1*6777b538SAndroid Build Coastguard Worker // Copyright 2012 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker
5*6777b538SAndroid Build Coastguard Worker #include "net/socket/ssl_connect_job.h"
6*6777b538SAndroid Build Coastguard Worker
7*6777b538SAndroid Build Coastguard Worker #include <cstdlib>
8*6777b538SAndroid Build Coastguard Worker #include <memory>
9*6777b538SAndroid Build Coastguard Worker #include <utility>
10*6777b538SAndroid Build Coastguard Worker
11*6777b538SAndroid Build Coastguard Worker #include "base/feature_list.h"
12*6777b538SAndroid Build Coastguard Worker #include "base/functional/bind.h"
13*6777b538SAndroid Build Coastguard Worker #include "base/functional/callback_helpers.h"
14*6777b538SAndroid Build Coastguard Worker #include "base/metrics/histogram_functions.h"
15*6777b538SAndroid Build Coastguard Worker #include "base/metrics/histogram_macros.h"
16*6777b538SAndroid Build Coastguard Worker #include "net/base/connection_endpoint_metadata.h"
17*6777b538SAndroid Build Coastguard Worker #include "net/base/features.h"
18*6777b538SAndroid Build Coastguard Worker #include "net/base/host_port_pair.h"
19*6777b538SAndroid Build Coastguard Worker #include "net/base/net_errors.h"
20*6777b538SAndroid Build Coastguard Worker #include "net/base/trace_constants.h"
21*6777b538SAndroid Build Coastguard Worker #include "net/base/tracing.h"
22*6777b538SAndroid Build Coastguard Worker #include "net/base/url_util.h"
23*6777b538SAndroid Build Coastguard Worker #include "net/cert/x509_util.h"
24*6777b538SAndroid Build Coastguard Worker #include "net/http/http_proxy_connect_job.h"
25*6777b538SAndroid Build Coastguard Worker #include "net/log/net_log_source_type.h"
26*6777b538SAndroid Build Coastguard Worker #include "net/log/net_log_values.h"
27*6777b538SAndroid Build Coastguard Worker #include "net/log/net_log_with_source.h"
28*6777b538SAndroid Build Coastguard Worker #include "net/socket/client_socket_factory.h"
29*6777b538SAndroid Build Coastguard Worker #include "net/socket/client_socket_handle.h"
30*6777b538SAndroid Build Coastguard Worker #include "net/socket/socks_connect_job.h"
31*6777b538SAndroid Build Coastguard Worker #include "net/socket/ssl_client_socket.h"
32*6777b538SAndroid Build Coastguard Worker #include "net/socket/transport_connect_job.h"
33*6777b538SAndroid Build Coastguard Worker #include "net/ssl/ssl_cert_request_info.h"
34*6777b538SAndroid Build Coastguard Worker #include "net/ssl/ssl_connection_status_flags.h"
35*6777b538SAndroid Build Coastguard Worker #include "net/ssl/ssl_info.h"
36*6777b538SAndroid Build Coastguard Worker #include "third_party/abseil-cpp/absl/types/variant.h"
37*6777b538SAndroid Build Coastguard Worker #include "third_party/boringssl/src/include/openssl/pool.h"
38*6777b538SAndroid Build Coastguard Worker #include "third_party/boringssl/src/include/openssl/ssl.h"
39*6777b538SAndroid Build Coastguard Worker
40*6777b538SAndroid Build Coastguard Worker namespace net {
41*6777b538SAndroid Build Coastguard Worker
42*6777b538SAndroid Build Coastguard Worker namespace {
43*6777b538SAndroid Build Coastguard Worker
44*6777b538SAndroid Build Coastguard Worker // Timeout for the SSL handshake portion of the connect.
45*6777b538SAndroid Build Coastguard Worker constexpr base::TimeDelta kSSLHandshakeTimeout(base::Seconds(30));
46*6777b538SAndroid Build Coastguard Worker
47*6777b538SAndroid Build Coastguard Worker } // namespace
48*6777b538SAndroid Build Coastguard Worker
SSLSocketParams(ConnectJobParams nested_params,const HostPortPair & host_and_port,const SSLConfig & ssl_config,NetworkAnonymizationKey network_anonymization_key)49*6777b538SAndroid Build Coastguard Worker SSLSocketParams::SSLSocketParams(
50*6777b538SAndroid Build Coastguard Worker ConnectJobParams nested_params,
51*6777b538SAndroid Build Coastguard Worker const HostPortPair& host_and_port,
52*6777b538SAndroid Build Coastguard Worker const SSLConfig& ssl_config,
53*6777b538SAndroid Build Coastguard Worker NetworkAnonymizationKey network_anonymization_key)
54*6777b538SAndroid Build Coastguard Worker : nested_params_(nested_params),
55*6777b538SAndroid Build Coastguard Worker host_and_port_(host_and_port),
56*6777b538SAndroid Build Coastguard Worker ssl_config_(ssl_config),
57*6777b538SAndroid Build Coastguard Worker network_anonymization_key_(network_anonymization_key) {
58*6777b538SAndroid Build Coastguard Worker CHECK(!nested_params_.is_ssl());
59*6777b538SAndroid Build Coastguard Worker }
60*6777b538SAndroid Build Coastguard Worker
61*6777b538SAndroid Build Coastguard Worker SSLSocketParams::~SSLSocketParams() = default;
62*6777b538SAndroid Build Coastguard Worker
GetConnectionType() const63*6777b538SAndroid Build Coastguard Worker SSLSocketParams::ConnectionType SSLSocketParams::GetConnectionType() const {
64*6777b538SAndroid Build Coastguard Worker if (nested_params_.is_socks()) {
65*6777b538SAndroid Build Coastguard Worker return SOCKS_PROXY;
66*6777b538SAndroid Build Coastguard Worker }
67*6777b538SAndroid Build Coastguard Worker if (nested_params_.is_http_proxy()) {
68*6777b538SAndroid Build Coastguard Worker return HTTP_PROXY;
69*6777b538SAndroid Build Coastguard Worker }
70*6777b538SAndroid Build Coastguard Worker return DIRECT;
71*6777b538SAndroid Build Coastguard Worker }
