| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_stream_factory_impl_job.h" | 5 #include "net/http/http_stream_factory_impl_job.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 #include "net/socket/client_socket_handle.h" | 34 #include "net/socket/client_socket_handle.h" |
| 35 #include "net/socket/client_socket_pool.h" | 35 #include "net/socket/client_socket_pool.h" |
| 36 #include "net/socket/client_socket_pool_manager.h" | 36 #include "net/socket/client_socket_pool_manager.h" |
| 37 #include "net/socket/socks_client_socket_pool.h" | 37 #include "net/socket/socks_client_socket_pool.h" |
| 38 #include "net/socket/ssl_client_socket.h" | 38 #include "net/socket/ssl_client_socket.h" |
| 39 #include "net/socket/ssl_client_socket_pool.h" | 39 #include "net/socket/ssl_client_socket_pool.h" |
| 40 #include "net/spdy/spdy_http_stream.h" | 40 #include "net/spdy/spdy_http_stream.h" |
| 41 #include "net/spdy/spdy_session.h" | 41 #include "net/spdy/spdy_session.h" |
| 42 #include "net/spdy/spdy_session_pool.h" | 42 #include "net/spdy/spdy_session_pool.h" |
| 43 #include "net/ssl/ssl_cert_request_info.h" | 43 #include "net/ssl/ssl_cert_request_info.h" |
| 44 #include "net/ssl/ssl_connection_status_flags.h" |
| 44 | 45 |
| 45 namespace net { | 46 namespace net { |
| 46 | 47 |
| 47 // Returns parameters associated with the start of a HTTP stream job. | 48 // Returns parameters associated with the start of a HTTP stream job. |
| 48 base::Value* NetLogHttpStreamJobCallback(const GURL* original_url, | 49 base::Value* NetLogHttpStreamJobCallback(const GURL* original_url, |
| 49 const GURL* url, | 50 const GURL* url, |
| 50 RequestPriority priority, | 51 RequestPriority priority, |
| 51 NetLog::LogLevel /* log_level */) { | 52 NetLog::LogLevel /* log_level */) { |
| 52 base::DictionaryValue* dict = new base::DictionaryValue(); | 53 base::DictionaryValue* dict = new base::DictionaryValue(); |
| 53 dict->SetString("original_url", original_url->GetOrigin().spec()); | 54 dict->SetString("original_url", original_url->GetOrigin().spec()); |
| (...skipping 1058 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1112 if (existing_spdy_session_.get()) { | 1113 if (existing_spdy_session_.get()) { |
| 1113 // We picked up an existing session, so we don't need our socket. | 1114 // We picked up an existing session, so we don't need our socket. |
| 1114 if (connection_->socket()) | 1115 if (connection_->socket()) |
| 1115 connection_->socket()->Disconnect(); | 1116 connection_->socket()->Disconnect(); |
| 1116 connection_->Reset(); | 1117 connection_->Reset(); |
| 1117 std::swap(spdy_session, existing_spdy_session_); | 1118 std::swap(spdy_session, existing_spdy_session_); |
| 1118 } else { | 1119 } else { |
| 1119 SpdySessionPool* spdy_pool = session_->spdy_session_pool(); | 1120 SpdySessionPool* spdy_pool = session_->spdy_session_pool(); |
| 1120 spdy_session = spdy_pool->FindAvailableSession(spdy_session_key, net_log_); | 1121 spdy_session = spdy_pool->FindAvailableSession(spdy_session_key, net_log_); |
| 1121 if (!spdy_session) { | 1122 if (!spdy_session) { |
| 1122 new_spdy_session_ = | 1123 SSLInfo ssl_info; |
| 1124 if (using_ssl_) { |
| 1125 SSLClientSocket* ssl_socket = |
| 1126 static_cast<SSLClientSocket*>(connection_->socket()); |
| 1127 ssl_socket->GetSSLInfo(&ssl_info); |
| 1128 } |
| 1129 |
| 1130 base::WeakPtr<SpdySession> new_spdy_session = |
| 1123 spdy_pool->CreateAvailableSessionFromSocket(spdy_session_key, | 1131 spdy_pool->CreateAvailableSessionFromSocket(spdy_session_key, |
