net: remove opportunistic HTTPS stuff.

We never used it. BUG=none TEST=none Review URL: http://codereview.chromium.org/7917018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@101769 0039d316-1c4b-4281-b951-d872f2087c98
author: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-09-19 17:37:19 +0000
committer: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-09-19 17:37:19 +0000
commit: e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7 (patch)
tree: 98b526683c84a5dde8789f7df906c77af9cb8485 /net
parent: 9b4030b5b024a491c5cfb7468f7ea87f788207e2 (diff)
download: chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.zip
chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.tar.gz
chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.tar.bz2
7 files changed, 3 insertions, 298 deletions
diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc
index 787b1f14..2a7fafa 100644
--- a/net/base/transport_security_state.cc
+++ b/net/base/transport_security_state.cc
@@ -313,9 +313,6 @@ bool TransportSecurityState::Serialise(std::string* output) {
       case DomainState::MODE_STRICT:
         state->SetString("mode", "strict");
         break;
-      case DomainState::MODE_OPPORTUNISTIC:
-        state->SetString("mode", "opportunistic");
-        break;
       case DomainState::MODE_SPDY_ONLY:
         state->SetString("mode", "spdy-only");
         break;
@@ -410,8 +407,6 @@ bool TransportSecurityState::Deserialise(
     DomainState::Mode mode;
     if (mode_string == "strict") {
       mode = DomainState::MODE_STRICT;
-    } else if (mode_string == "opportunistic") {
-      mode = DomainState::MODE_OPPORTUNISTIC;
     } else if (mode_string == "spdy-only") {
       mode = DomainState::MODE_SPDY_ONLY;
     } else if (mode_string == "none") {
diff --git a/net/base/transport_security_state.h b/net/base/transport_security_state.h
index 805e2c4..513ae8b 100644
--- a/net/base/transport_security_state.h
+++ b/net/base/transport_security_state.h
@@ -39,10 +39,8 @@ class NET_EXPORT TransportSecurityState :
       //   * We generate internal redirects from HTTP -> HTTPS.
       //   * Certificate issues are fatal.
       MODE_STRICT = 0,
-      // Opportunistic mode implies:
-      //   * We'll request HTTP URLs over HTTPS
-      //   * Certificate issues are ignored.
-      MODE_OPPORTUNISTIC = 1,
+      // This used to be opportunistic HTTPS, but we removed support.
+      MODE_OPPORTUNISTIC_REMOVED = 1,
       // SPDY_ONLY (aka X-Bodge-Transport-Security) is a hopefully temporary
       // measure. It implies:
       //   * We'll request HTTP URLs over HTTPS iff we have SPDY support.
diff --git a/net/base/transport_security_state_unittest.cc b/net/base/transport_security_state_unittest.cc
index d3b898f..1068e05 100644
--- a/net/base/transport_security_state_unittest.cc
+++ b/net/base/transport_security_state_unittest.cc
@@ -244,29 +244,6 @@ TEST_F(TransportSecurityStateTest, Serialise2) {
   EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "com", true));
 }
 
