Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(645)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/spdy/spdy_session.cc

Issue 5409004: Fix case where a SPDY stream with an un-verified cert would kill the browser... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/http/http_stream_request.cc ('K') | « net/http/http_stream_request.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/spdy/spdy_session.h" 5 #include "net/spdy/spdy_session.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/linked_ptr.h" 8 #include "base/linked_ptr.h"
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/message_loop.h" 10 #include "base/message_loop.h"
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
307 scoped_refptr<SpdyStream>* stream, 307 scoped_refptr<SpdyStream>* stream,
308 const BoundNetLog& stream_net_log) { 308 const BoundNetLog& stream_net_log) {
309 CHECK_NE(state_, CLOSED); 309 CHECK_NE(state_, CLOSED);
310 310
311 *stream = NULL; 311 *stream = NULL;
312 312
313 // Don't allow access to secure push streams over an unauthenticated, but 313 // Don't allow access to secure push streams over an unauthenticated, but
314 // encrypted SSL socket. 314 // encrypted SSL socket.
315 if (is_secure_ && certificate_error_code_ != OK && 315 if (is_secure_ && certificate_error_code_ != OK &&
316 (url.SchemeIs("https") || url.SchemeIs("wss"))) { 316 (url.SchemeIs("https") || url.SchemeIs("wss"))) {
317 LOG(DFATAL) << "Tried to get pushed spdy stream for secure content over an " 317 LOG(ERROR) << "Tried to get pushed spdy stream for secure content over an "
318 << "unauthenticated session."; 318 << "unauthenticated session.";
319 return certificate_error_code_; 319 CloseSessionOnError(static_cast<net::Error>(certificate_error_code_), true);
320 return ERR_SPDY_PROTOCOL_ERROR;
320 } 321 }
321 322
322 const std::string& path = url.PathForRequest(); 323 const std::string& path = url.PathForRequest();
323 324
324 *stream = GetActivePushStream(path); 325 *stream = GetActivePushStream(path);
325 if (stream->get()) { 326 if (stream->get()) {
326 DCHECK(streams_pushed_and_claimed_count_ < streams_pushed_count_); 327 DCHECK(streams_pushed_and_claimed_count_ < streams_pushed_count_);
327 streams_pushed_and_claimed_count_++; 328 streams_pushed_and_claimed_count_++;
328 return OK; 329 return OK;
329 } 330 }
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
404 405
405 int SpdySession::CreateStreamImpl( 406 int SpdySession::CreateStreamImpl(
406 const GURL& url, 407 const GURL& url,
407 RequestPriority priority, 408 RequestPriority priority,
408 scoped_refptr<SpdyStream>* spdy_stream, 409 scoped_refptr<SpdyStream>* spdy_stream,
409 const BoundNetLog& stream_net_log) { 410 const BoundNetLog& stream_net_log) {
410 // Make sure that we don't try to send https/wss over an unauthenticated, but 411 // Make sure that we don't try to send https/wss over an unauthenticated, but
411 // encrypted SSL socket. 412 // encrypted SSL socket.
412 if (is_secure_ && certificate_error_code_ != OK && 413 if (is_secure_ && certificate_error_code_ != OK &&
413 (url.SchemeIs("https") || url.SchemeIs("wss"))) { 414 (url.SchemeIs("https") || url.SchemeIs("wss"))) {
414 LOG(DFATAL) << "Tried to create spdy stream for secure content over an " 415 LOG(ERROR) << "Tried to create spdy stream for secure content over an "
415 << "unauthenticated session."; 416 << "unauthenticated session.";
416 return certificate_error_code_; 417 CloseSessionOnError(static_cast<net::Error>(certificate_error_code_), true);
418 return ERR_SPDY_PROTOCOL_ERROR;
417 } 419 }
418 420
419 const std::string& path = url.PathForRequest(); 421 const std::string& path = url.PathForRequest();
420 422
421 const spdy::SpdyStreamId stream_id = GetNewStreamId(); 423 const spdy::SpdyStreamId stream_id = GetNewStreamId();
422 424
423 *spdy_stream = new SpdyStream(this, 425 *spdy_stream = new SpdyStream(this,
424 stream_id, 426 stream_id,
425 false, 427 false,
426 stream_net_log); 428 stream_net_log);
(...skipping 932 matching lines...) Expand 10 before | Expand all | Expand 10 after
1359 if (it == pending_callback_map_.end()) 1361 if (it == pending_callback_map_.end())
1360 return; 1362 return;
1361 1363
1362 CompletionCallback* callback = it->second.callback; 1364 CompletionCallback* callback = it->second.callback;
1363 int result = it->second.result; 1365 int result = it->second.result;
1364 pending_callback_map_.erase(it); 1366 pending_callback_map_.erase(it);
1365 callback->Run(result); 1367 callback->Run(result);
1366 } 1368 }
1367 1369
1368 } // namespace net 1370 } // namespace net
OLDNEW
« net/http/http_stream_request.cc ('K') | « net/http/http_stream_request.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698