diff options
| author | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-07 17:34:35 +0000 |
|---|---|---|
| committer | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-07 17:34:35 +0000 |
| commit | 6e5ad865c61adb98f8f5d4c22ecb238478a9a368 (patch) | |
| tree | 35a4a00f9bfbd561b0492ae9f65eb05416d24022 /net | |
| parent | a47105c838e106ca54496e9767371762bce4e246 (diff) | |
| download | chromium_src-6e5ad865c61adb98f8f5d4c22ecb238478a9a368.zip chromium_src-6e5ad865c61adb98f8f5d4c22ecb238478a9a368.tar.gz chromium_src-6e5ad865c61adb98f8f5d4c22ecb238478a9a368.tar.bz2 | |
Add a new method to SSLClientSocket:
was_origin_cert_sent()
This will help SpdySession decide to send a CREDENTIAL frame.
BUG=106103
TEST=none
Review URL: http://codereview.chromium.org/8817021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113409 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/socket/ssl_client_socket.cc | 11 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket.h | 10 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 5 |
3 files changed, 24 insertions, 2 deletions
diff --git a/net/socket/ssl_client_socket.cc b/net/socket/ssl_client_socket.cc index 4f87202..b1e31f5 100644 --- a/net/socket/ssl_client_socket.cc +++ b/net/socket/ssl_client_socket.cc @@ -10,7 +10,8 @@ namespace net { SSLClientSocket::SSLClientSocket() : was_npn_negotiated_(false), - was_spdy_negotiated_(false) { + was_spdy_negotiated_(false), + was_origin_bound_cert_sent_(false) { } SSLClientSocket::NextProto SSLClientSocket::NextProtoFromString( @@ -90,4 +91,12 @@ bool SSLClientSocket::set_was_spdy_negotiated(bool negotiated) { return was_spdy_negotiated_ = negotiated; } +bool SSLClientSocket::was_origin_bound_cert_sent() const { + return was_origin_bound_cert_sent_; +} + +bool SSLClientSocket::set_was_origin_bound_cert_sent(bool sent) { + return was_origin_bound_cert_sent_ = sent; +} + } // namespace net diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h index a496ed2..feaa3cf 100644 --- a/net/socket/ssl_client_socket.h +++ b/net/socket/ssl_client_socket.h @@ -146,11 +146,21 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { virtual bool set_was_spdy_negotiated(bool negotiated); + // Returns true if an origin bound certificate was sent on this connection. + // This may be useful for protocols, like SPDY, which allow the same + // connection to be shared between multiple origins, each of which need + // an origin bound certificate. + virtual bool was_origin_bound_cert_sent() const; + + virtual bool set_was_origin_bound_cert_sent(bool sent); + private: // True if NPN was responded to, independent of selecting SPDY or HTTP. bool was_npn_negotiated_; // True if NPN successfully negotiated SPDY. bool was_spdy_negotiated_; + // True if an origin bound certificate was sent. + bool was_origin_bound_cert_sent_; }; } // namespace net diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 6e62edb..6d99f28 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -1718,6 +1718,7 @@ int SSLClientSocketNSS::DoGetOBCertComplete(int result) { return MapNSSError(PORT_GetError()); GotoState(STATE_HANDSHAKE); + set_was_origin_bound_cert_sent(true); return OK; } @@ -2273,7 +2274,9 @@ SECStatus SSLClientSocketNSS::OriginBoundClientAuthHandler( // Synchronous success. int result = ImportOBCertAndKey(result_certificate, result_private_key); - if (result != OK) + if (result == OK) + set_was_origin_bound_cert_sent(true); + else rv = SECFailure; } else { rv = SECFailure; // Synchronous failure. |