-TEST_F(TransportSecurityStateTest, Serialise3) {
-  scoped_refptr<TransportSecurityState> state(
-      new TransportSecurityState(std::string()));
-
-  TransportSecurityState::DomainState domain_state;
-  const base::Time current_time(base::Time::Now());
-  const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
-
-  EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
-  domain_state.mode = TransportSecurityState::DomainState::MODE_OPPORTUNISTIC;
-  domain_state.expiry = expiry;
-  state->EnableHost("yahoo.com", domain_state);
-
-  std::string output;
-  bool dirty;
-  state->Serialise(&output);
-  EXPECT_TRUE(state->LoadEntries(output, &dirty));
-
-  EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
-  EXPECT_EQ(domain_state.mode,
-            TransportSecurityState::DomainState::MODE_OPPORTUNISTIC);
-}
-
 TEST_F(TransportSecurityStateTest, DeleteSince) {
   scoped_refptr<TransportSecurityState> state(
       new TransportSecurityState(std::string()));
diff --git a/net/net.gyp b/net/net.gyp
index 61e6af9..1b752b7 100644
--- a/net/net.gyp
+++ b/net/net.gyp
@@ -625,8 +625,6 @@
         'udp/udp_socket_libevent.h',
         'udp/udp_socket_win.cc',
         'udp/udp_socket_win.h',
-        'url_request/https_prober.cc',
-        'url_request/https_prober.h',
         'url_request/url_request.cc',
         'url_request/url_request.h',
         'url_request/url_request_about_job.cc',
diff --git a/net/url_request/https_prober.cc b/net/url_request/https_prober.cc
deleted file mode 100644
index de0dc9b..0000000
--- a/net/url_request/https_prober.cc
+++ /dev/null
@@ -1,93 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/memory/singleton.h"
-#include "net/url_request/https_prober.h"
-
-#include "net/url_request/url_request.h"
-#include "net/url_request/url_request_context.h"
-
-namespace net {
-
-// static
-HTTPSProber* HTTPSProber::GetInstance() {
-  return Singleton<HTTPSProber>::get();
-}
-
-bool HTTPSProber::HaveProbed(const std::string& host) const {
-  return probed_.find(host) != probed_.end();
-}
-
-bool HTTPSProber::InFlight(const std::string& host) const {
-  return inflight_probes_.find(host) != inflight_probes_.end();
-}
-
-bool HTTPSProber::ProbeHost(const std::string& host,
-                            const URLRequestContext* ctx,
-                            HTTPSProberDelegate* delegate) {
-  if (HaveProbed(host) || InFlight(host)) {
-    return false;
-  }
-
-  inflight_probes_[host] = delegate;
-
-  GURL url("https://" + host);
-  DCHECK_EQ(url.host(), host);
-
-  URLRequest* req = new URLRequest(url, this);
-  req->set_context(ctx);
-  req->Start();
-  return true;
-}
-
-void HTTPSProber::OnAuthRequired(URLRequest* request,
-                                 AuthChallengeInfo* auth_info) {
-  Success(request);
-}
-
-void HTTPSProber::OnSSLCertificateError(URLRequest* request,
-                                        int cert_error,
-                                        X509Certificate* cert) {
-  request->ContinueDespiteLastError();
-}
-
-void HTTPSProber::OnResponseStarted(URLRequest* request) {
-  if (request->status().status() == URLRequestStatus::SUCCESS) {
-    Success(request);
-  } else {
-    Failure(request);
-  }
-}
-
-void HTTPSProber::OnReadCompleted(URLRequest* request, int bytes_read) {
-  NOTREACHED();
-}
-
-HTTPSProber::HTTPSProber() {
-}
-
-HTTPSProber::~HTTPSProber() {
-}
-
-void HTTPSProber::Success(URLRequest* request) {
-  DoCallback(request, true);
-}
-
-void HTTPSProber::Failure(URLRequest* request) {
-  DoCallback(request, false);
-}
-
-void HTTPSProber::DoCallback(URLRequest* request, bool result) {
-  std::map<std::string, HTTPSProberDelegate*>::iterator i =
-    inflight_probes_.find(request->original_url().host());
