OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_stream_factory_impl_job.h" | 5 #include "net/http/http_stream_factory_impl_job.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
(...skipping 1033 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1044 return original_url_->SchemeIs("http"); | 1044 return original_url_->SchemeIs("http"); |
1045 } | 1045 } |
1046 return request_info_.url.SchemeIs("http"); | 1046 return request_info_.url.SchemeIs("http"); |
1047 } | 1047 } |
1048 | 1048 |
1049 // Sets several fields of ssl_config for the given origin_server based on the | 1049 // Sets several fields of ssl_config for the given origin_server based on the |
1050 // proxy info and other factors. | 1050 // proxy info and other factors. |
1051 void HttpStreamFactoryImpl::Job::InitSSLConfig( | 1051 void HttpStreamFactoryImpl::Job::InitSSLConfig( |
1052 const HostPortPair& origin_server, | 1052 const HostPortPair& origin_server, |
1053 SSLConfig* ssl_config) const { | 1053 SSLConfig* ssl_config) const { |
1054 if (stream_factory_->IsTLSIntolerantServer(origin_server)) { | |
1055 LOG(WARNING) << "Falling back to SSLv3 because host is TLS intolerant: " | |
1056 << origin_server.ToString(); | |
wtc
2012/04/26 00:49:14
Move this warning message to net/http/http_network
agl
2012/04/26 17:03:29
Done.
| |
1057 ssl_config->ssl3_fallback = true; | |
1058 ssl_config->tls1_enabled = false; | |
1059 } | |
1060 | |
1061 if (proxy_info_.is_https() && ssl_config->send_client_cert) { | 1054 if (proxy_info_.is_https() && ssl_config->send_client_cert) { |
1062 // When connecting through an HTTPS proxy, disable TLS False Start so | 1055 // When connecting through an HTTPS proxy, disable TLS False Start so |
1063 // that client authentication errors can be distinguished between those | 1056 // that client authentication errors can be distinguished between those |
1064 // originating from the proxy server (ERR_PROXY_CONNECTION_FAILED) and | 1057 // originating from the proxy server (ERR_PROXY_CONNECTION_FAILED) and |
1065 // those originating from the endpoint (ERR_SSL_PROTOCOL_ERROR / | 1058 // those originating from the endpoint (ERR_SSL_PROTOCOL_ERROR / |
1066 // ERR_BAD_SSL_CLIENT_AUTH_CERT). | 1059 // ERR_BAD_SSL_CLIENT_AUTH_CERT). |
1067 // TODO(rch): This assumes that the HTTPS proxy will only request a | 1060 // TODO(rch): This assumes that the HTTPS proxy will only request a |
1068 // client certificate during the initial handshake. | 1061 // client certificate during the initial handshake. |
1069 // http://crbug.com/59292 | 1062 // http://crbug.com/59292 |
1070 ssl_config->false_start_enabled = false; | 1063 ssl_config->false_start_enabled = false; |
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1244 return false; | 1237 return false; |
1245 } | 1238 } |
1246 if (request_info_.method != "GET" && request_info_.method != "HEAD") { | 1239 if (request_info_.method != "GET" && request_info_.method != "HEAD") { |
1247 return false; | 1240 return false; |
1248 } | 1241 } |
1249 return stream_factory_->http_pipelined_host_pool_.IsKeyEligibleForPipelining( | 1242 return stream_factory_->http_pipelined_host_pool_.IsKeyEligibleForPipelining( |
1250 *http_pipelining_key_.get()); | 1243 *http_pipelining_key_.get()); |
1251 } | 1244 } |
1252 | 1245 |
1253 } // namespace net | 1246 } // namespace net |
OLD | NEW |