From 2a6b362c7563d36cf99e3954baa14bb7f6578f6c Mon Sep 17 00:00:00 2001
From: "willchan@chromium.org"
 <willchan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Fri, 19 Jun 2009 18:07:15 +0000
Subject: Linux: Fallback to SSL if server closes early during TLS handshake.
 BUG=http://crbug.com/14092 TEST=See bug for example TLS-intolerant server.

Review URL: http://codereview.chromium.org/131085

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@18830 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/ssl_client_socket_nss.cc | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'net')

diff --git a/net/base/ssl_client_socket_nss.cc b/net/base/ssl_client_socket_nss.cc
index d64d791..c48f0b0 100644
--- a/net/base/ssl_client_socket_nss.cc
+++ b/net/base/ssl_client_socket_nss.cc
@@ -691,7 +691,14 @@ int SSLClientSocketNSS::DoHandshakeRead() {
     // Done!
   } else {
     PRErrorCode prerr = PR_GetError();
-    net_error = NetErrorFromNSPRError(prerr);
+
+    // If the server closed on us, it is a protocol error.
+    // Some TLS-intolerant servers do this when we request TLS.
+    if (prerr == PR_END_OF_FILE_ERROR) {
+      net_error = ERR_SSL_PROTOCOL_ERROR;
+    } else {
+      net_error = NetErrorFromNSPRError(prerr);
+    }
 
     // If not done, stay in this state
     if (net_error == ERR_IO_PENDING) {
-- 
cgit v1.1