| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_win.h" | 5 #include "net/socket/ssl_client_socket_win.h" |
| 6 | 6 |
| 7 #include <schnlsp.h> | 7 #include <schnlsp.h> |
| 8 | 8 |
| 9 #include "base/compiler_specific.h" | 9 #include "base/compiler_specific.h" |
| 10 #include "base/lock.h" | 10 #include "base/lock.h" |
| 11 #include "base/singleton.h" | 11 #include "base/singleton.h" |
| 12 #include "base/stl_util-inl.h" | 12 #include "base/stl_util-inl.h" |
| 13 #include "base/string_util.h" | 13 #include "base/string_util.h" |
| 14 #include "net/base/cert_verifier.h" | 14 #include "net/base/cert_verifier.h" |
| 15 #include "net/base/connection_type_histograms.h" | 15 #include "net/base/connection_type_histograms.h" |
| 16 #include "net/base/io_buffer.h" | 16 #include "net/base/io_buffer.h" |
| 17 #include "net/base/load_log.h" |
| 17 #include "net/base/net_errors.h" | 18 #include "net/base/net_errors.h" |
| 18 #include "net/base/ssl_cert_request_info.h" | 19 #include "net/base/ssl_cert_request_info.h" |
| 19 #include "net/base/ssl_info.h" | 20 #include "net/base/ssl_info.h" |
| 20 | 21 |
| 21 #pragma comment(lib, "secur32.lib") | 22 #pragma comment(lib, "secur32.lib") |
| 22 | 23 |
| 23 namespace net { | 24 namespace net { |
| 24 | 25 |
| 25 //----------------------------------------------------------------------------- | 26 //----------------------------------------------------------------------------- |
| 26 | 27 |
| (...skipping 392 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 cert_context2, X509Certificate::SOURCE_LONE_CERT_IMPORT); | 420 cert_context2, X509Certificate::SOURCE_LONE_CERT_IMPORT); |
| 420 cert_request_info->client_certs.push_back(cert); | 421 cert_request_info->client_certs.push_back(cert); |
| 421 } | 422 } |
| 422 | 423 |
| 423 FreeContextBuffer(issuer_list.aIssuers); | 424 FreeContextBuffer(issuer_list.aIssuers); |
| 424 | 425 |
| 425 BOOL ok = CertCloseStore(my_cert_store, CERT_CLOSE_STORE_CHECK_FLAG); | 426 BOOL ok = CertCloseStore(my_cert_store, CERT_CLOSE_STORE_CHECK_FLAG); |
| 426 DCHECK(ok); | 427 DCHECK(ok); |
| 427 } | 428 } |
| 428 | 429 |
| 429 int SSLClientSocketWin::Connect(CompletionCallback* callback) { | 430 int SSLClientSocketWin::Connect(CompletionCallback* callback, |
| 431 LoadLog* load_log) { |
| 430 DCHECK(transport_.get()); | 432 DCHECK(transport_.get()); |
| 431 DCHECK(next_state_ == STATE_NONE); | 433 DCHECK(next_state_ == STATE_NONE); |
| 432 DCHECK(!user_connect_callback_); | 434 DCHECK(!user_connect_callback_); |
| 433 | 435 |
| 436 LoadLog::BeginEvent(load_log, LoadLog::TYPE_SSL_CONNECT); |
| 437 |
| 438 int rv = InitializeSSLContext(); |
| 439 if (rv != OK) { |
| 440 LoadLog::EndEvent(load_log, LoadLog::TYPE_SSL_CONNECT); |
| 441 return rv; |
| 442 } |
| 443 |
| 444 writing_first_token_ = true; |
| 445 next_state_ = STATE_HANDSHAKE_WRITE; |
| 446 rv = DoLoop(OK); |
| 447 if (rv == ERR_IO_PENDING) { |
| 448 user_connect_callback_ = callback; |
| 449 load_log_ = load_log; |
| 450 } else { |
| 451 LoadLog::EndEvent(load_log, LoadLog::TYPE_SSL_CONNECT); |
| 452 } |
| 453 return rv; |
| 454 } |
| 455 |
| 456 int SSLClientSocketWin::InitializeSSLContext() { |
| 434 int ssl_version_mask = 0; | 457 int ssl_version_mask = 0; |
| 435 if (ssl_config_.ssl2_enabled) | 458 if (ssl_config_.ssl2_enabled) |
| 436 ssl_version_mask |= SSL2; | 459 ssl_version_mask |= SSL2; |
| 437 if (ssl_config_.ssl3_enabled) | 460 if (ssl_config_.ssl3_enabled) |
| 438 ssl_version_mask |= SSL3; | 461 ssl_version_mask |= SSL3; |
| 439 if (ssl_config_.tls1_enabled) | 462 if (ssl_config_.tls1_enabled) |
| 440 ssl_version_mask |= TLS1; | 463 ssl_version_mask |= TLS1; |
| 441 // If we pass 0 to GetCredHandle, we will let Schannel select the protocols, | 464 // If we pass 0 to GetCredHandle, we will let Schannel select the protocols, |
| 442 // rather than enabling no protocols. So we have to fail here. | 465 // rather than enabling no protocols. So we have to fail here. |
| 443 if (ssl_version_mask == 0) | 466 if (ssl_version_mask == 0) |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 480 0, // Reserved | 503 0, // Reserved |
| 481 &ctxt_, // Receives the new context handle | 504 &ctxt_, // Receives the new context handle |
