net: comment/TODO cleanup and clarification, and don't raise ERR_SSL_PROTOCOL_ERROR for user_cancelled TLS alerts on Mac.

TBR=wtc BUG=none TEST=none Review URL: http://codereview.chromium.org/3938002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63199 0039d316-1c4b-4281-b951-d872f2087c98
author: rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-20 10:47:31 +0000
committer: rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-20 10:47:31 +0000
commit: e97c2822866796a872cb59c12a5e831e98b085d3 (patch)
tree: ea0985131c7a9f27ef6ff9697675013b6eca0981 /net/socket/ssl_client_socket_mac.cc
parent: f3625a55205a8944a77f6fe07f2c0d96f9fb31b7 (diff)
download: chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.zip
chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.tar.gz
chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.tar.bz2
1 files changed, 9 insertions, 5 deletions
diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc
index 918b6b8..6a8270e 100644
--- a/net/socket/ssl_client_socket_mac.cc
+++ b/net/socket/ssl_client_socket_mac.cc
@@ -164,7 +164,6 @@ int NetErrorFromOSStatus(OSStatus status) {
     case errSSLPeerHandshakeFail:  // Received a handshake_failure alert.
     case errSSLPeerNoRenegotiation:  // Received a no_renegotiation alert
     case errSSLPeerUnexpectedMsg:  // Received an unexpected_message alert.
-    case errSSLPeerUserCancelled:  // Received a user_cancelled alert.
     case errSSLProtocol:
     case errSSLRecordOverflow:
       return ERR_SSL_PROTOCOL_ERROR;
@@ -186,12 +185,17 @@ int NetErrorFromOSStatus(OSStatus status) {
 
     // (Note that all errSSLPeer* codes indicate errors reported by the peer,
     // so the cert-related ones refer to my _client_ cert.)
+    // TODO(wtc): Add fine-grained error codes for client certificate errors
+    // reported by the server using the following SSL/TLS alert messages:
+    //   access_denied
+    //   bad_certificate
+    //   unsupported_certificate
+    //   certificate_expired
+    //   certificate_revoked
+    //   certificate_unknown
+    //   unknown_ca
     case errSSLPeerCertUnknown...errSSLPeerBadCert:
     case errSSLPeerUnknownCA:
-    // TODO(rsleevi): Add a new error code for access_denied - the peer has
-    // accepted the certificate as valid, but denied access to the requested
-    // resource. Returning ERR_BAD_SSL_CLIENT_AUTH simply gives the user a
-    // chance to select a new certificate, if they have one, and try again.
     case errSSLPeerAccessDenied:
       LOG(WARNING) << "Server rejected client cert (OSStatus=" << status << ")";
       return ERR_BAD_SSL_CLIENT_AUTH_CERT;
author	rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-20 10:47:31 +0000
committer	rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-20 10:47:31 +0000
commit	e97c2822866796a872cb59c12a5e831e98b085d3 (patch)
tree	ea0985131c7a9f27ef6ff9697675013b6eca0981 /net/socket/ssl_client_socket_mac.cc
parent	f3625a55205a8944a77f6fe07f2c0d96f9fb31b7 (diff)
download	chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.zip chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.tar.gz chromium_src-e97c2822866796a872cb59c12a5e831e98b085d3.tar.bz2