diff options
author | rch <rch@chromium.org> | 2015-10-20 18:34:56 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-10-21 01:35:52 +0000 |
commit | f114d9850b9775da090398bce6d5752ccda4b844 (patch) | |
tree | 3f03af1f9bde792ed29acfe46601981fb29f2e22 /net/http | |
parent | 6abd14cf682e7b839d293e3bd75e38336c906357 (diff) | |
download | chromium_src-f114d9850b9775da090398bce6d5752ccda4b844.zip chromium_src-f114d9850b9775da090398bce6d5752ccda4b844.tar.gz chromium_src-f114d9850b9775da090398bce6d5752ccda4b844.tar.bz2 |
Remove insecure QUIC support from Chromium.
Review URL: https://codereview.chromium.org/1393713003
Cr-Commit-Position: refs/heads/master@{#355214}
Diffstat (limited to 'net/http')
-rw-r--r-- | net/http/http_network_session.cc | 1 | ||||
-rw-r--r-- | net/http/http_network_session.h | 2 | ||||
-rw-r--r-- | net/http/http_stream_factory_impl.cc | 3 | ||||
-rw-r--r-- | net/http/http_stream_factory_impl_job.cc | 14 |
4 files changed, 7 insertions, 13 deletions
diff --git a/net/http/http_network_session.cc b/net/http/http_network_session.cc index 777d721..e126a64 100644 --- a/net/http/http_network_session.cc +++ b/net/http/http_network_session.cc @@ -94,7 +94,6 @@ HttpNetworkSession::Params::Params() use_alternative_services(false), alternative_service_probability_threshold(1), enable_quic(false), - enable_insecure_quic(false), enable_quic_for_proxies(false), enable_quic_port_selection(true), quic_always_require_handshake_confirmation(false), diff --git a/net/http/http_network_session.h b/net/http/http_network_session.h index 75aea10..5353c47 100644 --- a/net/http/http_network_session.h +++ b/net/http/http_network_session.h @@ -113,8 +113,6 @@ class NET_EXPORT HttpNetworkSession // Enables QUIC support. bool enable_quic; - // Enables insecure QUIC (http:// URLs) support, if enable_quic is true. - bool enable_insecure_quic; // Enables QUIC for proxies. bool enable_quic_for_proxies; // Instruct QUIC to use consistent ephemeral ports when talking to diff --git a/net/http/http_stream_factory_impl.cc b/net/http/http_stream_factory_impl.cc index 2a8664e..4d32ffc 100644 --- a/net/http/http_stream_factory_impl.cc +++ b/net/http/http_stream_factory_impl.cc @@ -211,8 +211,7 @@ AlternativeServiceVector HttpStreamFactoryImpl::GetAlternativeServicesFor( if (session_->quic_stream_factory()->IsQuicDisabled(origin.port())) continue; - if (!session_->params().enable_insecure_quic && - !original_url.SchemeIs("https")) { + if (!original_url.SchemeIs("https")) { continue; } diff --git a/net/http/http_stream_factory_impl_job.cc b/net/http/http_stream_factory_impl_job.cc index 27c02cd..33476a0 100644 --- a/net/http/http_stream_factory_impl_job.cc +++ b/net/http/http_stream_factory_impl_job.cc @@ -775,7 +775,7 @@ int HttpStreamFactoryImpl::Job::DoResolveProxyComplete(int result) { bool HttpStreamFactoryImpl::Job::ShouldForceQuic() const { return session_->params().enable_quic && session_->params().origin_to_force_quic_on.Equals(server_) && - proxy_info_.is_direct(); + proxy_info_.is_direct() && origin_url_.SchemeIs("https"); } int HttpStreamFactoryImpl::Job::DoWaitForJob() { @@ -834,31 +834,29 @@ int HttpStreamFactoryImpl::Job::DoInitConnection() { } HostPortPair destination; std::string origin_host; - bool secure_quic; SSLConfig* ssl_config; if (proxy_info_.is_quic()) { // A proxy's certificate is expected to be valid for the proxy hostname. destination = proxy_info_.proxy_server().host_port_pair(); origin_host = destination.host(); - secure_quic = true; ssl_config = &proxy_ssl_config_; // If QUIC is disabled on the destination port, return error. if (session_->quic_stream_factory()->IsQuicDisabled(destination.port())) return ERR_QUIC_PROTOCOL_ERROR; } else { + DCHECK(using_ssl_); // The certificate of a QUIC alternative server is expected to be valid // for the origin of the request (in addition to being valid for the // server itself). destination = server_; origin_host = origin_url_.host(); - secure_quic = using_ssl_; ssl_config = &server_ssl_config_; } - int rv = quic_request_.Request( - destination, secure_quic, request_info_.privacy_mode, - ssl_config->GetCertVerifyFlags(), origin_host, request_info_.method, - net_log_, io_callback_); + int rv = + quic_request_.Request(destination, request_info_.privacy_mode, + ssl_config->GetCertVerifyFlags(), origin_host, + request_info_.method, net_log_, io_callback_); if (rv == OK) { using_existing_quic_session_ = true; } else { |