-  DCHECK(i != inflight_probes_.end());
-
-  HTTPSProberDelegate* delegate = i->second;
-  inflight_probes_.erase(i);
-  probed_.insert(request->original_url().host());
-  delete request;
-  delegate->ProbeComplete(result);
-}
-
-}  // namespace net
diff --git a/net/url_request/https_prober.h b/net/url_request/https_prober.h
deleted file mode 100644
index 467a6d8..0000000
--- a/net/url_request/https_prober.h
+++ /dev/null
@@ -1,83 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef NET_BASE_HTTPS_PROBER_H_
-#define NET_BASE_HTTPS_PROBER_H_
-#pragma once
-
-#include <map>
-#include <set>
-#include <string>
-
-#include "base/task.h"
-#include "net/url_request/url_request.h"
-
-template <typename T> struct DefaultSingletonTraits;
-
-namespace net {
-
-class URLRequestContext;
-
-// This should be scoped inside HTTPSProber, but VC cannot compile
-// HTTPProber::Delegate when HTTPSProber also inherits from
-// URLRequest::Delegate.
-class HTTPSProberDelegate {
- public:
-  virtual void ProbeComplete(bool result) = 0;
- protected:
-  virtual ~HTTPSProberDelegate() {}
-};
-
-// HTTPSProber is a singleton object that manages HTTPS probes. A HTTPS probe
-// determines if we can connect to a given host over HTTPS. It's used when
-// transparently upgrading from HTTP to HTTPS (for example, for SPDY).
-class HTTPSProber : public URLRequest::Delegate {
- public:
-  // Returns the singleton instance.
-  static HTTPSProber* GetInstance();
-
-  // HaveProbed returns true if the given host is known to have been probed
-  // since the browser was last started.
-  bool HaveProbed(const std::string& host) const;
-
-  // InFlight returns true iff a probe for the given host is currently active.
-  bool InFlight(const std::string& host) const;
-
-  // ProbeHost starts a new probe for the given host. If the host is known to
-  // have been probed since the browser was started, false is returned and no
-  // other action is taken. If a probe to the given host in currently inflight,
-  // false will be returned, and no other action is taken. Otherwise, a new
-  // probe is started, true is returned and the Delegate will be called with the
-  // results (true means a successful handshake).
-  bool ProbeHost(const std::string& host, const URLRequestContext* ctx,
-                 HTTPSProberDelegate* delegate);
-
-  // Implementation of URLRequest::Delegate
-  virtual void OnAuthRequired(URLRequest* request,
-                              AuthChallengeInfo* auth_info);
-  virtual void OnSSLCertificateError(URLRequest* request,
-                                     int cert_error,
-                                     X509Certificate* cert);
-  virtual void OnResponseStarted(URLRequest* request);
-  virtual void OnReadCompleted(URLRequest* request, int bytes_read);
-
- private:
-  friend struct DefaultSingletonTraits<HTTPSProber>;
-
-  HTTPSProber();
-  virtual ~HTTPSProber();
-
-  void Success(URLRequest* request);
-  void Failure(URLRequest* request);
-  void DoCallback(URLRequest* request, bool result);
-
-  std::map<std::string, HTTPSProberDelegate*> inflight_probes_;
-  std::set<std::string> probed_;
-
-  DISALLOW_COPY_AND_ASSIGN(HTTPSProber);
-};
-
-}  // namespace net
-
-#endif  // NET_BASE_HTTPS_PROBER_H_
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index 8b13d5b1..cdb94fa 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -36,7 +36,6 @@
 #include "net/http/http_transaction.h"
 #include "net/http/http_transaction_factory.h"
 #include "net/http/http_util.h"
-#include "net/url_request/https_prober.h"
 #include "net/url_request/url_request.h"
 #include "net/url_request/url_request_context.h"
 #include "net/url_request/url_request_error_job.h"
@@ -84,40 +83,6 @@ void AddAuthorizationHeader(
   }
 }
 
