diff options
| author | toyoshim@chromium.org <toyoshim@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-09 20:04:30 +0000 |
|---|---|---|
| committer | toyoshim@chromium.org <toyoshim@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-09 20:04:30 +0000 |
| commit | efacfe3516e3064810fa9c085e9920fbb6e21968 (patch) | |
| tree | e1a7fbe7460774d36c7a5997cc38c83a52196e14 /net/socket_stream/socket_stream.cc | |
| parent | 64e266915ffab2a2cd3757125b9ec51b5a35ffa5 (diff) | |
| download | chromium_src-efacfe3516e3064810fa9c085e9920fbb6e21968.zip chromium_src-efacfe3516e3064810fa9c085e9920fbb6e21968.tar.gz chromium_src-efacfe3516e3064810fa9c085e9920fbb6e21968.tar.bz2 | |
OnSSLCertificateError delegate chain back to SocketStreamDispatcherHost
SSL cert errors must be handled by SSLManager.
This change provide delegate chain back to SocketStreamDispatcherHost to
handle the error by SSLManager here.
BUG=53836
TEST=run existing unit tests because this change is a kind of refactoring
Review URL: http://codereview.chromium.org/9454011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@125882 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket_stream/socket_stream.cc')
| -rw-r--r-- | net/socket_stream/socket_stream.cc | 46 |
1 files changed, 34 insertions, 12 deletions
diff --git a/net/socket_stream/socket_stream.cc b/net/socket_stream/socket_stream.cc index 935debd..9da4456 100644 --- a/net/socket_stream/socket_stream.cc +++ b/net/socket_stream/socket_stream.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. // @@ -255,6 +255,19 @@ void SocketStream::SetClientSocketFactory( factory_ = factory; } +void SocketStream::CancelBecauseOfCertError(const SSLInfo& ssl_info) { + MessageLoop::current()->PostTask( + FROM_HERE, + base::Bind(&SocketStream::DoLoop, this, + MapCertStatusToNetError(ssl_info.cert_status))); +} + +void SocketStream::ContinueDespiteCertError() { + MessageLoop::current()->PostTask( + FROM_HERE, + base::Bind(&SocketStream::DoLoop, this, OK)); +} + SocketStream::~SocketStream() { set_context(NULL); DCHECK(!delegate_); @@ -1170,17 +1183,26 @@ void SocketStream::DoRestartWithAuth() { } int SocketStream::HandleCertificateError(int result) { - // TODO(ukai): handle cert error properly. - switch (result) { - case ERR_CERT_COMMON_NAME_INVALID: - case ERR_CERT_DATE_INVALID: - case ERR_CERT_AUTHORITY_INVALID: - result = OK; - break; - default: - break; - } - return result; + DCHECK(IsCertificateError(result)); + + if (!delegate_) + return result; + + SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(socket_.get()); + DCHECK(ssl_socket); + SSLInfo ssl_info; + ssl_socket->GetSSLInfo(&ssl_info); + + TransportSecurityState::DomainState domain_state; + DCHECK(context_); + const bool fatal = + context_->transport_security_state() && + context_->transport_security_state()->GetDomainState( + &domain_state, url_.host(), + SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); + + delegate_->OnSSLCertificateError(this, ssl_info, fatal); + return ERR_IO_PENDING; } SSLConfigService* SocketStream::ssl_config_service() const { |