diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-06 14:38:11 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-06 14:38:11 +0000 |
| commit | a66397e4836935deec66807fa13650ad342de641 (patch) | |
| tree | 49113a9a2ada56681f05fcb5398f9208e470d698 /net/socket/ssl_client_socket_nss.cc | |
| parent | 36013cd3c867f7a9d333a08617b23a38b74af7a9 (diff) | |
| download | chromium_src-a66397e4836935deec66807fa13650ad342de641.zip chromium_src-a66397e4836935deec66807fa13650ad342de641.tar.gz chromium_src-a66397e4836935deec66807fa13650ad342de641.tar.bz2 | |
Revert Revert "net: uncork NSS sockets after a 200ms timeout."
First landed in r61546, reverted in r61560 in case it was causing heap
check redness. Turned out to be innocent, so relanding.
net: uncork NSS sockets after a 200ms timeout.
We found that, after the recent corking change (r58838), we could end
up not sending the Finished message for an extended period of time.
This would cause servers to time out our SSL connections because they
thought that we were still performing the handshake.
With this change, we'll uncork and flush buffers after 200ms if no
application data is ready.
BUG=58017
TEST=Make HTTPS connections to Google sites. Check that the servers are terminating our idle conn····
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61638 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/ssl_client_socket_nss.cc')
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index df476e9..f30d56c 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -91,6 +91,12 @@ static const int kRecvBufferSize = 4096; +// kCorkTimeoutMs is the number of milliseconds for which we'll wait for a +// Write to an SSL socket which we're False Starting. Since corking stops the +// Finished message from being sent, the server sees an incomplete handshake +// and some will time out such sockets quite aggressively. +static const int kCorkTimeoutMs = 200; + namespace net { // State machines are easier to debug if you log state transitions. @@ -691,6 +697,14 @@ bool SSLClientSocketNSS::IsNPNProtocolMispredicted() { return predicted_npn_proto_ != npn_proto; } +void SSLClientSocketNSS::UncorkAfterTimeout() { + corked_ = false; + int nsent; + do { + nsent = BufferSend(); + } while (nsent > 0); +} + int SSLClientSocketNSS::Connect(CompletionCallback* callback) { EnterFunction(""); DCHECK(transport_.get()); @@ -1108,7 +1122,10 @@ int SSLClientSocketNSS::Write(IOBuffer* buf, int buf_len, return rv; } - corked_ = false; + if (corked_) { + corked_ = false; + uncork_timer_.Reset(); + } int rv = DoWriteLoop(OK); if (rv == ERR_IO_PENDING) { @@ -1713,8 +1730,12 @@ SECStatus SSLClientSocketNSS::OwnAuthCertHandler(void* arg, NOTREACHED(); if (false_start) { SSLClientSocketNSS* that = reinterpret_cast<SSLClientSocketNSS*>(arg); - if (!that->handshake_callback_called_) + if (!that->handshake_callback_called_) { that->corked_ = true; + that->uncork_timer_.Start( + base::TimeDelta::FromMilliseconds(kCorkTimeoutMs), + that, &SSLClientSocketNSS::UncorkAfterTimeout); + } } #endif |