From b1c988bcd7869765e1bd56e592787af123340516 Mon Sep 17 00:00:00 2001 From: "palmer@chromium.org" Date: Thu, 13 Jun 2013 06:48:11 +0000 Subject: Give more request types a TransportSecurityState. DCHECK on NULL TransportSecurityState, as a precursor to a real CHECK. It should be an error to try to connect with an SSL client socket without having a live TSS. BUG=246724 Review URL: https://chromiumcodereview.appspot.com/16501002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@206013 0039d316-1c4b-4281-b951-d872f2087c98 --- jingle/glue/chrome_async_socket_unittest.cc | 6 +++++- jingle/glue/proxy_resolving_client_socket.cc | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'jingle') diff --git a/jingle/glue/chrome_async_socket_unittest.cc b/jingle/glue/chrome_async_socket_unittest.cc index a6f1487..d493578 100644 --- a/jingle/glue/chrome_async_socket_unittest.cc +++ b/jingle/glue/chrome_async_socket_unittest.cc @@ -16,6 +16,7 @@ #include "net/base/net_errors.h" #include "net/base/net_util.h" #include "net/cert/mock_cert_verifier.h" +#include "net/http/transport_security_state.h" #include "net/socket/socket_test_util.h" #include "net/socket/ssl_client_socket.h" #include "net/ssl/ssl_config_service.h" @@ -107,7 +108,8 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { const net::AddressList& address_list) : mock_client_socket_factory_(mock_client_socket_factory), address_list_(address_list), - cert_verifier_(new net::MockCertVerifier) { + cert_verifier_(new net::MockCertVerifier), + transport_security_state_(new net::TransportSecurityState) { } // ResolvingClientSocketFactory implementation. @@ -122,6 +124,7 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { const net::HostPortPair& host_and_port) OVERRIDE { net::SSLClientSocketContext context; context.cert_verifier = cert_verifier_.get(); + context.transport_security_state = transport_security_state_.get(); return mock_client_socket_factory_->CreateSSLClientSocket( transport_socket, host_and_port, ssl_config_, context); } @@ -131,6 +134,7 @@ class MockXmppClientSocketFactory : public ResolvingClientSocketFactory { net::AddressList address_list_; net::SSLConfig ssl_config_; scoped_ptr cert_verifier_; + scoped_ptr transport_security_state_; }; class ChromeAsyncSocketTest diff --git a/jingle/glue/proxy_resolving_client_socket.cc b/jingle/glue/proxy_resolving_client_socket.cc index 23ad12d..d63411b 100644 --- a/jingle/glue/proxy_resolving_client_socket.cc +++ b/jingle/glue/proxy_resolving_client_socket.cc @@ -54,10 +54,10 @@ ProxyResolvingClientSocket::ProxyResolvingClientSocket( session_params.client_socket_factory = socket_factory; session_params.host_resolver = request_context->host_resolver(); session_params.cert_verifier = request_context->cert_verifier(); + session_params.transport_security_state = + request_context->transport_security_state(); // TODO(rkn): This is NULL because ServerBoundCertService is not thread safe. session_params.server_bound_cert_service = NULL; - // transport_security_state is NULL because it's not thread safe. - session_params.transport_security_state = NULL; session_params.proxy_service = request_context->proxy_service(); session_params.ssl_config_service = request_context->ssl_config_service(); session_params.http_auth_handler_factory = -- cgit v1.1