diff options
| author | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-13 06:48:11 +0000 |
|---|---|---|
| committer | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-13 06:48:11 +0000 |
| commit | b1c988bcd7869765e1bd56e592787af123340516 (patch) | |
| tree | 3aafa3d0ddd90d90e059c0a38dd2d7a465fc81c1 /jingle | |
| parent | 9dcdbbef52460de45070d815eb1ad735d120ae07 (diff) | |
| download | chromium_src-b1c988bcd7869765e1bd56e592787af123340516.zip chromium_src-b1c988bcd7869765e1bd56e592787af123340516.tar.gz chromium_src-b1c988bcd7869765e1bd56e592787af123340516.tar.bz2 | |
Give more request types a TransportSecurityState.
DCHECK on NULL TransportSecurityState, as a precursor to a real CHECK. It
should be an error to try to connect with an SSL client socket without
having a live TSS.
BUG=246724
Review URL: https://chromiumcodereview.appspot.com/16501002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@206013 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'jingle')
| -rw-r--r-- | jingle/glue/chrome_async_socket_unittest.cc | 6 | ||||
| -rw-r--r-- | jingle/glue/proxy_resolving_client_socket.cc | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/jingle/glue/chrome_async_socket_unittest.cc b/jingle/glue/chrome_async_socket_unittest.cc index a6f1487..d493578 100644 --- a/jingle/glue/chrome_async_socket_unittest.cc +++ b/jingle/glue/chrome_async_socket_unittest.cc @@ -16,6 +16,7 @@ #include "net/base/net_errors.h" #include "net/base/net_util.h" #include "net/cert/mock_cert_verifier.h" +#include "net/http/transport_security_state.h" #include "net/socket/socket_test_util.h" #include "net/socket/ssl_client_socket.h" #include "net/ssl/ssl_config_service.h" @@ -107,7 +108,8 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { const net::AddressList& address_list) : mock_client_socket_factory_(mock_client_socket_factory), address_list_(address_list), - cert_verifier_(new net::MockCertVerifier) { + cert_verifier_(new net::MockCertVerifier), + transport_security_state_(new net::TransportSecurityState) { } // ResolvingClientSocketFactory implementation. @@ -122,6 +124,7 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { const net::HostPortPair& host_and_port) OVERRIDE { net::SSLClientSocketContext context; context.cert_verifier = cert_verifier_.get(); + context.transport_security_state = transport_security_state_.get(); return mock_client_socket_factory_->CreateSSLClientSocket( transport_socket, host_and_port, ssl_config_, context); } @@ -131,6 +134,7 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { net::AddressList address_list_; net::SSLConfig ssl_config_; scoped_ptr<net::CertVerifier> cert_verifier_; + scoped_ptr<net::TransportSecurityState> transport_security_state_; }; class ChromeAsyncSocketTest diff --git a/jingle/glue/proxy_resolving_client_socket.cc b/jingle/glue/proxy_resolving_client_socket.cc index 23ad12d..d63411b 100644 --- a/jingle/glue/proxy_resolving_client_socket.cc +++ b/jingle/glue/proxy_resolving_client_socket.cc @@ -54,10 +54,10 @@ ProxyResolvingClientSocket::ProxyResolvingClientSocket( session_params.client_socket_factory = socket_factory; session_params.host_resolver = request_context->host_resolver(); session_params.cert_verifier = request_context->cert_verifier(); + session_params.transport_security_state = + request_context->transport_security_state(); // TODO(rkn): This is NULL because ServerBoundCertService is not thread safe. session_params.server_bound_cert_service = NULL; - // transport_security_state is NULL because it's not thread safe. - session_params.transport_security_state = NULL; session_params.proxy_service = request_context->proxy_service(); session_params.ssl_config_service = request_context->ssl_config_service(); session_params.http_auth_handler_factory = |