| 1124 connection_.Pass(), | 1132 connection_.Pass(), |
| 1125 net_log_, | 1133 net_log_, |
| 1126 spdy_certificate_error_, | 1134 spdy_certificate_error_, |
| 1127 using_ssl_); | 1135 using_ssl_); |
| 1136 if (using_ssl_) { |
| 1137 if (SSLConnectionStatusToVersion(ssl_info.connection_status) < |
| 1138 SSL_CONNECTION_VERSION_TLS1_2) { |
| 1139 new_spdy_session->CloseSessionOnError( |
| 1140 ERR_SPDY_PROTOCOL_ERROR, |
| 1141 base::StringPrintf( |
| 1142 "TLS Version[%d] too old", |
| 1143 SSLConnectionStatusToVersion(ssl_info.connection_status))); |
| 1144 return ERR_SPDY_PROTOCOL_ERROR; |
| 1145 } |
| 1146 } |
| 1147 |
| 1148 new_spdy_session_ = new_spdy_session; |
| 1149 spdy_session_direct_ = direct; |
| 1128 const HostPortPair& host_port_pair = spdy_session_key.host_port_pair(); | 1150 const HostPortPair& host_port_pair = spdy_session_key.host_port_pair(); |
| 1129 base::WeakPtr<HttpServerProperties> http_server_properties = | 1151 base::WeakPtr<HttpServerProperties> http_server_properties = |
| 1130 session_->http_server_properties(); | 1152 session_->http_server_properties(); |
| 1131 if (http_server_properties) | 1153 if (http_server_properties) |
| 1132 http_server_properties->SetSupportsSpdy(host_port_pair, true); | 1154 http_server_properties->SetSupportsSpdy(host_port_pair, true); |
| 1133 spdy_session_direct_ = direct; | |
| 1134 | 1155 |
| 1135 // Create a SpdyHttpStream attached to the session; | 1156 // Create a SpdyHttpStream attached to the session; |
| 1136 // OnNewSpdySessionReadyCallback is not called until an event loop | 1157 // OnNewSpdySessionReadyCallback is not called until an event loop |
| 1137 // iteration later, so if the SpdySession is closed between then, allow | 1158 // iteration later, so if the SpdySession is closed between then, allow |
| 1138 // reuse state from the underlying socket, sampled by SpdyHttpStream, | 1159 // reuse state from the underlying socket, sampled by SpdyHttpStream, |
| 1139 // bubble up to the request. | 1160 // bubble up to the request. |
| 1140 bool use_relative_url = direct || request_info_.url.SchemeIs("https"); | 1161 bool use_relative_url = direct || request_info_.url.SchemeIs("https"); |
| 1141 stream_.reset(new SpdyHttpStream(new_spdy_session_, use_relative_url)); | 1162 stream_.reset(new SpdyHttpStream(new_spdy_session_, use_relative_url)); |
| 1142 | 1163 |
| 1143 return OK; | 1164 return OK; |
| (...skipping 348 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1492 (net::LOAD_MAIN_FRAME | net::LOAD_SUB_FRAME | net::LOAD_PREFETCH | | 1513 (net::LOAD_MAIN_FRAME | net::LOAD_SUB_FRAME | net::LOAD_PREFETCH | |
| 1493 net::LOAD_IS_DOWNLOAD)) { | 1514 net::LOAD_IS_DOWNLOAD)) { |
| 1494 // Avoid pipelining resources that may be streamed for a long time. | 1515 // Avoid pipelining resources that may be streamed for a long time. |
| 1495 return false; | 1516 return false; |
| 1496 } | 1517 } |
| 1497 return stream_factory_->http_pipelined_host_pool_.IsKeyEligibleForPipelining( | 1518 return stream_factory_->http_pipelined_host_pool_.IsKeyEligibleForPipelining( |
| 1498 *http_pipelining_key_.get()); | 1519 *http_pipelining_key_.get()); |
| 1499 } | 1520 } |
| 1500 | 1521 |
| 1501 } // namespace net | 1522 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 291093002:
Fail the SPDY transaction if it does not meet TLS base requirements. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src