Add built-in root certificates to dart:io SecureSocket.

sdk/lib/io/secure_socket.dart

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 part of dart_io;
 
 /**
  * SecureSocket provides a secure (SSL or TLS) client connection to a server.
  * The certificate provided by the server is checked
  * using the certificate database provided in setCertificateDatabase.
  */
 abstract class SecureSocket implements Socket {
   /**
    * Constructs a new secure client socket and connect it to the given
    * host on the given port. The returned socket is not yet connected
    * but ready for registration of callbacks.
    */
   factory SecureSocket(String host, int port) => new _SecureSocket(host, port);
 
    /**
    * Initializes the NSS library with the path to a certificate database
    * containing root certificates for verifying certificate paths on
    * client connections, and server certificates to provide on server
    * connections.  The password argument should be used when creating
    * secure server sockets, to allow the private key of the server
-   * certificate to be fetched.
+   * certificate to be fetched.  If useBuiltinRoots is true (the default),
+   * then an built-in set of root certificates for trusted certificate

[Mads Ager (google), 2012/11/29 20:13:05]

an built-in set -> a built-in set?

[Bill Hesse, 2012/11/30 12:51:16]

Done.

+   * authorities is merged with the certificates in the database.
    *
    * The database should be an NSS certificate database directory
    * containing a cert9.db file, not a cert8.db file.  This version of
    * the database can be created using the NSS certutil tool with "sql:" in
    * front of the absolute path of the database directory, or setting the
    * environment variable NSS_DEFAULT_DB_TYPE to "sql".
    */
   external static void setCertificateDatabase(String certificateDatabase,

[Mads Ager (google), 2012/11/29 20:13:05]

How do you get away with only using the built-in set of root certificates when
you have to pass in the string here? How about renaming this to initialize and
making all arguments optional so that you can choose to just call initialize
with no arguments to get the default initialization with only the built-in set
of certificates?

[Bill Hesse, 2012/11/30 12:51:16]

Done.

-                                              [String password]);
+                                             {String password,
+                                              bool useBuiltinRoots: true});
 }
 
 
 class _SecureSocket implements SecureSocket {
   // Status states
   static final int NOT_CONNECTED = 200;
   static final int HANDSHAKE = 201;
   static final int CONNECTED = 202;
   static final int CLOSED = 203;
 
@@ skipping 246 matching lines @@
                _secureFilter.buffers[WRITE_PLAINTEXT].free > 0) {
       // We must be able to set onWrite from the onWrite callback.
       var handler = _socketWriteHandler;
       // Reset the one-shot handler.
       _socketWriteHandler = null;
       handler();
     }
   }
 
   void _secureDataHandler() {
-    if (_status == HANDSHAKE) {
-      _secureHandshake();
-    } else {
-      _writeEncryptedData();  // TODO(whesse): Removing this causes a failure.
-      _readEncryptedData();
-      if (!_filterReadEmpty) {
-        // Call the onData event.
-        if (scheduledDataEvent != null) {
-          scheduledDataEvent.cancel();
-          scheduledDataEvent = null;
+    bool inUserCode = false;
+    try {

[Mads Ager (google), 2012/11/29 20:13:05]

I think we should do our best to avoid this type of try-catch. It makes it
really hard to track down problems because you are eating the original stack
trace. Can you explain the need to wrap here? It seems to me that there is
nothing the user can do anyway if we are throwing errors in the internals here,
so I'm not sure why catching the exception for internal stuff is better?

[Bill Hesse, 2012/11/30 12:51:16]

In the socket class, the onError handler can be called both asynchronously and
during a call to read, write, or available.  There are also exceptions thrown,
if any of the user callbacks throw an exception.  So this will reproduce the
current behavior, just for this function.  Other functions still are throwing
exceptions where they should call onError.

Changed the scope of the try block to avoid the rethrow.

+      if (_status == HANDSHAKE) {
+        _secureHandshake();
+      } else {
+        _writeEncryptedData();  // TODO(whesse): Removing this causes a failure.
+        _readEncryptedData();
+        if (!_filterReadEmpty) {
+          // Call the onData event.
+          if (scheduledDataEvent != null) {
+            scheduledDataEvent.cancel();
+            scheduledDataEvent = null;
+          }
+          if (_socketDataHandler != null) {
+            inUserCode = true;
+            _socketDataHandler();
+          }
         }
-        if (_socketDataHandler != null) {
-          _socketDataHandler();
-        }
+      }
+    } catch (e) {
+      if (inUserCode) {
+        throw e;
+      } else {
+        _reportError(e, "SecureSocket error");
       }
     }
   }
 
   void _secureErrorHandler(e) {
     _reportError(e, 'Error on underlying Socket');
   }
 
   void _reportError(error, String message) {
     // TODO(whesse): Call _reportError from all internal functions that throw.
     var e;
     if (error is SocketIOException) {
       e = new SocketIOException('$message (${error.message})', error.osError);
     } else if (error is OSError) {
       e = new SocketIOException(message, error);
     } else {
       e = new SocketIOException('$message (${error.toString()})', null);
     }
+    close(false);
     bool reported = false;
     if (_socketErrorHandler != null) {
       reported = true;
       _socketErrorHandler(e);
     }
     if (_inputStream != null) {
       reported = reported || _inputStream._onSocketError(e);
     }
     if (_outputStream != null) {
       reported = reported || _outputStream._onSocketError(e);
     }
-
     if (!reported) throw e;
   }
 
   void _secureCloseHandler() {
     _socketClosedRead = true;
     if (_filterReadEmpty) {
       _closedRead = true;
       _fireCloseEvent();
       if (_socketClosedWrite) {
         _secureFilter.destroy();
@@ skipping 207 matching lines @@
                bool is_server,
                String certificateName);
   void destroy();
   void handshake();
   void init();
   int processBuffer(int bufferIndex);
   void registerHandshakeCompleteCallback(Function handshakeCompleteHandler);
 
   List<_ExternalBuffer> get buffers;
 }