| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/ssl_client_socket_win.h" | 5 #include "net/base/ssl_client_socket_win.h" |
| 6 | 6 |
| 7 #include <schnlsp.h> | 7 #include <schnlsp.h> |
| 8 | 8 |
| 9 #include "base/lock.h" | 9 #include "base/lock.h" |
| 10 #include "base/singleton.h" | 10 #include "base/singleton.h" |
| (...skipping 597 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 608 memmove(recv_buffer_.get(), | 608 memmove(recv_buffer_.get(), |
| 609 recv_buffer_.get() + (bytes_received_ - in_buffers_[1].cbBuffer), | 609 recv_buffer_.get() + (bytes_received_ - in_buffers_[1].cbBuffer), |
| 610 in_buffers_[1].cbBuffer); | 610 in_buffers_[1].cbBuffer); |
| 611 bytes_received_ = in_buffers_[1].cbBuffer; | 611 bytes_received_ = in_buffers_[1].cbBuffer; |
| 612 } else { | 612 } else { |
| 613 bytes_received_ = 0; | 613 bytes_received_ = 0; |
| 614 } | 614 } |
| 615 return DidCompleteHandshake(); | 615 return DidCompleteHandshake(); |
| 616 } | 616 } |
| 617 | 617 |
| 618 if (FAILED(isc_status_)) | 618 if (FAILED(isc_status_)) { |
| 619 return MapSecurityError(isc_status_); | 619 int result = MapSecurityError(isc_status_); |
| 620 // We told Schannel to not verify the server certificate |
| 621 // (SCH_CRED_MANUAL_CRED_VALIDATION), so any certificate error returned by |
| 622 // InitializeSecurityContext must be referring to the (missing) client |
| 623 // certificate. |
| 624 if (IsCertificateError(result)) { |
| 625 // TODO(wtc): When we support SSL client authentication, we will need to |
| 626 // add new error codes for client certificate errors reported by the |
| 627 // server using SSL/TLS alert messages. See http://crbug.com/318. See |
| 628 // also the MSDN page "Schannel Error Codes for TLS and SSL Alerts", |
| 629 // which maps TLS alert messages to Windows error codes: |
| 630 // http://msdn.microsoft.com/en-us/library/dd721886%28VS.85%29.aspx |
| 631 return ERR_SSL_CLIENT_AUTH_CERT_NEEDED; |
| 632 } |
| 633 return result; |
| 634 } |
| 620 | 635 |
| 621 if (isc_status_ == SEC_I_INCOMPLETE_CREDENTIALS) { | 636 if (isc_status_ == SEC_I_INCOMPLETE_CREDENTIALS) { |
| 622 // We don't support SSL client authentication yet. For now we just set | 637 // We don't support SSL client authentication yet. For now we just set |
| 623 // no_client_cert_ to true and call InitializeSecurityContext again. | 638 // no_client_cert_ to true and call InitializeSecurityContext again. |
| 624 no_client_cert_ = true; | 639 no_client_cert_ = true; |
| 625 next_state_ = STATE_HANDSHAKE_READ_COMPLETE; | 640 next_state_ = STATE_HANDSHAKE_READ_COMPLETE; |
| 626 ignore_ok_result_ = true; // OK doesn't mean EOF. | 641 ignore_ok_result_ = true; // OK doesn't mean EOF. |
| 627 return OK; | 642 return OK; |
| 628 } | 643 } |
| 629 | 644 |
| (...skipping 349 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 979 } | 994 } |
| 980 } | 995 } |
| 981 | 996 |
| 982 void SSLClientSocketWin::FreeSendBuffer() { | 997 void SSLClientSocketWin::FreeSendBuffer() { |
| 983 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); | 998 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); |
| 984 DCHECK(status == SEC_E_OK); | 999 DCHECK(status == SEC_E_OK); |
| 985 memset(&send_buffer_, 0, sizeof(send_buffer_)); | 1000 memset(&send_buffer_, 0, sizeof(send_buffer_)); |
| 986 } | 1001 } |
| 987 | 1002 |
| 988 } // namespace net | 1003 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 115361:
Backport r16026 from the trunk to the 172 branch.... (Closed)
Base URL: svn://chrome-svn.corp.google.com/chrome/branches/172/src/