From a1cb2cdefd0aabd32581017079fc56eafe369756 Mon Sep 17 00:00:00 2001 From: "rsleevi@chromium.org" Date: Sat, 5 Feb 2011 02:02:08 +0000 Subject: Return more specific error messages when performing a SSL client auth handshake and an error signing with the certificate private key is encountered, rather than using ERR_FAILED/ERR_SSL_PROTOCOL_ERROR. BUG=69609 TEST=none Review URL: http://codereview.chromium.org/6371014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@73891 0039d316-1c4b-4281-b951-d872f2087c98 --- net/http/http_network_transaction.cc | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'net/http') diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index a31fb17..e0967c6 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -77,6 +77,19 @@ void ProcessAlternateProtocol(HttpStreamFactory* factory, http_host_port_pair); } +// Returns true if |error| is a client certificate authentication error. +bool IsClientCertificateError(int error) { + switch (error) { + case ERR_BAD_SSL_CLIENT_AUTH_CERT: + case ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED: + case ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY: + case ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED: + return true; + default: + return false; + } +} + } // namespace //----------------------------------------------------------------------------- @@ -1019,8 +1032,7 @@ int HttpNetworkTransaction::HandleCertificateRequest(int error) { int HttpNetworkTransaction::HandleSSLHandshakeError(int error) { DCHECK(request_); if (ssl_config_.send_client_cert && - (error == ERR_SSL_PROTOCOL_ERROR || - error == ERR_BAD_SSL_CLIENT_AUTH_CERT)) { + (error == ERR_SSL_PROTOCOL_ERROR || IsClientCertificateError(error))) { session_->ssl_client_auth_cache()->Remove( GetHostAndPort(request_->url)); } -- cgit v1.1