72*6777b538SAndroid Build Coastguard Worker
Create(RequestPriority priority,const SocketTag & socket_tag,const CommonConnectJobParams * common_connect_job_params,scoped_refptr<SSLSocketParams> params,ConnectJob::Delegate * delegate,const NetLogWithSource * net_log)73*6777b538SAndroid Build Coastguard Worker std::unique_ptr<SSLConnectJob> SSLConnectJob::Factory::Create(
74*6777b538SAndroid Build Coastguard Worker RequestPriority priority,
75*6777b538SAndroid Build Coastguard Worker const SocketTag& socket_tag,
76*6777b538SAndroid Build Coastguard Worker const CommonConnectJobParams* common_connect_job_params,
77*6777b538SAndroid Build Coastguard Worker scoped_refptr<SSLSocketParams> params,
78*6777b538SAndroid Build Coastguard Worker ConnectJob::Delegate* delegate,
79*6777b538SAndroid Build Coastguard Worker const NetLogWithSource* net_log) {
80*6777b538SAndroid Build Coastguard Worker return std::make_unique<SSLConnectJob>(priority, socket_tag,
81*6777b538SAndroid Build Coastguard Worker common_connect_job_params,
82*6777b538SAndroid Build Coastguard Worker std::move(params), delegate, net_log);
83*6777b538SAndroid Build Coastguard Worker }
84*6777b538SAndroid Build Coastguard Worker
SSLConnectJob(RequestPriority priority,const SocketTag & socket_tag,const CommonConnectJobParams * common_connect_job_params,scoped_refptr<SSLSocketParams> params,ConnectJob::Delegate * delegate,const NetLogWithSource * net_log)85*6777b538SAndroid Build Coastguard Worker SSLConnectJob::SSLConnectJob(
86*6777b538SAndroid Build Coastguard Worker RequestPriority priority,
87*6777b538SAndroid Build Coastguard Worker const SocketTag& socket_tag,
88*6777b538SAndroid Build Coastguard Worker const CommonConnectJobParams* common_connect_job_params,
89*6777b538SAndroid Build Coastguard Worker scoped_refptr<SSLSocketParams> params,
90*6777b538SAndroid Build Coastguard Worker ConnectJob::Delegate* delegate,
91*6777b538SAndroid Build Coastguard Worker const NetLogWithSource* net_log)
92*6777b538SAndroid Build Coastguard Worker : ConnectJob(
93*6777b538SAndroid Build Coastguard Worker priority,
94*6777b538SAndroid Build Coastguard Worker socket_tag,
95*6777b538SAndroid Build Coastguard Worker // The SSLConnectJob's timer is only started during the SSL handshake.
96*6777b538SAndroid Build Coastguard Worker base::TimeDelta(),
97*6777b538SAndroid Build Coastguard Worker common_connect_job_params,
98*6777b538SAndroid Build Coastguard Worker delegate,
99*6777b538SAndroid Build Coastguard Worker net_log,
100*6777b538SAndroid Build Coastguard Worker NetLogSourceType::SSL_CONNECT_JOB,
101*6777b538SAndroid Build Coastguard Worker NetLogEventType::SSL_CONNECT_JOB_CONNECT),
102*6777b538SAndroid Build Coastguard Worker params_(std::move(params)),
103*6777b538SAndroid Build Coastguard Worker callback_(base::BindRepeating(&SSLConnectJob::OnIOComplete,
104*6777b538SAndroid Build Coastguard Worker base::Unretained(this))) {}
105*6777b538SAndroid Build Coastguard Worker
~SSLConnectJob()106*6777b538SAndroid Build Coastguard Worker SSLConnectJob::~SSLConnectJob() {
107*6777b538SAndroid Build Coastguard Worker // In the case the job was canceled, need to delete nested job first to
108*6777b538SAndroid Build Coastguard Worker // correctly order NetLog events.
109*6777b538SAndroid Build Coastguard Worker nested_connect_job_.reset();
110*6777b538SAndroid Build Coastguard Worker }
111*6777b538SAndroid Build Coastguard Worker
GetLoadState() const112*6777b538SAndroid Build Coastguard Worker LoadState SSLConnectJob::GetLoadState() const {
113*6777b538SAndroid Build Coastguard Worker switch (next_state_) {
114*6777b538SAndroid Build Coastguard Worker case STATE_TRANSPORT_CONNECT:
115*6777b538SAndroid Build Coastguard Worker case STATE_SOCKS_CONNECT:
116*6777b538SAndroid Build Coastguard Worker case STATE_TUNNEL_CONNECT:
117*6777b538SAndroid Build Coastguard Worker return LOAD_STATE_IDLE;
118*6777b538SAndroid Build Coastguard Worker case STATE_TRANSPORT_CONNECT_COMPLETE:
119*6777b538SAndroid Build Coastguard Worker case STATE_SOCKS_CONNECT_COMPLETE:
120*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->GetLoadState();
121*6777b538SAndroid Build Coastguard Worker case STATE_TUNNEL_CONNECT_COMPLETE:
122*6777b538SAndroid Build Coastguard Worker if (nested_socket_) {
123*6777b538SAndroid Build Coastguard Worker return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL;
124*6777b538SAndroid Build Coastguard Worker }
125*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->GetLoadState();
126*6777b538SAndroid Build Coastguard Worker case STATE_SSL_CONNECT:
127*6777b538SAndroid Build Coastguard Worker case STATE_SSL_CONNECT_COMPLETE:
128*6777b538SAndroid Build Coastguard Worker return LOAD_STATE_SSL_HANDSHAKE;
129*6777b538SAndroid Build Coastguard Worker default:
130*6777b538SAndroid Build Coastguard Worker NOTREACHED();
131*6777b538SAndroid Build Coastguard Worker return LOAD_STATE_IDLE;
132*6777b538SAndroid Build Coastguard Worker }
133*6777b538SAndroid Build Coastguard Worker }
134*6777b538SAndroid Build Coastguard Worker
HasEstablishedConnection() const135*6777b538SAndroid Build Coastguard Worker bool SSLConnectJob::HasEstablishedConnection() const {
136*6777b538SAndroid Build Coastguard Worker // If waiting on a nested ConnectJob, defer to that ConnectJob's state.
