diff options
| author | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-14 02:38:50 +0000 |
|---|---|---|
| committer | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-14 02:38:50 +0000 |
| commit | cd1123f58083c4b64e805327a2f40c3e0a54a02d (patch) | |
| tree | 73c495fbff3aa34a97a5be7f69547af86238fdee /net | |
| parent | 0d2786c4ee50b3e5758e912eb4912ae81639bee8 (diff) | |
| download | chromium_src-cd1123f58083c4b64e805327a2f40c3e0a54a02d.zip chromium_src-cd1123f58083c4b64e805327a2f40c3e0a54a02d.tar.gz chromium_src-cd1123f58083c4b64e805327a2f40c3e0a54a02d.tar.bz2 | |
Disable CREDENTIALS frames when using spdy/2.1 or earlier.
Add enum for spdy/3 which is used in CREDENTIAL frame unittests.
BUG=113847
Review URL: http://codereview.chromium.org/9391027
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@121829 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/socket/ssl_client_socket.h | 1 | ||||
| -rw-r--r-- | net/spdy/spdy_http_stream_unittest.cc | 1 | ||||
| -rw-r--r-- | net/spdy/spdy_session.cc | 2 | ||||
| -rw-r--r-- | net/spdy/spdy_session_unittest.cc | 2 |
4 files changed, 6 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h index cc346c0..bafe1d4 100644 --- a/net/socket/ssl_client_socket.h +++ b/net/socket/ssl_client_socket.h @@ -87,6 +87,7 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { kProtoSPDY1 = 2, kProtoSPDY2 = 3, kProtoSPDY21 = 4, + kProtoSPDY3 = 5, }; // Gets the SSL connection information of the socket. diff --git a/net/spdy/spdy_http_stream_unittest.cc b/net/spdy/spdy_http_stream_unittest.cc index 5f1474e..bf20f9e 100644 --- a/net/spdy/spdy_http_stream_unittest.cc +++ b/net/spdy/spdy_http_stream_unittest.cc @@ -317,6 +317,7 @@ TEST_F(SpdyHttpStreamTest, SendCredentials) { SSLSocketDataProvider ssl(false, OK); ssl.origin_bound_cert_type = CLIENT_CERT_RSA_SIGN; ssl.origin_bound_cert_service = obc_service.get(); + ssl.protocol_negotiated = SSLClientSocket::kProtoSPDY3; socket_factory->AddSSLSocketDataProvider(&ssl); http_session_ = SpdySessionDependencies::SpdyCreateSessionDeterministic( &session_deps_); diff --git a/net/spdy/spdy_session.cc b/net/spdy/spdy_session.cc index 0df332d..045f7a2 100644 --- a/net/spdy/spdy_session.cc +++ b/net/spdy/spdy_session.cc @@ -553,6 +553,8 @@ bool SpdySession::NeedsCredentials(const HostPortPair& origin) const { return false; SSLClientSocket* ssl_socket = reinterpret_cast<SSLClientSocket*>(connection_->socket()); + if (ssl_socket->protocol_negotiated() < SSLClientSocket::kProtoSPDY3) + return false; if (!ssl_socket->WasOriginBoundCertSent()) return false; return !credential_state_.HasCredential(origin); diff --git a/net/spdy/spdy_session_unittest.cc b/net/spdy/spdy_session_unittest.cc index 04d3486..ad26d26 100644 --- a/net/spdy/spdy_session_unittest.cc +++ b/net/spdy/spdy_session_unittest.cc @@ -920,6 +920,7 @@ TEST_F(SpdySessionTest, NeedsCredentials) { SSLSocketDataProvider ssl(false, OK); ssl.origin_bound_cert_type = CLIENT_CERT_RSA_SIGN; + ssl.protocol_negotiated = SSLClientSocket::kProtoSPDY3; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl); scoped_refptr<HttpNetworkSession> http_session( @@ -994,6 +995,7 @@ TEST_F(SpdySessionTest, SendCredentials) { SSLSocketDataProvider ssl(false, OK); ssl.origin_bound_cert_type = CLIENT_CERT_RSA_SIGN; + ssl.protocol_negotiated = SSLClientSocket::kProtoSPDY3; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl); scoped_refptr<HttpNetworkSession> http_session( |