Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(55)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_proxy_client_socket_pool.cc

Issue 4339001: Correctly handle SSL Client Authentication requests when connecting... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Addressing eroman's feedback Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/http/http_proxy_client_socket_pool.h ('k') | net/http/http_proxy_client_socket_pool_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/http_proxy_client_socket_pool.h" 5 #include "net/http/http_proxy_client_socket_pool.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/time.h" 9 #include "base/time.h"
10 #include "base/values.h" 10 #include "base/values.h"
(...skipping 189 matching lines...) Expand 10 before | Expand all | Expand 10 after
200 } 200 }
201 next_state_ = STATE_SSL_CONNECT_COMPLETE; 201 next_state_ = STATE_SSL_CONNECT_COMPLETE;
202 transport_socket_handle_.reset(new ClientSocketHandle()); 202 transport_socket_handle_.reset(new ClientSocketHandle());
203 return transport_socket_handle_->Init( 203 return transport_socket_handle_->Init(
204 group_name(), params_->ssl_params(), 204 group_name(), params_->ssl_params(),
205 params_->ssl_params()->tcp_params()->destination().priority(), 205 params_->ssl_params()->tcp_params()->destination().priority(),
206 &callback_, ssl_pool_, net_log()); 206 &callback_, ssl_pool_, net_log());
207 } 207 }
208 208
209 int HttpProxyConnectJob::DoSSLConnectComplete(int result) { 209 int HttpProxyConnectJob::DoSSLConnectComplete(int result) {
210 // TODO(rch): enable support for client auth to the proxy 210 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
211 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) 211 error_response_info_ = transport_socket_handle_->ssl_error_response_info();
212 return ERR_PROXY_AUTH_UNSUPPORTED; 212 DCHECK(error_response_info_.cert_request_info.get());
213 return result;
214 }
213 if (IsCertificateError(result)) { 215 if (IsCertificateError(result)) {
214 if (params_->ssl_params()->load_flags() & LOAD_IGNORE_ALL_CERT_ERRORS) 216 if (params_->ssl_params()->load_flags() & LOAD_IGNORE_ALL_CERT_ERRORS)
215 result = OK; 217 result = OK;
216 else 218 else
217 // TODO(rch): allow the user to deal with proxy cert errors in the 219 // TODO(rch): allow the user to deal with proxy cert errors in the
218 // same way as server cert errors. 220 // same way as server cert errors.
219 return ERR_PROXY_CERTIFICATE_INVALID; 221 return ERR_PROXY_CERTIFICATE_INVALID;
220 } 222 }
221 if (result < 0) { 223 if (result < 0) {
222 if (transport_socket_handle_->socket()) 224 if (transport_socket_handle_->socket())
(...skipping 16 matching lines...) Expand all
239 // need to add a predicate to this if statement so we fall through 241 // need to add a predicate to this if statement so we fall through
240 // to the else case. (HttpProxyClientSocket currently acts as 242 // to the else case. (HttpProxyClientSocket currently acts as
241 // a "trusted" SPDY proxy). 243 // a "trusted" SPDY proxy).
242 if (using_spdy_ && params_->tunnel()) 244 if (using_spdy_ && params_->tunnel())
243 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM; 245 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM;
244 else 246 else
245 next_state_ = STATE_HTTP_PROXY_CONNECT; 247 next_state_ = STATE_HTTP_PROXY_CONNECT;
246 return result; 248 return result;
247 } 249 }
248 250
251 void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) {
252 if (error_response_info_.cert_request_info) {
253 handle->set_ssl_error_response_info(error_response_info_);
254 handle->set_is_ssl_error(true);
255 }
256 }
257
249 int HttpProxyConnectJob::DoSpdyProxyCreateStream() { 258 int HttpProxyConnectJob::DoSpdyProxyCreateStream() {
250 DCHECK(using_spdy_); 259 DCHECK(using_spdy_);
251 DCHECK(params_->tunnel()); 260 DCHECK(params_->tunnel());
252 261
253 HostPortProxyPair pair(params_->destination().host_port_pair(), 262 HostPortProxyPair pair(params_->destination().host_port_pair(),
254 ProxyServer::Direct()); 263 ProxyServer::Direct());
255 SpdySessionPool* spdy_pool = params_->spdy_session_pool(); 264 SpdySessionPool* spdy_pool = params_->spdy_session_pool();
256 scoped_refptr<SpdySession> spdy_session; 265 scoped_refptr<SpdySession> spdy_session;
257 // It's possible that a session to the proxy has recently been created 266 // It's possible that a session to the proxy has recently been created
258 if (spdy_pool->HasSession(pair)) { 267 if (spdy_pool->HasSession(pair)) {
259 if (transport_socket_handle_->socket()) 268 if (transport_socket_handle_.get()) {
260 transport_socket_handle_->socket()->Disconnect(); 269 if (transport_socket_handle_->socket())
261 transport_socket_handle_->Reset(); 270 transport_socket_handle_->socket()->Disconnect();
271 transport_socket_handle_->Reset();
272 }
262 spdy_session = spdy_pool->Get(pair, params_->spdy_settings(), net_log()); 273 spdy_session = spdy_pool->Get(pair, params_->spdy_settings(), net_log());
263 } else { 274 } else {
264 // Create a session direct to the proxy itself 275 // Create a session direct to the proxy itself
265 int rv = spdy_pool->GetSpdySessionFromSocket( 276 int rv = spdy_pool->GetSpdySessionFromSocket(
266 pair, params_->spdy_settings(), transport_socket_handle_.release(), 277 pair, params_->spdy_settings(), transport_socket_handle_.release(),
267 net_log(), OK, &spdy_session, /*using_ssl_*/ true); 278 net_log(), OK, &spdy_session, /*using_ssl_*/ true);
268 if (rv < 0) { 279 if (rv < 0)
269 if (transport_socket_handle_->socket())
270 transport_socket_handle_->socket()->Disconnect();
271 return rv; 280 return rv;
272 }
273 } 281 }
274 282
275 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE; 283 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE;
276 return spdy_session->CreateStream(params_->request_url(), 284 return spdy_session->CreateStream(params_->request_url(),
277 params_->destination().priority(), 285 params_->destination().priority(),
278 &spdy_stream_, net_log(), &callback_); 286 &spdy_stream_, net_log(), &callback_);
279 } 287 }
280 288
281 int HttpProxyConnectJob::DoSpdyProxyCreateStreamComplete(int result) { 289 int HttpProxyConnectJob::DoSpdyProxyCreateStreamComplete(int result) {
282 if (result < 0) 290 if (result < 0)
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after
439 list->Append(ssl_pool_->GetInfoAsValue("ssl_socket_pool", 447 list->Append(ssl_pool_->GetInfoAsValue("ssl_socket_pool",
440 "ssl_socket_pool", 448 "ssl_socket_pool",
441 true)); 449 true));
442 } 450 }
443 dict->Set("nested_pools", list); 451 dict->Set("nested_pools", list);
444 } 452 }
445 return dict; 453 return dict;
446 } 454 }
447 455
448 } // namespace net 456 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_proxy_client_socket_pool.h ('k') | net/http/http_proxy_client_socket_pool_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698