137*6777b538SAndroid Build Coastguard Worker if (nested_connect_job_) {
138*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->HasEstablishedConnection();
139*6777b538SAndroid Build Coastguard Worker }
140*6777b538SAndroid Build Coastguard Worker // Otherwise, return true if a socket has been created.
141*6777b538SAndroid Build Coastguard Worker return nested_socket_ || ssl_socket_;
142*6777b538SAndroid Build Coastguard Worker }
143*6777b538SAndroid Build Coastguard Worker
OnConnectJobComplete(int result,ConnectJob * job)144*6777b538SAndroid Build Coastguard Worker void SSLConnectJob::OnConnectJobComplete(int result, ConnectJob* job) {
145*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(job, nested_connect_job_.get());
146*6777b538SAndroid Build Coastguard Worker OnIOComplete(result);
147*6777b538SAndroid Build Coastguard Worker }
148*6777b538SAndroid Build Coastguard Worker
OnNeedsProxyAuth(const HttpResponseInfo & response,HttpAuthController * auth_controller,base::OnceClosure restart_with_auth_callback,ConnectJob * job)149*6777b538SAndroid Build Coastguard Worker void SSLConnectJob::OnNeedsProxyAuth(
150*6777b538SAndroid Build Coastguard Worker const HttpResponseInfo& response,
151*6777b538SAndroid Build Coastguard Worker HttpAuthController* auth_controller,
152*6777b538SAndroid Build Coastguard Worker base::OnceClosure restart_with_auth_callback,
153*6777b538SAndroid Build Coastguard Worker ConnectJob* job) {
154*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(next_state_, STATE_TUNNEL_CONNECT_COMPLETE);
155*6777b538SAndroid Build Coastguard Worker
156*6777b538SAndroid Build Coastguard Worker // The timer shouldn't have started running yet, since the handshake only
157*6777b538SAndroid Build Coastguard Worker // starts after a tunnel has been established through the proxy.
158*6777b538SAndroid Build Coastguard Worker DCHECK(!TimerIsRunning());
159*6777b538SAndroid Build Coastguard Worker
160*6777b538SAndroid Build Coastguard Worker // Just pass the callback up to the consumer. This class doesn't need to do
161*6777b538SAndroid Build Coastguard Worker // anything once credentials are provided.
162*6777b538SAndroid Build Coastguard Worker NotifyDelegateOfProxyAuth(response, auth_controller,
163*6777b538SAndroid Build Coastguard Worker std::move(restart_with_auth_callback));
164*6777b538SAndroid Build Coastguard Worker }
165*6777b538SAndroid Build Coastguard Worker
GetConnectionAttempts() const166*6777b538SAndroid Build Coastguard Worker ConnectionAttempts SSLConnectJob::GetConnectionAttempts() const {
167*6777b538SAndroid Build Coastguard Worker return connection_attempts_;
168*6777b538SAndroid Build Coastguard Worker }
169*6777b538SAndroid Build Coastguard Worker
GetResolveErrorInfo() const170*6777b538SAndroid Build Coastguard Worker ResolveErrorInfo SSLConnectJob::GetResolveErrorInfo() const {
171*6777b538SAndroid Build Coastguard Worker return resolve_error_info_;
172*6777b538SAndroid Build Coastguard Worker }
173*6777b538SAndroid Build Coastguard Worker
IsSSLError() const174*6777b538SAndroid Build Coastguard Worker bool SSLConnectJob::IsSSLError() const {
175*6777b538SAndroid Build Coastguard Worker return ssl_negotiation_started_;
176*6777b538SAndroid Build Coastguard Worker }
177*6777b538SAndroid Build Coastguard Worker
GetCertRequestInfo()178*6777b538SAndroid Build Coastguard Worker scoped_refptr<SSLCertRequestInfo> SSLConnectJob::GetCertRequestInfo() {
179*6777b538SAndroid Build Coastguard Worker return ssl_cert_request_info_;
180*6777b538SAndroid Build Coastguard Worker }
181*6777b538SAndroid Build Coastguard Worker
HandshakeTimeoutForTesting()182*6777b538SAndroid Build Coastguard Worker base::TimeDelta SSLConnectJob::HandshakeTimeoutForTesting() {
183*6777b538SAndroid Build Coastguard Worker return kSSLHandshakeTimeout;
184*6777b538SAndroid Build Coastguard Worker }
185*6777b538SAndroid Build Coastguard Worker
OnIOComplete(int result)186*6777b538SAndroid Build Coastguard Worker void SSLConnectJob::OnIOComplete(int result) {
187*6777b538SAndroid Build Coastguard Worker int rv = DoLoop(result);
188*6777b538SAndroid Build Coastguard Worker if (rv != ERR_IO_PENDING) {
189*6777b538SAndroid Build Coastguard Worker NotifyDelegateOfCompletion(rv); // Deletes |this|.
