diff options
| author | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-08 01:51:40 +0000 |
|---|---|---|
| committer | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-08 01:51:40 +0000 |
| commit | 19b4a024c89bed91b19e7573ea67f1bb9b38012d (patch) | |
| tree | 394fe91996803a329507d969276519a6d5edbd6e /net/socket | |
| parent | 2531f9f6fd1085bb427c94829e3df89dabda3f2a (diff) | |
| download | chromium_src-19b4a024c89bed91b19e7573ea67f1bb9b38012d.zip chromium_src-19b4a024c89bed91b19e7573ea67f1bb9b38012d.tar.gz chromium_src-19b4a024c89bed91b19e7573ea67f1bb9b38012d.tar.bz2 | |
Revert 113419 - Revert 113409 - Add a new method to SSLClientSocket:
was_origin_cert_sent()
This will help SpdySession decide to send a CREDENTIAL frame.
BUG=106103
TEST=none
Review URL: http://codereview.chromium.org/8869004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113528 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket')
| -rw-r--r-- | net/socket/ssl_client_socket.cc | 11 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket.h | 10 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 6 |
3 files changed, 25 insertions, 2 deletions
diff --git a/net/socket/ssl_client_socket.cc b/net/socket/ssl_client_socket.cc index 4f87202..b1e31f5 100644 --- a/net/socket/ssl_client_socket.cc +++ b/net/socket/ssl_client_socket.cc @@ -10,7 +10,8 @@ namespace net { SSLClientSocket::SSLClientSocket() : was_npn_negotiated_(false), - was_spdy_negotiated_(false) { + was_spdy_negotiated_(false), + was_origin_bound_cert_sent_(false) { } SSLClientSocket::NextProto SSLClientSocket::NextProtoFromString( @@ -90,4 +91,12 @@ bool SSLClientSocket::set_was_spdy_negotiated(bool negotiated) { return was_spdy_negotiated_ = negotiated; } +bool SSLClientSocket::was_origin_bound_cert_sent() const { + return was_origin_bound_cert_sent_; +} + +bool SSLClientSocket::set_was_origin_bound_cert_sent(bool sent) { + return was_origin_bound_cert_sent_ = sent; +} + } // namespace net diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h index 858f3fb..c847e9f 100644 --- a/net/socket/ssl_client_socket.h +++ b/net/socket/ssl_client_socket.h @@ -126,11 +126,21 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { virtual bool set_was_spdy_negotiated(bool negotiated); + // Returns true if an origin bound certificate was sent on this connection. + // This may be useful for protocols, like SPDY, which allow the same + // connection to be shared between multiple origins, each of which need + // an origin bound certificate. + virtual bool was_origin_bound_cert_sent() const; + + virtual bool set_was_origin_bound_cert_sent(bool sent); + private: // True if NPN was responded to, independent of selecting SPDY or HTTP. bool was_npn_negotiated_; // True if NPN successfully negotiated SPDY. bool was_spdy_negotiated_; + // True if an origin bound certificate was sent. + bool was_origin_bound_cert_sent_; }; } // namespace net diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 3e9907b..6c16c4a 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -1717,6 +1717,7 @@ int SSLClientSocketNSS::DoGetOBCertComplete(int result) { return MapNSSError(PORT_GetError()); GotoState(STATE_HANDSHAKE); + set_was_origin_bound_cert_sent(true); return OK; } @@ -2272,8 +2273,11 @@ SECStatus SSLClientSocketNSS::OriginBoundClientAuthHandler( // Synchronous success. int result = ImportOBCertAndKey(result_certificate, result_private_key); - if (result != OK) + if (result == OK) { + set_was_origin_bound_cert_sent(true); + } else { rv = SECFailure; + } } else { rv = SECFailure; // Synchronous failure. } |