Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(133)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_network_transaction.cc

Issue 2858693003: Remove the deprecated cipher fallback. (Closed)
Patch Set: rebase Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/http_network_transaction.h ('k') | net/log/net_log_event_type_list.h » ('j') | net/socket/client_socket_pool_manager.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_network_transaction.cc
diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc
index bc9666875110a56b522c617bd75b584e95708359..cc5e02efde4858667fe061160a720988fde25009 100644
--- a/net/http/http_network_transaction.cc
+++ b/net/http/http_network_transaction.cc
@@ -70,22 +70,6 @@
namespace net {
-namespace {
-
-std::unique_ptr<base::Value> NetLogSSLCipherFallbackCallback(
- const GURL* url,
- int net_error,
- NetLogCaptureMode /* capture_mode */) {
- std::unique_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
- dict->SetString("host_and_port", GetHostAndPort(*url));
- dict->SetInteger("net_error", net_error);
- return std::move(dict);
-}
-
-} // namespace
-
-//-----------------------------------------------------------------------------
-
HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority,
HttpNetworkSession* session)
: pending_auth_target_(HttpAuth::AUTH_NONE),
@@ -881,9 +865,6 @@ int HttpNetworkTransaction::DoCreateStreamComplete(int result) {
if (result != ERR_HTTPS_PROXY_TUNNEL_RESPONSE)
CopyConnectionAttemptsFromStreamRequest();
- if (request_->url.SchemeIsCryptographic())
- RecordSSLFallbackMetrics(result);
-
if (result == OK) {
next_state_ = STATE_INIT_STREAM;
DCHECK(stream_.get());
@@ -1512,22 +1493,6 @@ void HttpNetworkTransaction::HandleClientAuthError(int error) {
int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {
DCHECK(request_);
HandleClientAuthError(error);
-
- // Accept deprecated cipher suites, but only on a fallback. This makes UMA
- // reflect servers require a deprecated cipher rather than merely prefer
- // it. This, however, has no security benefit until the ciphers are actually
- // removed.
- if (!server_ssl_config_.deprecated_cipher_suites_enabled &&
- (error == ERR_SSL_VERSION_OR_CIPHER_MISMATCH ||
- error == ERR_CONNECTION_CLOSED || error == ERR_CONNECTION_RESET)) {
- net_log_.AddEvent(
- NetLogEventType::SSL_CIPHER_FALLBACK,
- base::Bind(&NetLogSSLCipherFallbackCallback, &request_->url, error));
- server_ssl_config_.deprecated_cipher_suites_enabled = true;
- ResetConnectionAndRequestForResend();
- return OK;
- }
-
return error;
}
@@ -1641,14 +1606,6 @@ void HttpNetworkTransaction::CacheNetErrorDetailsAndResetStream() {
stream_.reset();
}
-void HttpNetworkTransaction::RecordSSLFallbackMetrics(int result) {
- if (result != OK)
- return;
-
- UMA_HISTOGRAM_BOOLEAN("Net.ConnectionUsedSSLDeprecatedCipherFallback2",
- server_ssl_config_.deprecated_cipher_suites_enabled);
-}
-
HttpResponseHeaders* HttpNetworkTransaction::GetResponseHeaders() const {
return response_.headers.get();
}
« no previous file with comments | « net/http/http_network_transaction.h ('k') | net/log/net_log_event_type_list.h » ('j') | net/socket/client_socket_pool_manager.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698