| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
| 6 | 6 |
| 7 #include "base/scoped_ptr.h" | 7 #include "base/scoped_ptr.h" |
| 8 #include "base/compiler_specific.h" | 8 #include "base/compiler_specific.h" |
| 9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
| 10 #include "base/trace_event.h" | 10 #include "base/trace_event.h" |
| (...skipping 478 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 489 } | 489 } |
| 490 | 490 |
| 491 int HttpNetworkTransaction::DoConnectComplete(int result) { | 491 int HttpNetworkTransaction::DoConnectComplete(int result) { |
| 492 if (IsCertificateError(result)) | 492 if (IsCertificateError(result)) |
| 493 result = HandleCertificateError(result); | 493 result = HandleCertificateError(result); |
| 494 | 494 |
| 495 if (result == OK) { | 495 if (result == OK) { |
| 496 next_state_ = STATE_WRITE_HEADERS; | 496 next_state_ = STATE_WRITE_HEADERS; |
| 497 if (using_tunnel_) | 497 if (using_tunnel_) |
| 498 establishing_tunnel_ = true; | 498 establishing_tunnel_ = true; |
| 499 } else if (result == ERR_SSL_PROTOCOL_ERROR) { | 499 } else { |
| 500 result = HandleSSLHandshakeError(result); | 500 result = HandleSSLHandshakeError(result); |
| 501 } else { | 501 if (result != OK) |
| 502 result = ReconsiderProxyAfterError(result); | 502 result = ReconsiderProxyAfterError(result); |
| 503 } | 503 } |
| 504 return result; | 504 return result; |
| 505 } | 505 } |
| 506 | 506 |
| 507 int HttpNetworkTransaction::DoSSLConnectOverTunnel() { | 507 int HttpNetworkTransaction::DoSSLConnectOverTunnel() { |
| 508 next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL_COMPLETE; | 508 next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL_COMPLETE; |
| 509 | 509 |
| 510 // Add a SSL socket on top of our existing transport socket. | 510 // Add a SSL socket on top of our existing transport socket. |
| 511 ClientSocket* s = connection_.release_socket(); | 511 ClientSocket* s = connection_.release_socket(); |
| 512 s = socket_factory_->CreateSSLClientSocket(s, request_->url.host(), | 512 s = socket_factory_->CreateSSLClientSocket(s, request_->url.host(), |
| 513 ssl_version_mask_); | 513 ssl_version_mask_); |
| 514 connection_.set_socket(s); | 514 connection_.set_socket(s); |
| 515 return connection_.socket()->Connect(&io_callback_); | 515 return connection_.socket()->Connect(&io_callback_); |
| 516 } | 516 } |
| 517 | 517 |
| 518 int HttpNetworkTransaction::DoSSLConnectOverTunnelComplete(int result) { | 518 int HttpNetworkTransaction::DoSSLConnectOverTunnelComplete(int result) { |
| 519 if (IsCertificateError(result)) | 519 if (IsCertificateError(result)) |
| 520 result = HandleCertificateError(result); | 520 result = HandleCertificateError(result); |
| 521 | 521 |
| 522 if (result == OK) { | 522 if (result == OK) { |
| 523 next_state_ = STATE_WRITE_HEADERS; | 523 next_state_ = STATE_WRITE_HEADERS; |
| 524 } else if (result == ERR_SSL_PROTOCOL_ERROR) { | 524 } else { |
| 525 result = HandleSSLHandshakeError(result); | 525 result = HandleSSLHandshakeError(result); |
| 526 } | 526 } |
| 527 return result; | 527 return result; |
| 528 } | 528 } |
| 529 | 529 |
| 530 int HttpNetworkTransaction::DoWriteHeaders() { | 530 int HttpNetworkTransaction::DoWriteHeaders() { |
| 531 next_state_ = STATE_WRITE_HEADERS_COMPLETE; | 531 next_state_ = STATE_WRITE_HEADERS_COMPLETE; |
| 532 | 532 |
| 533 // This is constructed lazily (instead of within our Start method), so that | 533 // This is constructed lazily (instead of within our Start method), so that |
| 534 // we have proxy info available. | 534 // we have proxy info available. |
| (...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 874 SSLClientSocket* ssl_socket = | 874 SSLClientSocket* ssl_socket = |
| 875 reinterpret_cast<SSLClientSocket*>(connection_.socket()); | 875 reinterpret_cast<SSLClientSocket*>(connection_.socket()); |
| 876 ssl_socket->GetSSLInfo(&response_.ssl_info); | 876 ssl_socket->GetSSLInfo(&response_.ssl_info); |
| 877 } | 877 } |
| 878 #endif | 878 #endif |
| 879 return error; | 879 return error; |
| 880 } | 880 } |
| 881 | 881 |
| 882 int HttpNetworkTransaction::HandleSSLHandshakeError(int error) { | 882 int HttpNetworkTransaction::HandleSSLHandshakeError(int error) { |
| 883 #if defined(OS_WIN) | 883 #if defined(OS_WIN) |
| 884 if (ssl_version_mask_ & SSLClientSocket::TLS1) { | 884 switch (error) { |
| 885 // This could be a TLS-intolerant server. Turn off TLS 1.0 and retry. | 885 case ERR_SSL_PROTOCOL_ERROR: |
| 886 ssl_version_mask_ &= ~SSLClientSocket::TLS1; | 886 case ERR_SSL_VERSION_OR_CIPHER_MISMATCH: |
| 887 connection_.set_socket(NULL); | 887 if (ssl_version_mask_ & SSLClientSocket::TLS1) { |
| 888 connection_.Reset(); | 888 // This could be a TLS-intolerant server or an SSL 3.0 server that |
| 889 next_state_ = STATE_INIT_CONNECTION; | 889 // chose a TLS-only cipher suite. Turn off TLS 1.0 and retry. |
| 890 error = OK; | 890 ssl_version_mask_ &= ~SSLClientSocket::TLS1; |
| 891 connection_.set_socket(NULL); |
| 892 connection_.Reset(); |
| 893 next_state_ = STATE_INIT_CONNECTION; |
| 894 error = OK; |
| 895 } |
| 896 break; |
| 891 } | 897 } |
| 892 #endif | 898 #endif |
| 893 return error; | 899 return error; |
| 894 } | 900 } |
| 895 | 901 |
| 896 // This method determines whether it is safe to resend the request after an | 902 // This method determines whether it is safe to resend the request after an |
| 897 // IO error. It can only be called in response to request header or body | 903 // IO error. It can only be called in response to request header or body |
| 898 // write errors or response header read errors. It should not be used in | 904 // write errors or response header read errors. It should not be used in |
| 899 // other cases, such as a Connect error. | 905 // other cases, such as a Connect error. |
| 900 int HttpNetworkTransaction::HandleIOError(int error) { | 906 int HttpNetworkTransaction::HandleIOError(int error) { |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1072 auth_data_[target]->state = AUTH_STATE_NEED_AUTH; | 1078 auth_data_[target]->state = AUTH_STATE_NEED_AUTH; |
| 1073 } | 1079 } |
| 1074 | 1080 |
| 1075 response_.auth_challenge.swap(auth_info); | 1081 response_.auth_challenge.swap(auth_info); |
| 1076 auth_handler_[target].reset(auth_handler.release()); | 1082 auth_handler_[target].reset(auth_handler.release()); |
| 1077 | 1083 |
| 1078 return OK; | 1084 return OK; |
| 1079 } | 1085 } |
| 1080 | 1086 |
| 1081 } // namespace net | 1087 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7242:
The Schannel considers some cipher suites (e.g., the... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/