diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-11 19:59:30 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-11 19:59:30 +0000 |
| commit | bd0b6778c885135de711d97b1dae8524168e53e3 (patch) | |
| tree | fa0719625c15a24ce28e3b03e6939f0d0e6f08bb /net/socket/socket_test_util.h | |
| parent | ad1b24adf0c69b9353ac256db6e9bb2bdb09c131 (diff) | |
| download | chromium_src-bd0b6778c885135de711d97b1dae8524168e53e3.zip chromium_src-bd0b6778c885135de711d97b1dae8524168e53e3.tar.gz chromium_src-bd0b6778c885135de711d97b1dae8524168e53e3.tar.bz2 | |
net: Ensure that when using False Start + client auth, bad client certificates are not cached.
If an SSL handshake fails when client certificates are used, ensure that
the client certificate selected is removed from the SSL client auth
cache. This ensures that the user is prompted to select a certificate
again, as the cause of the failure may have been due to selecting the
wrong certificate or selecting no certificate when one is required.
The existing logic worked when TLS False Start was disabled, but could
fail when False Start was used or when the peer requests renegotiation.
This changes ensures the client certificate is removed from the cache by
moving the cache removal layer from the HttpStreamRequest to the
HttpNetworkTransaction.
Patch by: Ryan Sleevi
BUG=66424
TEST=HttpNetworkTransactionTest.ClientAuthCertCache*
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71071 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/socket_test_util.h')
| -rw-r--r-- | net/socket/socket_test_util.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/net/socket/socket_test_util.h b/net/socket/socket_test_util.h index 91f8fc9..1e09708 100644 --- a/net/socket/socket_test_util.h +++ b/net/socket/socket_test_util.h @@ -245,12 +245,14 @@ struct SSLSocketDataProvider { SSLSocketDataProvider(bool async, int result) : connect(async, result), next_proto_status(SSLClientSocket::kNextProtoUnsupported), - was_npn_negotiated(false) { } + was_npn_negotiated(false), + cert_request_info(NULL) { } MockConnect connect; SSLClientSocket::NextProtoStatus next_proto_status; std::string next_proto; bool was_npn_negotiated; + net::SSLCertRequestInfo* cert_request_info; }; // A DataProvider where the client must write a request before the reads (e.g. @@ -714,6 +716,8 @@ class MockSSLClientSocket : public MockClientSocket { // SSLClientSocket methods: virtual void GetSSLInfo(net::SSLInfo* ssl_info); + virtual void GetSSLCertRequestInfo( + net::SSLCertRequestInfo* cert_request_info); virtual NextProtoStatus GetNextProto(std::string* proto); virtual bool was_npn_negotiated() const; virtual bool set_was_npn_negotiated(bool negotiated); |