190*6777b538SAndroid Build Coastguard Worker }
191*6777b538SAndroid Build Coastguard Worker }
192*6777b538SAndroid Build Coastguard Worker
DoLoop(int result)193*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoLoop(int result) {
194*6777b538SAndroid Build Coastguard Worker TRACE_EVENT0(NetTracingCategory(), "SSLConnectJob::DoLoop");
195*6777b538SAndroid Build Coastguard Worker DCHECK_NE(next_state_, STATE_NONE);
196*6777b538SAndroid Build Coastguard Worker
197*6777b538SAndroid Build Coastguard Worker int rv = result;
198*6777b538SAndroid Build Coastguard Worker do {
199*6777b538SAndroid Build Coastguard Worker State state = next_state_;
200*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_NONE;
201*6777b538SAndroid Build Coastguard Worker switch (state) {
202*6777b538SAndroid Build Coastguard Worker case STATE_TRANSPORT_CONNECT:
203*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(OK, rv);
204*6777b538SAndroid Build Coastguard Worker rv = DoTransportConnect();
205*6777b538SAndroid Build Coastguard Worker break;
206*6777b538SAndroid Build Coastguard Worker case STATE_TRANSPORT_CONNECT_COMPLETE:
207*6777b538SAndroid Build Coastguard Worker rv = DoTransportConnectComplete(rv);
208*6777b538SAndroid Build Coastguard Worker break;
209*6777b538SAndroid Build Coastguard Worker case STATE_SOCKS_CONNECT:
210*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(OK, rv);
211*6777b538SAndroid Build Coastguard Worker rv = DoSOCKSConnect();
212*6777b538SAndroid Build Coastguard Worker break;
213*6777b538SAndroid Build Coastguard Worker case STATE_SOCKS_CONNECT_COMPLETE:
214*6777b538SAndroid Build Coastguard Worker rv = DoSOCKSConnectComplete(rv);
215*6777b538SAndroid Build Coastguard Worker break;
216*6777b538SAndroid Build Coastguard Worker case STATE_TUNNEL_CONNECT:
217*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(OK, rv);
218*6777b538SAndroid Build Coastguard Worker rv = DoTunnelConnect();
219*6777b538SAndroid Build Coastguard Worker break;
220*6777b538SAndroid Build Coastguard Worker case STATE_TUNNEL_CONNECT_COMPLETE:
221*6777b538SAndroid Build Coastguard Worker rv = DoTunnelConnectComplete(rv);
222*6777b538SAndroid Build Coastguard Worker break;
223*6777b538SAndroid Build Coastguard Worker case STATE_SSL_CONNECT:
224*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(OK, rv);
225*6777b538SAndroid Build Coastguard Worker rv = DoSSLConnect();
226*6777b538SAndroid Build Coastguard Worker break;
227*6777b538SAndroid Build Coastguard Worker case STATE_SSL_CONNECT_COMPLETE:
228*6777b538SAndroid Build Coastguard Worker rv = DoSSLConnectComplete(rv);
229*6777b538SAndroid Build Coastguard Worker break;
230*6777b538SAndroid Build Coastguard Worker default:
231*6777b538SAndroid Build Coastguard Worker NOTREACHED() << "bad state";
232*6777b538SAndroid Build Coastguard Worker rv = ERR_FAILED;
233*6777b538SAndroid Build Coastguard Worker break;
234*6777b538SAndroid Build Coastguard Worker }
235*6777b538SAndroid Build Coastguard Worker } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
236*6777b538SAndroid Build Coastguard Worker
237*6777b538SAndroid Build Coastguard Worker return rv;
238*6777b538SAndroid Build Coastguard Worker }
239*6777b538SAndroid Build Coastguard Worker
DoTransportConnect()240*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoTransportConnect() {
241*6777b538SAndroid Build Coastguard Worker DCHECK(!nested_connect_job_);
242*6777b538SAndroid Build Coastguard Worker DCHECK(params_->GetDirectConnectionParams());
243*6777b538SAndroid Build Coastguard Worker DCHECK(!TimerIsRunning());
244*6777b538SAndroid Build Coastguard Worker
245*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE;
246*6777b538SAndroid Build Coastguard Worker // If this is an ECH retry, connect to the same server as before.
247*6777b538SAndroid Build Coastguard Worker std::optional<TransportConnectJob::EndpointResultOverride>
248*6777b538SAndroid Build Coastguard Worker endpoint_result_override;
249*6777b538SAndroid Build Coastguard Worker if (ech_retry_configs_) {
250*6777b538SAndroid Build Coastguard Worker DCHECK(ssl_client_context()->config().ech_enabled);
251*6777b538SAndroid Build Coastguard Worker DCHECK(endpoint_result_);
252*6777b538SAndroid Build Coastguard Worker endpoint_result_override.emplace(*endpoint_result_, dns_aliases_);
253*6777b538SAndroid Build Coastguard Worker }
254*6777b538SAndroid Build Coastguard Worker nested_connect_job_ = std::make_unique<TransportConnectJob>(
255*6777b538SAndroid Build Coastguard Worker priority(), socket_tag(), common_connect_job_params(),
256*6777b538SAndroid Build Coastguard Worker params_->GetDirectConnectionParams(), this, &net_log(),
257*6777b538SAndroid Build Coastguard Worker std::move(endpoint_result_override));
258*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->Connect();
259*6777b538SAndroid Build Coastguard Worker }
260*6777b538SAndroid Build Coastguard Worker
DoTransportConnectComplete(int result)261*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoTransportConnectComplete(int result) {
262*6777b538SAndroid Build Coastguard Worker resolve_error_info_ = nested_connect_job_->GetResolveErrorInfo();
263*6777b538SAndroid Build Coastguard Worker ConnectionAttempts connection_attempts =
264*6777b538SAndroid Build Coastguard Worker nested_connect_job_->GetConnectionAttempts();
265*6777b538SAndroid Build Coastguard Worker connection_attempts_.insert(connection_attempts_.end(),
266*6777b538SAndroid Build Coastguard Worker connection_attempts.begin(),
267*6777b538SAndroid Build Coastguard Worker connection_attempts.end());
268*6777b538SAndroid Build Coastguard Worker if (result == OK) {
269*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_SSL_CONNECT;
270*6777b538SAndroid Build Coastguard Worker nested_socket_ = nested_connect_job_->PassSocket();
271*6777b538SAndroid Build Coastguard Worker nested_socket_->GetPeerAddress(&server_address_);
272*6777b538SAndroid Build Coastguard Worker dns_aliases_ = nested_socket_->GetDnsAliases();
273*6777b538SAndroid Build Coastguard Worker }
274*6777b538SAndroid Build Coastguard Worker
275*6777b538SAndroid Build Coastguard Worker return result;
276*6777b538SAndroid Build Coastguard Worker }
277*6777b538SAndroid Build Coastguard Worker