-class HTTPSProberDelegateImpl : public HTTPSProberDelegate {
- public:
-  HTTPSProberDelegateImpl(const std::string& host, int max_age,
-                          bool include_subdomains,
-                          TransportSecurityState* sts)
-      : host_(host),
-        max_age_(max_age),
-        include_subdomains_(include_subdomains),
-        sts_(sts) { }
-
-  virtual void ProbeComplete(bool result) {
-    if (result) {
-      base::Time current_time(base::Time::Now());
-      base::TimeDelta max_age_delta = base::TimeDelta::FromSeconds(max_age_);
-
-      TransportSecurityState::DomainState domain_state;
-      domain_state.expiry = current_time + max_age_delta;
-      domain_state.mode =
-          TransportSecurityState::DomainState::MODE_OPPORTUNISTIC;
-      domain_state.include_subdomains = include_subdomains_;
-
-      sts_->EnableHost(host_, domain_state);
-    }
-
-    delete this;
-  }
-
- private:
-  const std::string host_;
-  const int max_age_;
-  const bool include_subdomains_;
-  scoped_refptr<TransportSecurityState> sts_;
-};
-
 }  // namespace
 
 class URLRequestHttpJob::HttpFilterContext : public FilterContext {
@@ -233,8 +198,6 @@ URLRequestJob* URLRequestHttpJob::Factory(URLRequest* request,
                              url_parse::Component(0, strlen(kNewScheme)));
       GURL new_location = request->url().ReplaceComponents(replacements);
       return new URLRequestRedirectJob(request, new_location);
-    } else {
-      // TODO(agl): implement opportunistic HTTPS upgrade.
     }
   }
 
@@ -673,54 +636,6 @@ void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() {
     ctx->transport_security_state()->EnableHost(request_info_.url.host(),
                                                 domain_state);
   }
-
-  // TODO(agl): change this over when we have fixed things at the server end.
-  // The string should be "Opportunistic-Transport-Security";
-  name = "X-Bodge-Transport-Security";
-
-  while (response_info_->headers->EnumerateHeader(&iter, name, &value)) {
-    const bool ok = TransportSecurityState::ParseHeader(
-        value, &max_age, &include_subdomains);
-    if (!ok)
-      continue;
-    // If we saw an opportunistic request over HTTPS, then clearly we can make
-    // HTTPS connections to the host so we should remember this.
-    if (https) {
-      base::Time current_time(base::Time::Now());
-      base::TimeDelta max_age_delta = base::TimeDelta::FromSeconds(max_age);
-
-      TransportSecurityState::DomainState domain_state;
-      domain_state.expiry = current_time + max_age_delta;
-      domain_state.mode =
-          TransportSecurityState::DomainState::MODE_SPDY_ONLY;
-      domain_state.include_subdomains = include_subdomains;
-
-      ctx->transport_security_state()->EnableHost(request_info_.url.host(),
-                                                  domain_state);
-      continue;
-    }
-
-    if (!request())
-      break;
-
-    // At this point, we have a request for opportunistic encryption over HTTP.
-    // In this case we need to probe to check that we can make HTTPS
-    // connections to that host.
-    HTTPSProber* const prober = HTTPSProber::GetInstance();
-    if (prober->HaveProbed(request_info_.url.host()) ||
-        prober->InFlight(request_info_.url.host())) {
-      continue;
-    }
-
-    HTTPSProberDelegateImpl* delegate =
-        new HTTPSProberDelegateImpl(request_info_.url.host(), max_age,
-                                    include_subdomains,
-                                    ctx->transport_security_state());
-    if (!prober->ProbeHost(request_info_.url.host(), request()->context(),
-                           delegate)) {
-      delete delegate;
-    }
-  }
 }
 
 void URLRequestHttpJob::OnStartCompleted(int result) {
@@ -818,13 +733,11 @@ bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) {
     return true;
 
   TransportSecurityState::DomainState domain_state;
-  // TODO(agl): don't ignore opportunistic mode.
   const bool r = context_->transport_security_state()->IsEnabledForHost(
       &domain_state, request_info_.url.host(),
       SSLConfigService::IsSNIAvailable(context_->ssl_config_service()));
 
-  return !r || domain_state.mode ==
-               TransportSecurityState::DomainState::MODE_OPPORTUNISTIC;
+  return !r;
 }
 
 void URLRequestHttpJob::RestartTransactionWithAuth(
author	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-09-19 17:37:19 +0000
committer	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-09-19 17:37:19 +0000
commit	e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7 (patch)
tree	98b526683c84a5dde8789f7df906c77af9cb8485 /net
parent	9b4030b5b024a491c5cfb7468f7ea87f788207e2 (diff)
download	chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.zip chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.tar.gz chromium_src-e0c95a96832eb50adf7c15f9c00e728bbc9e1ec7.tar.bz2