Verify alternative server certificate validity for origin.

net/http/http_stream_factory_impl_job.h

Index: net/http/http_stream_factory_impl_job.h
diff --git a/net/http/http_stream_factory_impl_job.h b/net/http/http_stream_factory_impl_job.h
index 27c5f00ec0fafa39f80396c0413b239326e30e7a..ad21922eb43a2a688be1366f1c4284fb77274c43 100644
--- a/net/http/http_stream_factory_impl_job.h
+++ b/net/http/http_stream_factory_impl_job.h
@@ -140,6 +140,45 @@ class HttpStreamFactoryImpl::Job {
     STATUS_SUCCEEDED
   };
 
+  // Wrapper class for SpdySessionPool methods to enforce certificate
+  // requirements for SpdySessions.
+  class ValidSpdySessionPool {
+   public:
+    ValidSpdySessionPool(SpdySessionPool* spdy_session_pool,
+                         GURL& origin_url,
+                         bool is_spdy_alternate);
+
+    // The following two methods return OK if a SpdySession was not found (in
+    // which case |spdy_session| is set to nullptr), or if one was found (in
+    // which case |spdy_session| is set to it) and it has an associated SSL
+    // certificate with is valid for |origin_url_|, or if this requirement does
+    // not apply because the Job is not a SPDY alternate job.  They return the
+    // appropriate error code otherwise, in which case |spdy_session| should not
+    // be used.

[Ryan Hamilton, 2015/04/27 15:35:55]

nit: This comment is confusing, I think because it's trying to document two
different methods. They both return the same value and treat |spdy_session| the
same way, but they behave differently otherwise. I suggest that you document
them independently.

[Bence, 2015/04/28 14:42:21]

Done.

+    int FindAvailableSession(const SpdySessionKey& key,
+                             const BoundNetLog& net_log,
+                             base::WeakPtr<SpdySession>* spdy_session);
+    int CreateAvailableSessionFromSocket(
+        const SpdySessionKey& key,
+        scoped_ptr<ClientSocketHandle> connection,
+        const BoundNetLog& net_log,
+        int certificate_error_code,
+        bool is_secure,
+        base::WeakPtr<SpdySession>* spdy_session);
+
+   private:
+    // Returns OK if |spdy_session| has an associated SSL certificate with is
+    // valid for |origin_url_|, or if this requirement does not apply because
+    // the Job is not a SPDY alternate job, or if |spdy_session| is null.
+    // Returns appropriate error code otherwise.
+    int CheckAlternativeServiceValidityForOrigin(
+        base::WeakPtr<SpdySession> spdy_session);
+
+    SpdySessionPool* const spdy_session_pool_;
+    const GURL origin_url_;
+    const bool is_spdy_alternate_;
+  };
+
   void OnStreamReadyCallback();
   void OnWebSocketHandshakeStreamReadyCallback();
   // This callback function is called when a new SPDY session is created.
@@ -327,6 +366,8 @@ class HttpStreamFactoryImpl::Job {
   // preconnect.
   int num_streams_;
 
+  scoped_ptr<ValidSpdySessionPool> valid_spdy_session_pool_;
+
   // Initialized when we create a new SpdySession.
   base::WeakPtr<SpdySession> new_spdy_session_;