DoSOCKSConnect()278*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoSOCKSConnect() {
279*6777b538SAndroid Build Coastguard Worker DCHECK(!nested_connect_job_);
280*6777b538SAndroid Build Coastguard Worker DCHECK(params_->GetSocksProxyConnectionParams());
281*6777b538SAndroid Build Coastguard Worker DCHECK(!TimerIsRunning());
282*6777b538SAndroid Build Coastguard Worker
283*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_SOCKS_CONNECT_COMPLETE;
284*6777b538SAndroid Build Coastguard Worker nested_connect_job_ = std::make_unique<SOCKSConnectJob>(
285*6777b538SAndroid Build Coastguard Worker priority(), socket_tag(), common_connect_job_params(),
286*6777b538SAndroid Build Coastguard Worker params_->GetSocksProxyConnectionParams(), this, &net_log());
287*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->Connect();
288*6777b538SAndroid Build Coastguard Worker }
289*6777b538SAndroid Build Coastguard Worker
DoSOCKSConnectComplete(int result)290*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoSOCKSConnectComplete(int result) {
291*6777b538SAndroid Build Coastguard Worker resolve_error_info_ = nested_connect_job_->GetResolveErrorInfo();
292*6777b538SAndroid Build Coastguard Worker if (result == OK) {
293*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_SSL_CONNECT;
294*6777b538SAndroid Build Coastguard Worker nested_socket_ = nested_connect_job_->PassSocket();
295*6777b538SAndroid Build Coastguard Worker }
296*6777b538SAndroid Build Coastguard Worker
297*6777b538SAndroid Build Coastguard Worker return result;
298*6777b538SAndroid Build Coastguard Worker }
299*6777b538SAndroid Build Coastguard Worker
DoTunnelConnect()300*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoTunnelConnect() {
301*6777b538SAndroid Build Coastguard Worker DCHECK(!nested_connect_job_);
302*6777b538SAndroid Build Coastguard Worker DCHECK(params_->GetHttpProxyConnectionParams());
303*6777b538SAndroid Build Coastguard Worker DCHECK(!TimerIsRunning());
304*6777b538SAndroid Build Coastguard Worker
305*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_TUNNEL_CONNECT_COMPLETE;
306*6777b538SAndroid Build Coastguard Worker nested_connect_job_ = std::make_unique<HttpProxyConnectJob>(
307*6777b538SAndroid Build Coastguard Worker priority(), socket_tag(), common_connect_job_params(),
308*6777b538SAndroid Build Coastguard Worker params_->GetHttpProxyConnectionParams(), this, &net_log());
309*6777b538SAndroid Build Coastguard Worker return nested_connect_job_->Connect();
310*6777b538SAndroid Build Coastguard Worker }
311*6777b538SAndroid Build Coastguard Worker
DoTunnelConnectComplete(int result)312*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoTunnelConnectComplete(int result) {
313*6777b538SAndroid Build Coastguard Worker resolve_error_info_ = nested_connect_job_->GetResolveErrorInfo();
314*6777b538SAndroid Build Coastguard Worker nested_socket_ = nested_connect_job_->PassSocket();
315*6777b538SAndroid Build Coastguard Worker
316*6777b538SAndroid Build Coastguard Worker if (result < 0) {
317*6777b538SAndroid Build Coastguard Worker // Extract the information needed to prompt for appropriate proxy
318*6777b538SAndroid Build Coastguard Worker // authentication so that when ClientSocketPoolBaseHelper calls
319*6777b538SAndroid Build Coastguard Worker // |GetAdditionalErrorState|, we can easily set the state.
320*6777b538SAndroid Build Coastguard Worker if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
321*6777b538SAndroid Build Coastguard Worker ssl_cert_request_info_ = nested_connect_job_->GetCertRequestInfo();
322*6777b538SAndroid Build Coastguard Worker }
323*6777b538SAndroid Build Coastguard Worker return result;
324*6777b538SAndroid Build Coastguard Worker }
325*6777b538SAndroid Build Coastguard Worker
326*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_SSL_CONNECT;
327*6777b538SAndroid Build Coastguard Worker return result;
328*6777b538SAndroid Build Coastguard Worker }
329*6777b538SAndroid Build Coastguard Worker
DoSSLConnect()330*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoSSLConnect() {
331*6777b538SAndroid Build Coastguard Worker TRACE_EVENT0(NetTracingCategory(), "SSLConnectJob::DoSSLConnect");
332*6777b538SAndroid Build Coastguard Worker DCHECK(!TimerIsRunning());
333*6777b538SAndroid Build Coastguard Worker
334*6777b538SAndroid Build Coastguard Worker next_state_ = STATE_SSL_CONNECT_COMPLETE;
335*6777b538SAndroid Build Coastguard Worker
336*6777b538SAndroid Build Coastguard Worker // Set the timeout to just the time allowed for the SSL handshake.
337*6777b538SAndroid Build Coastguard Worker ResetTimer(kSSLHandshakeTimeout);
338*6777b538SAndroid Build Coastguard Worker
339*6777b538SAndroid Build Coastguard Worker // Get the transport's connect start and DNS times.
340*6777b538SAndroid Build Coastguard Worker const LoadTimingInfo::ConnectTiming& socket_connect_timing =
341*6777b538SAndroid Build Coastguard Worker nested_connect_job_->connect_timing();
342*6777b538SAndroid Build Coastguard Worker
343*6777b538SAndroid Build Coastguard Worker // Overwriting |connect_start| serves two purposes - it adjusts timing so
344*6777b538SAndroid Build Coastguard Worker // |connect_start| doesn't include dns times, and it adjusts the time so
345*6777b538SAndroid Build Coastguard Worker // as not to include time spent waiting for an idle socket.
346*6777b538SAndroid Build Coastguard Worker connect_timing_.connect_start = socket_connect_timing.connect_start;
347*6777b538SAndroid Build Coastguard Worker connect_timing_.domain_lookup_start =
348*6777b538SAndroid Build Coastguard Worker socket_connect_timing.domain_lookup_start;
349*6777b538SAndroid Build Coastguard Worker connect_timing_.domain_lookup_end = socket_connect_timing.domain_lookup_end;
350*6777b538SAndroid Build Coastguard Worker
351*6777b538SAndroid Build Coastguard Worker ssl_negotiation_started_ = true;
352*6777b538SAndroid Build Coastguard Worker connect_timing_.ssl_start = base::TimeTicks::Now();
353*6777b538SAndroid Build Coastguard Worker
354*6777b538SAndroid Build Coastguard Worker // Save the `HostResolverEndpointResult`. `nested_connect_job_` is destroyed
355*6777b538SAndroid Build Coastguard Worker // at the end of this function.
