Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(285)

Unified Diff: net/socket/ssl_client_socket_nss.cc

Issue 706203003: Update from https://crrev.com/303153 (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/socket/ssl_client_socket_nss.h ('k') | net/socket/ssl_client_socket_openssl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/socket/ssl_client_socket_nss.cc
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index a7821b2fe4fca6214e1119c2f1f35bd5d8ae02c8..31a9b8d8379e31bbb6f8a3f16c9950794f23d7d3 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -86,7 +86,6 @@
#include "crypto/rsa_private_key.h"
#include "crypto/scoped_nss_types.h"
#include "net/base/address_list.h"
-#include "net/base/connection_type_histograms.h"
#include "net/base/dns_util.h"
#include "net/base/io_buffer.h"
#include "net/base/net_errors.h"
@@ -1631,6 +1630,11 @@ void SSLClientSocketNSS::Core::HandshakeCallback(
}
void SSLClientSocketNSS::Core::HandshakeSucceeded() {
+ // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed.
+ tracked_objects::ScopedProfile tracking_profile(
+ FROM_HERE_WITH_EXPLICIT_FUNCTION(
+ "424386 SSLClientSocketNSS::Core::HandshakeSucceeded"));
+
DCHECK(OnNSSTaskRunner());
PRBool last_handshake_resumed;
@@ -1657,6 +1661,11 @@ void SSLClientSocketNSS::Core::HandshakeSucceeded() {
}
int SSLClientSocketNSS::Core::HandleNSSError(PRErrorCode nss_error) {
+ // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed.
+ tracked_objects::ScopedProfile tracking_profile(
+ FROM_HERE_WITH_EXPLICIT_FUNCTION(
+ "424386 SSLClientSocketNSS::Core::HandleNSSError"));
+
DCHECK(OnNSSTaskRunner());
int net_error = MapNSSClientError(nss_error);
@@ -1804,6 +1813,11 @@ int SSLClientSocketNSS::Core::DoHandshake() {
int net_error = OK;
SECStatus rv = SSL_ForceHandshake(nss_fd_);
+ // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed.
+ tracked_objects::ScopedProfile tracking_profile1(
+ FROM_HERE_WITH_EXPLICIT_FUNCTION(
+ "424386 SSLClientSocketNSS::Core::DoHandshake 1"));
+
// Note: this function may be called multiple times during the handshake, so
// even though channel id and client auth are separate else cases, they can
// both be used during a single SSL handshake.
@@ -2473,8 +2487,6 @@ void SSLClientSocketNSS::Core::UpdateConnectionStatus() {
SSL_CONNECTION_COMPRESSION_MASK) <<
SSL_CONNECTION_COMPRESSION_SHIFT;
- // NSS 3.14.x doesn't have a version macro for TLS 1.2 (because NSS didn't
- // support it yet), so use 0x0303 directly.
int version = SSL_CONNECTION_VERSION_UNKNOWN;
if (channel_info.protocolVersion < SSL_LIBRARY_VERSION_3_0) {
// All versions less than SSL_LIBRARY_VERSION_3_0 are treated as SSL
@@ -2482,11 +2494,11 @@ void SSLClientSocketNSS::Core::UpdateConnectionStatus() {
version = SSL_CONNECTION_VERSION_SSL2;
} else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_0) {
version = SSL_CONNECTION_VERSION_SSL3;
- } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_1_TLS) {
+ } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_0) {
version = SSL_CONNECTION_VERSION_TLS1;
} else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_1) {
version = SSL_CONNECTION_VERSION_TLS1_1;
- } else if (channel_info.protocolVersion == 0x0303) {
+ } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_2) {
version = SSL_CONNECTION_VERSION_TLS1_2;
}
nss_handshake_state_.ssl_connection_status |=
@@ -3492,8 +3504,11 @@ int SSLClientSocketNSS::DoVerifyCertComplete(int result) {
// TODO(hclam): Skip logging if server cert was expected to be bad because
// |server_cert_verify_result_| doesn't contain all the information about
// the cert.
- if (result == OK)
- LogConnectionTypeMetrics();
+ if (result == OK) {
+ int ssl_version =
+ SSLConnectionStatusToVersion(core_->state().ssl_connection_status);
+ RecordConnectionTypeMetrics(ssl_version);
+ }
const CertStatus cert_status = server_cert_verify_result_.cert_status;
if (transport_security_state_ &&
@@ -3561,29 +3576,6 @@ void SSLClientSocketNSS::VerifyCT() {
<< ct_verify_result_.unknown_logs_scts.size();
}
-void SSLClientSocketNSS::LogConnectionTypeMetrics() const {
- UpdateConnectionTypeHistograms(CONNECTION_SSL);
- int ssl_version = SSLConnectionStatusToVersion(
- core_->state().ssl_connection_status);
- switch (ssl_version) {
- case SSL_CONNECTION_VERSION_SSL2:
- UpdateConnectionTypeHistograms(CONNECTION_SSL_SSL2);
- break;
- case SSL_CONNECTION_VERSION_SSL3:
- UpdateConnectionTypeHistograms(CONNECTION_SSL_SSL3);
- break;
- case SSL_CONNECTION_VERSION_TLS1:
- UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1);
- break;
- case SSL_CONNECTION_VERSION_TLS1_1:
- UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1);
- break;
- case SSL_CONNECTION_VERSION_TLS1_2:
- UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2);
- break;
- };
-}
-
void SSLClientSocketNSS::EnsureThreadIdAssigned() const {
base::AutoLock auto_lock(lock_);
if (valid_thread_id_ != base::kInvalidThreadId)
« no previous file with comments | « net/socket/ssl_client_socket_nss.h ('k') | net/socket/ssl_client_socket_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698