Chromium Code Reviews Chromium Code Reviews
Issue 5409004:
Fix case where a SPDY stream with an un-verified cert would kill the browser... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/spdy/spdy_session.h" | 5 #include "net/spdy/spdy_session.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/linked_ptr.h" | 8 #include "base/linked_ptr.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| (...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 307 scoped_refptr<SpdyStream>* stream, | 307 scoped_refptr<SpdyStream>* stream, |
| 308 const BoundNetLog& stream_net_log) { | 308 const BoundNetLog& stream_net_log) { |
| 309 CHECK_NE(state_, CLOSED); | 309 CHECK_NE(state_, CLOSED); |
| 310 | 310 |
| 311 *stream = NULL; | 311 *stream = NULL; |
| 312 | 312 |
| 313 // Don't allow access to secure push streams over an unauthenticated, but | 313 // Don't allow access to secure push streams over an unauthenticated, but |
| 314 // encrypted SSL socket. | 314 // encrypted SSL socket. |
| 315 if (is_secure_ && certificate_error_code_ != OK && | 315 if (is_secure_ && certificate_error_code_ != OK && |
| 316 (url.SchemeIs("https") || url.SchemeIs("wss"))) { | 316 (url.SchemeIs("https") || url.SchemeIs("wss"))) { |
| 317 LOG(DFATAL) << "Tried to get pushed spdy stream for secure content over an " | 317 LOG(ERROR) << "Tried to get pushed spdy stream for secure content over an " |
|
willchan no longer on Chromium
2010/12/02 23:02:45
Why is this ERROR instead of DFATAL? It's a bug i
| |
| 318 << "unauthenticated session."; | 318 << "unauthenticated session."; |
| 319 return certificate_error_code_; | 319 CloseSessionOnError(static_cast<net::Error>(certificate_error_code_), true); |
| 320 return ERR_SPDY_PROTOCOL_ERROR; | |
| 320 } | 321 } |
| 321 | 322 |
| 322 const std::string& path = url.PathForRequest(); | 323 const std::string& path = url.PathForRequest(); |
| 323 | 324 |
| 324 *stream = GetActivePushStream(path); | 325 *stream = GetActivePushStream(path); |
| 325 if (stream->get()) { | 326 if (stream->get()) { |
| 326 DCHECK(streams_pushed_and_claimed_count_ < streams_pushed_count_); | 327 DCHECK(streams_pushed_and_claimed_count_ < streams_pushed_count_); |
| 327 streams_pushed_and_claimed_count_++; | 328 streams_pushed_and_claimed_count_++; |
| 328 return OK; | 329 return OK; |
| 329 } | 330 } |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 404 | 405 |
| 405 int SpdySession::CreateStreamImpl( | 406 int SpdySession::CreateStreamImpl( |
| 406 const GURL& url, | 407 const GURL& url, |
| 407 RequestPriority priority, | 408 RequestPriority priority, |
| 408 scoped_refptr<SpdyStream>* spdy_stream, | 409 scoped_refptr<SpdyStream>* spdy_stream, |
| 409 const BoundNetLog& stream_net_log) { | 410 const BoundNetLog& stream_net_log) { |
| 410 // Make sure that we don't try to send https/wss over an unauthenticated, but | 411 // Make sure that we don't try to send https/wss over an unauthenticated, but |
| 411 // encrypted SSL socket. | 412 // encrypted SSL socket. |
| 412 if (is_secure_ && certificate_error_code_ != OK && | 413 if (is_secure_ && certificate_error_code_ != OK && |
| 413 (url.SchemeIs("https") || url.SchemeIs("wss"))) { | 414 (url.SchemeIs("https") || url.SchemeIs("wss"))) { |
| 414 LOG(DFATAL) << "Tried to create spdy stream for secure content over an " | 415 LOG(ERROR) << "Tried to create spdy stream for secure content over an " |
| 415 << "unauthenticated session."; | 416 << "unauthenticated session."; |
| 416 return certificate_error_code_; | 417 CloseSessionOnError(static_cast<net::Error>(certificate_error_code_), true); |
| 418 return ERR_SPDY_PROTOCOL_ERROR; | |
| 417 } | 419 } |
| 418 | 420 |
| 419 const std::string& path = url.PathForRequest(); | 421 const std::string& path = url.PathForRequest(); |
| 420 | 422 |
| 421 const spdy::SpdyStreamId stream_id = GetNewStreamId(); | 423 const spdy::SpdyStreamId stream_id = GetNewStreamId(); |
| 422 | 424 |
| 423 *spdy_stream = new SpdyStream(this, | 425 *spdy_stream = new SpdyStream(this, |
| 424 stream_id, | 426 stream_id, |
| 425 false, | 427 false, |
| 426 stream_net_log); | 428 stream_net_log); |
| (...skipping 932 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1359 if (it == pending_callback_map_.end()) | 1361 if (it == pending_callback_map_.end()) |
| 1360 return; | 1362 return; |
| 1361 | 1363 |
| 1362 CompletionCallback* callback = it->second.callback; | 1364 CompletionCallback* callback = it->second.callback; |
| 1363 int result = it->second.result; | 1365 int result = it->second.result; |
| 1364 pending_callback_map_.erase(it); | 1366 pending_callback_map_.erase(it); |
| 1365 callback->Run(result); | 1367 callback->Run(result); |
| 1366 } | 1368 } |
| 1367 | 1369 |
| 1368 } // namespace net | 1370 } // namespace net |
| OLD | NEW |