356*6777b538SAndroid Build Coastguard Worker endpoint_result_ = nested_connect_job_->GetHostResolverEndpointResult();
357*6777b538SAndroid Build Coastguard Worker
358*6777b538SAndroid Build Coastguard Worker SSLConfig ssl_config = params_->ssl_config();
359*6777b538SAndroid Build Coastguard Worker ssl_config.ignore_certificate_errors =
360*6777b538SAndroid Build Coastguard Worker *common_connect_job_params()->ignore_certificate_errors;
361*6777b538SAndroid Build Coastguard Worker ssl_config.network_anonymization_key = params_->network_anonymization_key();
362*6777b538SAndroid Build Coastguard Worker
363*6777b538SAndroid Build Coastguard Worker if (ssl_client_context()->config().ech_enabled) {
364*6777b538SAndroid Build Coastguard Worker if (ech_retry_configs_) {
365*6777b538SAndroid Build Coastguard Worker ssl_config.ech_config_list = *ech_retry_configs_;
366*6777b538SAndroid Build Coastguard Worker } else if (endpoint_result_) {
367*6777b538SAndroid Build Coastguard Worker ssl_config.ech_config_list = endpoint_result_->metadata.ech_config_list;
368*6777b538SAndroid Build Coastguard Worker }
369*6777b538SAndroid Build Coastguard Worker if (!ssl_config.ech_config_list.empty()) {
370*6777b538SAndroid Build Coastguard Worker // Overriding the DNS lookup only works for direct connections. We
371*6777b538SAndroid Build Coastguard Worker // currently do not support ECH with other connection types.
372*6777b538SAndroid Build Coastguard Worker DCHECK_EQ(params_->GetConnectionType(), SSLSocketParams::DIRECT);
373*6777b538SAndroid Build Coastguard Worker }
374*6777b538SAndroid Build Coastguard Worker }
375*6777b538SAndroid Build Coastguard Worker
376*6777b538SAndroid Build Coastguard Worker ssl_socket_ = client_socket_factory()->CreateSSLClientSocket(
377*6777b538SAndroid Build Coastguard Worker ssl_client_context(), std::move(nested_socket_), params_->host_and_port(),
378*6777b538SAndroid Build Coastguard Worker ssl_config);
379*6777b538SAndroid Build Coastguard Worker nested_connect_job_.reset();
380*6777b538SAndroid Build Coastguard Worker return ssl_socket_->Connect(callback_);
381*6777b538SAndroid Build Coastguard Worker }
382*6777b538SAndroid Build Coastguard Worker
DoSSLConnectComplete(int result)383*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::DoSSLConnectComplete(int result) {
384*6777b538SAndroid Build Coastguard Worker connect_timing_.ssl_end = base::TimeTicks::Now();
385*6777b538SAndroid Build Coastguard Worker
386*6777b538SAndroid Build Coastguard Worker if (result != OK && !server_address_.address().empty()) {
387*6777b538SAndroid Build Coastguard Worker connection_attempts_.push_back(ConnectionAttempt(server_address_, result));
388*6777b538SAndroid Build Coastguard Worker server_address_ = IPEndPoint();
389*6777b538SAndroid Build Coastguard Worker }
390*6777b538SAndroid Build Coastguard Worker
391*6777b538SAndroid Build Coastguard Worker // Historically, many servers which negotiated SHA-1 server signatures in
392*6777b538SAndroid Build Coastguard Worker // TLS 1.2 actually support SHA-2 but preferentially sign SHA-1 if available.
393*6777b538SAndroid Build Coastguard Worker // In order to get accurate metrics while deprecating SHA-1, we initially
394*6777b538SAndroid Build Coastguard Worker // connected with SHA-1 disabled and then retried with enabled.
395*6777b538SAndroid Build Coastguard Worker //
396*6777b538SAndroid Build Coastguard Worker // SHA-1 is now always disabled, but we retained the fallback to separate the
397*6777b538SAndroid Build Coastguard Worker // effect of disabling SHA-1 from the effect of having a single automatic
398*6777b538SAndroid Build Coastguard Worker // retry on a potentially unreliably network connection.
399*6777b538SAndroid Build Coastguard Worker //
400*6777b538SAndroid Build Coastguard Worker // TODO(https://crbug.com/658905): Remove this now redundant retry.
401*6777b538SAndroid Build Coastguard Worker if (disable_legacy_crypto_with_fallback_ &&
402*6777b538SAndroid Build Coastguard Worker (result == ERR_CONNECTION_CLOSED || result == ERR_CONNECTION_RESET ||
403*6777b538SAndroid Build Coastguard Worker result == ERR_SSL_PROTOCOL_ERROR ||
404*6777b538SAndroid Build Coastguard Worker result == ERR_SSL_VERSION_OR_CIPHER_MISMATCH)) {
405*6777b538SAndroid Build Coastguard Worker ResetStateForRestart();
406*6777b538SAndroid Build Coastguard Worker disable_legacy_crypto_with_fallback_ = false;
407*6777b538SAndroid Build Coastguard Worker next_state_ = GetInitialState(params_->GetConnectionType());
408*6777b538SAndroid Build Coastguard Worker return OK;
409*6777b538SAndroid Build Coastguard Worker }
410*6777b538SAndroid Build Coastguard Worker
411*6777b538SAndroid Build Coastguard Worker // We record metrics based on whether the server advertised ECH support in
412*6777b538SAndroid Build Coastguard Worker // DNS. This allows the metrics to measure the same set of servers in both
413*6777b538SAndroid Build Coastguard Worker // control and experiment group.
414*6777b538SAndroid Build Coastguard Worker const bool is_ech_capable =
415*6777b538SAndroid Build Coastguard Worker endpoint_result_ && !endpoint_result_->metadata.ech_config_list.empty();
416*6777b538SAndroid Build Coastguard Worker const bool ech_enabled = ssl_client_context()->config().ech_enabled;
417*6777b538SAndroid Build Coastguard Worker
418*6777b538SAndroid Build Coastguard Worker if (!ech_retry_configs_ && result == ERR_ECH_NOT_NEGOTIATED && ech_enabled) {
419*6777b538SAndroid Build Coastguard Worker // We used ECH, and the server could not decrypt the ClientHello. However,
420*6777b538SAndroid Build Coastguard Worker // it was able to handshake with the public name and send authenticated
421*6777b538SAndroid Build Coastguard Worker // retry configs. If this is not the first time around, retry the connection
422*6777b538SAndroid Build Coastguard Worker // with the new ECHConfigList, or with ECH disabled (empty retry configs),
423*6777b538SAndroid Build Coastguard Worker // as directed.
