Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 7741007: Always enable the STATE_LOAD_SSL_HOST_INFO state to verify the crash fix (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 593 matching lines...) Expand 10 before | Expand all | Expand 10 after
604 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); 604 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv);
605 return rv; 605 return rv;
606 } 606 }
607 607
608 rv = InitializeSSLPeerName(); 608 rv = InitializeSSLPeerName();
609 if (rv != OK) { 609 if (rv != OK) {
610 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); 610 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv);
611 return rv; 611 return rv;
612 } 612 }
613 613
614 if (ssl_config_.cached_info_enabled && ssl_host_info_.get()) { 614 if (ssl_host_info_.get()) {
615 GotoState(STATE_LOAD_SSL_HOST_INFO); 615 GotoState(STATE_LOAD_SSL_HOST_INFO);
616 } else { 616 } else {
617 GotoState(STATE_HANDSHAKE); 617 GotoState(STATE_HANDSHAKE);
618 } 618 }
619 619
620 rv = DoHandshakeLoop(OK); 620 rv = DoHandshakeLoop(OK);
621 if (rv == ERR_IO_PENDING) { 621 if (rv == ERR_IO_PENDING) {
622 user_connect_callback_ = callback; 622 user_connect_callback_ = callback;
623 } else { 623 } else {
624 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); 624 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv);
(...skipping 730 matching lines...) Expand 10 before | Expand all | Expand 10 after
1355 } while (rv == ERR_IO_PENDING && network_moved); 1355 } while (rv == ERR_IO_PENDING && network_moved);
1356 1356
1357 LeaveFunction(""); 1357 LeaveFunction("");
1358 return rv; 1358 return rv;
1359 } 1359 }
1360 1360
1361 bool SSLClientSocketNSS::LoadSSLHostInfo() { 1361 bool SSLClientSocketNSS::LoadSSLHostInfo() {
1362 const SSLHostInfo::State& state(ssl_host_info_->state()); 1362 const SSLHostInfo::State& state(ssl_host_info_->state());
1363 1363
1364 if (state.certs.empty()) 1364 if (state.certs.empty())
1365 return false; 1365 return true;
1366 1366
1367 SECStatus rv; 1367 SECStatus rv;
1368 const std::vector<std::string>& certs_in = state.certs; 1368 const std::vector<std::string>& certs_in = state.certs;
1369 scoped_array<CERTCertificate*> certs(new CERTCertificate*[certs_in.size()]); 1369 scoped_array<CERTCertificate*> certs(new CERTCertificate*[certs_in.size()]);
1370 1370
1371 for (size_t i = 0; i < certs_in.size(); i++) { 1371 for (size_t i = 0; i < certs_in.size(); i++) {
1372 SECItem derCert; 1372 SECItem derCert;
1373 derCert.data = 1373 derCert.data =
1374 const_cast<uint8*>(reinterpret_cast<const uint8*>(certs_in[i].data())); 1374 const_cast<uint8*>(reinterpret_cast<const uint8*>(certs_in[i].data()));
1375 derCert.len = certs_in[i].size(); 1375 derCert.len = certs_in[i].size();
1376 certs[i] = CERT_NewTempCertificate( 1376 certs[i] = CERT_NewTempCertificate(
1377 CERT_GetDefaultCertDB(), &derCert, NULL /* no nickname given */, 1377 CERT_GetDefaultCertDB(), &derCert, NULL /* no nickname given */,
1378 PR_FALSE /* not permanent */, PR_TRUE /* copy DER data */); 1378 PR_FALSE /* not permanent */, PR_TRUE /* copy DER data */);
1379 if (!certs[i]) { 1379 if (!certs[i]) {
1380 DestroyCertificates(&certs[0], i); 1380 DestroyCertificates(&certs[0], i);
1381 NOTREACHED(); 1381 NOTREACHED();
1382 return false; 1382 return false;
1383 } 1383 }
1384 } 1384 }
1385 1385
1386 rv = SSL_SetPredictedPeerCertificates(nss_fd_, certs.get(), certs_in.size()); 1386 rv = SSL_SetPredictedPeerCertificates(nss_fd_, certs.get(), certs_in.size());
1387 DestroyCertificates(&certs[0], certs_in.size()); 1387 DestroyCertificates(&certs[0], certs_in.size());
1388 DCHECK_EQ(SECSuccess, rv); 1388 DCHECK_EQ(SECSuccess, rv);
1389 1389
1390 return true; 1390 return true;
1391 } 1391 }
1392 1392
1393 int SSLClientSocketNSS::DoLoadSSLHostInfo() { 1393 int SSLClientSocketNSS::DoLoadSSLHostInfo() {
1394 int rv;
1395
1396 EnterFunction(""); 1394 EnterFunction("");
1397 rv = ssl_host_info_->WaitForDataReady(&handshake_io_callback_); 1395 int rv = ssl_host_info_->WaitForDataReady(&handshake_io_callback_);
1398 GotoState(STATE_HANDSHAKE); 1396 GotoState(STATE_HANDSHAKE);
1399 1397
1400 if (rv == OK) { 1398 if (rv == OK) {
1401 if (!LoadSSLHostInfo()) 1399 if (ssl_config_.cached_info_enabled && !LoadSSLHostInfo())
1402 LOG(WARNING) << "LoadSSLHostInfo failed: " << host_and_port_.ToString(); 1400 LOG(WARNING) << "LoadSSLHostInfo failed: " << host_and_port_.ToString();
1403 } else { 1401 } else {
1404 DCHECK_EQ(ERR_IO_PENDING, rv); 1402 DCHECK_EQ(ERR_IO_PENDING, rv);
1405 GotoState(STATE_LOAD_SSL_HOST_INFO); 1403 GotoState(STATE_LOAD_SSL_HOST_INFO);
1406 } 1404 }
1407 1405
1408 LeaveFunction(""); 1406 LeaveFunction("");
1409 return rv; 1407 return rv;
1410 } 1408 }
1411 1409
(...skipping 1033 matching lines...) Expand 10 before | Expand all | Expand 10 after
2445 valid_thread_id_ = base::PlatformThread::CurrentId(); 2443 valid_thread_id_ = base::PlatformThread::CurrentId();
2446 } 2444 }
2447 2445
2448 bool SSLClientSocketNSS::CalledOnValidThread() const { 2446 bool SSLClientSocketNSS::CalledOnValidThread() const {
2449 EnsureThreadIdAssigned(); 2447 EnsureThreadIdAssigned();
2450 base::AutoLock auto_lock(lock_); 2448 base::AutoLock auto_lock(lock_);
2451 return valid_thread_id_ == base::PlatformThread::CurrentId(); 2449 return valid_thread_id_ == base::PlatformThread::CurrentId();
2452 } 2450 }
2453 2451
2454 } // namespace net 2452 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698