| 482 &buffer_desc, | 505 &buffer_desc, |
| 483 &out_flags, | 506 &out_flags, |
| 484 &expiry); | 507 &expiry); |
| 485 if (status != SEC_I_CONTINUE_NEEDED) { | 508 if (status != SEC_I_CONTINUE_NEEDED) { |
| 486 DLOG(ERROR) << "InitializeSecurityContext failed: " << status; | 509 DLOG(ERROR) << "InitializeSecurityContext failed: " << status; |
| 487 return MapSecurityError(status); | 510 return MapSecurityError(status); |
| 488 } | 511 } |
| 489 | 512 |
| 490 writing_first_token_ = true; | 513 return OK; |
| 491 next_state_ = STATE_HANDSHAKE_WRITE; | |
| 492 int rv = DoLoop(OK); | |
| 493 if (rv == ERR_IO_PENDING) | |
| 494 user_connect_callback_ = callback; | |
| 495 return rv; | |
| 496 } | 514 } |
| 497 | 515 |
| 516 |
| 498 void SSLClientSocketWin::Disconnect() { | 517 void SSLClientSocketWin::Disconnect() { |
| 499 // TODO(wtc): Send SSL close_notify alert. | 518 // TODO(wtc): Send SSL close_notify alert. |
| 500 next_state_ = STATE_NONE; | 519 next_state_ = STATE_NONE; |
| 501 | 520 |
| 502 // Shut down anything that may call us back. | 521 // Shut down anything that may call us back. |
| 503 verifier_.reset(); | 522 verifier_.reset(); |
| 504 transport_->Disconnect(); | 523 transport_->Disconnect(); |
| 505 | 524 |
| 506 if (send_buffer_.pvBuffer) | 525 if (send_buffer_.pvBuffer) |
| 507 FreeSendBuffer(); | 526 FreeSendBuffer(); |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 611 bool SSLClientSocketWin::SetSendBufferSize(int32 size) { | 630 bool SSLClientSocketWin::SetSendBufferSize(int32 size) { |
| 612 return transport_->SetSendBufferSize(size); | 631 return transport_->SetSendBufferSize(size); |
| 613 } | 632 } |
| 614 | 633 |
| 615 void SSLClientSocketWin::OnHandshakeIOComplete(int result) { | 634 void SSLClientSocketWin::OnHandshakeIOComplete(int result) { |
| 616 int rv = DoLoop(result); | 635 int rv = DoLoop(result); |
| 617 | 636 |
| 618 // The SSL handshake has some round trips. Any error, other than waiting | 637 // The SSL handshake has some round trips. Any error, other than waiting |
| 619 // for IO, means that we've failed and need to notify the caller. | 638 // for IO, means that we've failed and need to notify the caller. |
| 620 if (rv != ERR_IO_PENDING) { | 639 if (rv != ERR_IO_PENDING) { |
| 640 LoadLog::EndEvent(load_log_, LoadLog::TYPE_SSL_CONNECT); |
| 641 load_log_ = NULL; |
| 642 |
| 621 // If there is no connect callback available to call, it had better be | 643 // If there is no connect callback available to call, it had better be |
| 622 // because we are renegotiating (which occurs because we are in the middle | 644 // because we are renegotiating (which occurs because we are in the middle |
| 623 // of a Read when the renegotiation process starts). We need to inform the | 645 // of a Read when the renegotiation process starts). We need to inform the |
| 624 // caller of the SSL error, so we complete the Read here. | 646 // caller of the SSL error, so we complete the Read here. |
| 625 if (!user_connect_callback_) { | 647 if (!user_connect_callback_) { |
| 626 DCHECK(renegotiating_); | 648 DCHECK(renegotiating_); |
| 627 CompletionCallback* c = user_read_callback_; | 649 CompletionCallback* c = user_read_callback_; |
| 628 user_read_callback_ = NULL; | 650 user_read_callback_ = NULL; |
| 629 user_read_buf_ = NULL; | 651 user_read_buf_ = NULL; |
| 630 user_read_buf_len_ = 0; | 652 user_read_buf_len_ = 0; |
| (...skipping 662 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1293 UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2_CA); | 1315 UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2_CA); |
| 1294 } | 1316 } |
| 1295 | 1317 |
| 1296 void SSLClientSocketWin::FreeSendBuffer() { | 1318 void SSLClientSocketWin::FreeSendBuffer() { |
| 1297 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); | 1319 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); |
| 1298 DCHECK(status == SEC_E_OK); | 1320 DCHECK(status == SEC_E_OK); |
| 1299 memset(&send_buffer_, 0, sizeof(send_buffer_)); | 1321 memset(&send_buffer_, 0, sizeof(send_buffer_)); |
| 1300 } | 1322 } |
| 1301 | 1323 |
| 1302 } // namespace net | 1324 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 344026:
Add LoadLog to ClientSocket::Connect(). (Closed)