424*6777b538SAndroid Build Coastguard Worker //
425*6777b538SAndroid Build Coastguard Worker // See
426*6777b538SAndroid Build Coastguard Worker // https://www.ietf.org/archive/id/draft-ietf-tls-esni-13.html#section-6.1.6
427*6777b538SAndroid Build Coastguard Worker DCHECK(is_ech_capable);
428*6777b538SAndroid Build Coastguard Worker ech_retry_configs_ = ssl_socket_->GetECHRetryConfigs();
429*6777b538SAndroid Build Coastguard Worker net_log().AddEvent(
430*6777b538SAndroid Build Coastguard Worker NetLogEventType::SSL_CONNECT_JOB_RESTART_WITH_ECH_CONFIG_LIST, [&] {
431*6777b538SAndroid Build Coastguard Worker return base::Value::Dict().Set(
432*6777b538SAndroid Build Coastguard Worker "bytes", NetLogBinaryValue(*ech_retry_configs_));
433*6777b538SAndroid Build Coastguard Worker });
434*6777b538SAndroid Build Coastguard Worker
435*6777b538SAndroid Build Coastguard Worker ResetStateForRestart();
436*6777b538SAndroid Build Coastguard Worker next_state_ = GetInitialState(params_->GetConnectionType());
437*6777b538SAndroid Build Coastguard Worker return OK;
438*6777b538SAndroid Build Coastguard Worker }
439*6777b538SAndroid Build Coastguard Worker
440*6777b538SAndroid Build Coastguard Worker if (is_ech_capable && ech_enabled) {
441*6777b538SAndroid Build Coastguard Worker // These values are persisted to logs. Entries should not be renumbered
442*6777b538SAndroid Build Coastguard Worker // and numeric values should never be reused.
443*6777b538SAndroid Build Coastguard Worker enum class ECHResult {
444*6777b538SAndroid Build Coastguard Worker // The connection succeeded on the initial connection.
445*6777b538SAndroid Build Coastguard Worker kSuccessInitial = 0,
446*6777b538SAndroid Build Coastguard Worker // The connection failed on the initial connection, without providing
447*6777b538SAndroid Build Coastguard Worker // retry configs.
448*6777b538SAndroid Build Coastguard Worker kErrorInitial = 1,
449*6777b538SAndroid Build Coastguard Worker // The connection succeeded after getting retry configs.
450*6777b538SAndroid Build Coastguard Worker kSuccessRetry = 2,
451*6777b538SAndroid Build Coastguard Worker // The connection failed after getting retry configs.
452*6777b538SAndroid Build Coastguard Worker kErrorRetry = 3,
453*6777b538SAndroid Build Coastguard Worker // The connection succeeded after getting a rollback signal.
454*6777b538SAndroid Build Coastguard Worker kSuccessRollback = 4,
455*6777b538SAndroid Build Coastguard Worker // The connection failed after getting a rollback signal.
456*6777b538SAndroid Build Coastguard Worker kErrorRollback = 5,
457*6777b538SAndroid Build Coastguard Worker kMaxValue = kErrorRollback,
458*6777b538SAndroid Build Coastguard Worker };
459*6777b538SAndroid Build Coastguard Worker const bool is_ok = result == OK;
460*6777b538SAndroid Build Coastguard Worker ECHResult ech_result;
461*6777b538SAndroid Build Coastguard Worker if (!ech_retry_configs_.has_value()) {
462*6777b538SAndroid Build Coastguard Worker ech_result =
463*6777b538SAndroid Build Coastguard Worker is_ok ? ECHResult::kSuccessInitial : ECHResult::kErrorInitial;
464*6777b538SAndroid Build Coastguard Worker } else if (ech_retry_configs_->empty()) {
465*6777b538SAndroid Build Coastguard Worker ech_result =
466*6777b538SAndroid Build Coastguard Worker is_ok ? ECHResult::kSuccessRollback : ECHResult::kErrorRollback;
467*6777b538SAndroid Build Coastguard Worker } else {
468*6777b538SAndroid Build Coastguard Worker ech_result = is_ok ? ECHResult::kSuccessRetry : ECHResult::kErrorRetry;
469*6777b538SAndroid Build Coastguard Worker }
470*6777b538SAndroid Build Coastguard Worker base::UmaHistogramEnumeration("Net.SSL.ECHResult", ech_result);
471*6777b538SAndroid Build Coastguard Worker }
472*6777b538SAndroid Build Coastguard Worker
473*6777b538SAndroid Build Coastguard Worker if (result == OK) {
474*6777b538SAndroid Build Coastguard Worker DCHECK(!connect_timing_.ssl_start.is_null());
475*6777b538SAndroid Build Coastguard Worker base::TimeDelta connect_duration =
476*6777b538SAndroid Build Coastguard Worker connect_timing_.ssl_end - connect_timing_.ssl_start;
477*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_CUSTOM_TIMES("Net.SSL_Connection_Latency_2", connect_duration,
478*6777b538SAndroid Build Coastguard Worker base::Milliseconds(1), base::Minutes(1), 100);
479*6777b538SAndroid Build Coastguard Worker if (is_ech_capable) {
480*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_CUSTOM_TIMES("Net.SSL_Connection_Latency_ECH",
481*6777b538SAndroid Build Coastguard Worker connect_duration, base::Milliseconds(1),
482*6777b538SAndroid Build Coastguard Worker base::Minutes(1), 100);
483*6777b538SAndroid Build Coastguard Worker }
484*6777b538SAndroid Build Coastguard Worker
485*6777b538SAndroid Build Coastguard Worker SSLInfo ssl_info;
486*6777b538SAndroid Build Coastguard Worker bool has_ssl_info = ssl_socket_->GetSSLInfo(&ssl_info);
487*6777b538SAndroid Build Coastguard Worker DCHECK(has_ssl_info);
488*6777b538SAndroid Build Coastguard Worker
