| Index: net/http/http_transaction_winhttp.cc
|
| ===================================================================
|
| --- net/http/http_transaction_winhttp.cc (revision 3081)
|
| +++ net/http/http_transaction_winhttp.cc (working copy)
|
| @@ -58,6 +58,8 @@
|
| case ERROR_WINHTTP_SECURE_FAILURE:
|
| case SEC_E_ILLEGAL_MESSAGE:
|
| return ERR_SSL_PROTOCOL_ERROR;
|
| + case SEC_E_ALGORITHM_MISMATCH:
|
| + return ERR_SSL_VERSION_OR_CIPHER_MISMATCH;
|
| case ERROR_WINHTTP_CLIENT_AUTH_CERT_NEEDED:
|
| return ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
|
| case ERROR_WINHTTP_UNRECOGNIZED_SCHEME:
|
| @@ -1343,10 +1345,13 @@
|
| last_error_ = error;
|
| rv = TranslateOSError(error);
|
|
|
| - if (rv == ERR_SSL_PROTOCOL_ERROR &&
|
| + if ((rv == ERR_SSL_PROTOCOL_ERROR ||
|
| + rv == ERR_SSL_VERSION_OR_CIPHER_MISMATCH) &&
|
| !session_callback_->request_was_probably_sent() &&
|
| session_->tls_enabled() && !is_tls_intolerant_) {
|
| - // The server might be TLS intolerant. Downgrade to SSL 3.0 and retry.
|
| + // The server might be TLS intolerant. Or it might be an SSL 3.0 server
|
| + // that chose a TLS-only cipher suite, which we handle in the same way.
|
| + // Downgrade to SSL 3.0 and retry.
|
| is_tls_intolerant_ = true;
|
| if (!ReopenRequest())
|
| return TranslateLastOSError();
|
|
|
Chromium Code Reviews
Issue 7242:
The Schannel considers some cipher suites (e.g., the... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/