE: if the SSLClientSocket class doesn't support TLS 1.1,	1309 // NOTE: if the SSLClientSocket class doesn't support TLS 1.1,

1309 // specifying TLS 1.1 in version_max will result in a TLS 1.0	1310 // specifying TLS 1.1 in version_max will result in a TLS 1.0

(...skipping 14 matching lines...) Expand all Loading...
1324 if (version_max >= SSL_PROTOCOL_VERSION_TLS1_1 &&	1325 if (version_max >= SSL_PROTOCOL_VERSION_TLS1_1 &&

1325 version_max > server_ssl_config_.version_min) {	1326 version_max > server_ssl_config_.version_min) {

1326 // Some broken SSL devices negotiate TLS 1.0 when sent a TLS 1.1 or	1327 // Some broken SSL devices negotiate TLS 1.0 when sent a TLS 1.1 or

1327 // 1.2 ClientHello, but then return a bad_record_mac alert. See	1328 // 1.2 ClientHello, but then return a bad_record_mac alert. See

1328 // crbug.com/260358. In order to make the fallback as minimal as	1329 // crbug.com/260358. In order to make the fallback as minimal as

1329 // possible, this fallback is only triggered for >= TLS 1.1.	1330 // possible, this fallback is only triggered for >= TLS 1.1.

1330 version_max--;	1331 version_max--;

1331 should_fallback = true;	1332 should_fallback = true;

1332 }	1333 }

1333 break;	1334 break;

	1335 case ERR_CONNECTION_RESET:

	1336 if (version_max >= SSL_PROTOCOL_VERSION_TLS1_1 &&

	1337 version_max > server_ssl_config_.version_min) {

	1338 // Some network devices that inspect application-layer packets seem to

	1339 // inject TCP reset packets to break the connections when they see TLS

	1340 // 1.1 in ClientHello or ServerHello. See http://crbug.com/130293.

	1341 //

	1342 // Only allow ERR_CONNECTION_RESET to trigger a fallback from TLS 1.1 or

	1343 // 1.2. We don't lose much in this fallback because the explicit IV for

	1344 // CBC mode in TLS 1.1 is approximated by record splitting in TLS

	1345 // 1.0. The fallback will be more painful for TLS 1.2 when we have GCM

	1346 // support.

	1347 //

	1348 // ERR_CONNECTION_RESET is a common network error, so we don't want it

	1349 // to trigger a version fallback in general, especially the TLS 1.0 ->

	1350 // SSL 3.0 fallback, which would drop TLS extensions.

	1351 version_max--;

	1352 should_fallback = true;
	Ryan Sleevi 2014/06/18 01:39:52 For future reference, changes like this should rea For future reference, changes like this should really belong in a separate CL. It's subtle, full of danger, and requires separate reasoning about to ensure it's correctness. I'm aware that NSS and OpenSSL may have divergent behaviour here, and you're fixing that behaviour, but that's not a strong enough justification for lumping this in. It's perfectly OK to have CL chains. Independent of that, I do wonder whether this logic belongs associated with 1324 - that is, in both cases, we want to do minimal fallback. davidben 2014/06/18 22:27:22 Yeah, I'll split this one out. Show quoted text On 2014/06/18 01:39:52, Ryan Sleevi wrote: > For future reference, changes like this should really belong in a separate CL. > > It's subtle, full of danger, and requires separate reasoning about to ensure > it's correctness. I'm aware that NSS and OpenSSL may have divergent behaviour > here, and you're fixing that behaviour, but that's not a strong enough > justification for lumping this in. It's perfectly OK to have CL chains. Yeah, I'll split this one out. Show quoted text > Independent of that, I do wonder whether this logic belongs associated with 1324 > - that is, in both cases, we want to do minimal fallback. 1324?
	1353 }

	1354 break;

1334 case ERR_SSL_INAPPROPRIATE_FALLBACK:	1355 case ERR_SSL_INAPPROPRIATE_FALLBACK:

1335 // The server told us that we should not have fallen back. A buggy server	1356 // The server told us that we should not have fallen back. A buggy server

1336 // could trigger ERR_SSL_INAPPROPRIATE_FALLBACK with the initial	1357 // could trigger ERR_SSL_INAPPROPRIATE_FALLBACK with the initial

1337 // connection. \|fallback_error_code_\| is initialised to	1358 // connection. \|fallback_error_code_\| is initialised to

1338 // ERR_SSL_INAPPROPRIATE_FALLBACK to catch this case.	1359 // ERR_SSL_INAPPROPRIATE_FALLBACK to catch this case.

1339 error = fallback_error_code_;	1360 error = fallback_error_code_;

1340 break;	1361 break;

1341 }	1362 }

1342	1363

1343 if (should_fallback) {	1364 if (should_fallback) {

(...skipping 207 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1551 description = base::StringPrintf("Unknown state 0x%08X (%u)", state,	1572 description = base::StringPrintf("Unknown state 0x%08X (%u)", state,

1552 state);	1573 state);

1553 break;	1574 break;

1554 }	1575 }

1555 return description;	1576 return description;

1556 }	1577 }

1557	1578

1558 #undef STATE_CASE	1579 #undef STATE_CASE

1559	1580

1560 } // namespace net	1581 } // namespace net

OLD	NEW

« no previous file with comments | « no previous file | net/socket/openssl_ssl_util.cc » ('j') | net/socket/ssl_client_socket_openssl.h » ('J')