489*6777b538SAndroid Build Coastguard Worker SSLVersion version =
490*6777b538SAndroid Build Coastguard Worker SSLConnectionStatusToVersion(ssl_info.connection_status);
491*6777b538SAndroid Build Coastguard Worker UMA_HISTOGRAM_ENUMERATION("Net.SSLVersion", version,
492*6777b538SAndroid Build Coastguard Worker SSL_CONNECTION_VERSION_MAX);
493*6777b538SAndroid Build Coastguard Worker
494*6777b538SAndroid Build Coastguard Worker uint16_t cipher_suite =
495*6777b538SAndroid Build Coastguard Worker SSLConnectionStatusToCipherSuite(ssl_info.connection_status);
496*6777b538SAndroid Build Coastguard Worker base::UmaHistogramSparse("Net.SSL_CipherSuite", cipher_suite);
497*6777b538SAndroid Build Coastguard Worker
498*6777b538SAndroid Build Coastguard Worker if (ssl_info.key_exchange_group != 0) {
499*6777b538SAndroid Build Coastguard Worker base::UmaHistogramSparse("Net.SSL_KeyExchange.ECDHE",
500*6777b538SAndroid Build Coastguard Worker ssl_info.key_exchange_group);
501*6777b538SAndroid Build Coastguard Worker }
502*6777b538SAndroid Build Coastguard Worker }
503*6777b538SAndroid Build Coastguard Worker
504*6777b538SAndroid Build Coastguard Worker base::UmaHistogramSparse("Net.SSL_Connection_Error", std::abs(result));
505*6777b538SAndroid Build Coastguard Worker if (is_ech_capable) {
506*6777b538SAndroid Build Coastguard Worker base::UmaHistogramSparse("Net.SSL_Connection_Error_ECH", std::abs(result));
507*6777b538SAndroid Build Coastguard Worker }
508*6777b538SAndroid Build Coastguard Worker
509*6777b538SAndroid Build Coastguard Worker if (result == OK || IsCertificateError(result)) {
510*6777b538SAndroid Build Coastguard Worker SetSocket(std::move(ssl_socket_), std::move(dns_aliases_));
511*6777b538SAndroid Build Coastguard Worker } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
512*6777b538SAndroid Build Coastguard Worker ssl_cert_request_info_ = base::MakeRefCounted<SSLCertRequestInfo>();
513*6777b538SAndroid Build Coastguard Worker ssl_socket_->GetSSLCertRequestInfo(ssl_cert_request_info_.get());
514*6777b538SAndroid Build Coastguard Worker }
515*6777b538SAndroid Build Coastguard Worker
516*6777b538SAndroid Build Coastguard Worker return result;
517*6777b538SAndroid Build Coastguard Worker }
518*6777b538SAndroid Build Coastguard Worker
GetInitialState(SSLSocketParams::ConnectionType connection_type)519*6777b538SAndroid Build Coastguard Worker SSLConnectJob::State SSLConnectJob::GetInitialState(
520*6777b538SAndroid Build Coastguard Worker SSLSocketParams::ConnectionType connection_type) {
521*6777b538SAndroid Build Coastguard Worker switch (connection_type) {
522*6777b538SAndroid Build Coastguard Worker case SSLSocketParams::DIRECT:
523*6777b538SAndroid Build Coastguard Worker return STATE_TRANSPORT_CONNECT;
524*6777b538SAndroid Build Coastguard Worker case SSLSocketParams::HTTP_PROXY:
525*6777b538SAndroid Build Coastguard Worker return STATE_TUNNEL_CONNECT;
526*6777b538SAndroid Build Coastguard Worker case SSLSocketParams::SOCKS_PROXY:
527*6777b538SAndroid Build Coastguard Worker return STATE_SOCKS_CONNECT;
528*6777b538SAndroid Build Coastguard Worker }
529*6777b538SAndroid Build Coastguard Worker NOTREACHED();
530*6777b538SAndroid Build Coastguard Worker return STATE_NONE;
531*6777b538SAndroid Build Coastguard Worker }
532*6777b538SAndroid Build Coastguard Worker
ConnectInternal()533*6777b538SAndroid Build Coastguard Worker int SSLConnectJob::ConnectInternal() {
534*6777b538SAndroid Build Coastguard Worker next_state_ = GetInitialState(params_->GetConnectionType());
535*6777b538SAndroid Build Coastguard Worker return DoLoop(OK);
536*6777b538SAndroid Build Coastguard Worker }
537*6777b538SAndroid Build Coastguard Worker
ResetStateForRestart()538*6777b538SAndroid Build Coastguard Worker void SSLConnectJob::ResetStateForRestart() {
539*6777b538SAndroid Build Coastguard Worker ResetTimer(base::TimeDelta());
540*6777b538SAndroid Build Coastguard Worker nested_connect_job_ = nullptr;
541*6777b538SAndroid Build Coastguard Worker nested_socket_ = nullptr;
542*6777b538SAndroid Build Coastguard Worker ssl_socket_ = nullptr;
543*6777b538SAndroid Build Coastguard Worker ssl_cert_request_info_ = nullptr;
544*6777b538SAndroid Build Coastguard Worker ssl_negotiation_started_ = false;
545*6777b538SAndroid Build Coastguard Worker resolve_error_info_ = ResolveErrorInfo();
546*6777b538SAndroid Build Coastguard Worker server_address_ = IPEndPoint();
547*6777b538SAndroid Build Coastguard Worker }
548*6777b538SAndroid Build Coastguard Worker
ChangePriorityInternal(RequestPriority priority)549*6777b538SAndroid Build Coastguard Worker void SSLConnectJob::ChangePriorityInternal(RequestPriority priority) {
550*6777b538SAndroid Build Coastguard Worker if (nested_connect_job_) {
551*6777b538SAndroid Build Coastguard Worker nested_connect_job_->ChangePriority(priority);
552*6777b538SAndroid Build Coastguard Worker }
553*6777b538SAndroid Build Coastguard Worker }
554*6777b538SAndroid Build Coastguard Worker
555*6777b538SAndroid Build Coastguard Worker } // namespace net
556