summaryrefslogtreecommitdiffstats
path: root/net/socket/ssl_client_socket_win.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket/ssl_client_socket_win.cc')
-rw-r--r--net/socket/ssl_client_socket_win.cc8
1 files changed, 8 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_win.cc b/net/socket/ssl_client_socket_win.cc
index 5acfa0f..5d464b5 100644
--- a/net/socket/ssl_client_socket_win.cc
+++ b/net/socket/ssl_client_socket_win.cc
@@ -58,6 +58,7 @@ static int MapSecurityError(SECURITY_STATUS err) {
case SEC_E_ALGORITHM_MISMATCH:
return ERR_SSL_VERSION_OR_CIPHER_MISMATCH;
case SEC_E_INVALID_HANDLE:
+ case SEC_E_INVALID_TOKEN:
return ERR_UNEXPECTED;
case SEC_E_OK:
return OK;
@@ -882,6 +883,13 @@ int SSLClientSocketWin::DidCallInitializeSecurityContext() {
if (isc_status_ == SEC_I_INCOMPLETE_CREDENTIALS)
return ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
+ if (isc_status_ == SEC_I_NO_RENEGOTIATION) {
+ // Received a no_renegotiation alert message. Although this is just a
+ // warning, SChannel doesn't seem to allow us to continue after this
+ // point, so we have to return an error. See http://crbug.com/36835.
+ return ERR_SSL_NO_RENEGOTIATION;
+ }
+
DCHECK(isc_status_ == SEC_I_CONTINUE_NEEDED);
if (in_buffers_[1].BufferType == SECBUFFER_EXTRA) {
memmove(recv_buffer_.get(),
generated by cgit v1.1 at 2025-02-07 14:51:24 +0000