net/http/http_stream_factory_impl_job.cc - Issue 291093002: Fail the SPDY transaction if it does not meet TLS base requirements.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/http/http_stream_factory_impl_job.cc

Issue 291093002: Fail the SPDY transaction if it does not meet TLS base requirements. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Sync and rebase Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: net/http/http_stream_factory_impl_job.cc

diff --git a/net/http/http_stream_factory_impl_job.cc b/net/http/http_stream_factory_impl_job.cc

index b360beee4418a65b5050f36f2840834f90255a72..b10628556996138afef444120e372c6ee5f6bc5f 100644

--- a/net/http/http_stream_factory_impl_job.cc

+++ b/net/http/http_stream_factory_impl_job.cc

@@ -1120,18 +1120,25 @@ int HttpStreamFactoryImpl::Job::DoCreateStream() {

SpdySessionPool* spdy_pool = session_->spdy_session_pool();

spdy_session = spdy_pool->FindAvailableSession(spdy_session_key, net_log_);

if (!spdy_session) {

- new_spdy_session_ =

+ base::WeakPtr<SpdySession> new_spdy_session =

spdy_pool->CreateAvailableSessionFromSocket(spdy_session_key,

connection_.Pass(),

net_log_,

spdy_certificate_error_,

using_ssl_);

+ if (!new_spdy_session->HasAcceptableTransportSecurity()) {

+ new_spdy_session->CloseSessionOnError(ERR_SPDY_PROTOCOL_ERROR,

+ "TLS security too low");

Johnny 2014/05/21 16:27:04 Create an ERR mapping for INADEQUATE_SECURITY [1]

willchan no longer on Chromium 2014/05/21 17:47:15 Done.

+ return ERR_SPDY_PROTOCOL_ERROR;

+ }

+ new_spdy_session_ = new_spdy_session;

+ spdy_session_direct_ = direct;

const HostPortPair& host_port_pair = spdy_session_key.host_port_pair();

base::WeakPtr<HttpServerProperties> http_server_properties =

session_->http_server_properties();

if (http_server_properties)

http_server_properties->SetSupportsSpdy(host_port_pair, true);

- spdy_session_direct_ = direct;

// Create a SpdyHttpStream attached to the session;

// OnNewSpdySessionReadyCallback is not called until an event loop

« no previous file with comments | « no previous file | net/net.gypi » ('j') | net/spdy/spdy_network_transaction_unittest.cc » ('J')