OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 1092 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1103 DCHECK(user_read_callback_.is_null()); | 1103 DCHECK(user_read_callback_.is_null()); |
1104 DCHECK(user_connect_callback_.is_null()); | 1104 DCHECK(user_connect_callback_.is_null()); |
1105 DCHECK(!user_read_buf_); | 1105 DCHECK(!user_read_buf_); |
1106 DCHECK(nss_bufs_); | 1106 DCHECK(nss_bufs_); |
1107 | 1107 |
1108 user_read_buf_ = buf; | 1108 user_read_buf_ = buf; |
1109 user_read_buf_len_ = buf_len; | 1109 user_read_buf_len_ = buf_len; |
1110 | 1110 |
1111 int rv = DoReadLoop(OK); | 1111 int rv = DoReadLoop(OK); |
1112 if (rv == ERR_IO_PENDING) { | 1112 if (rv == ERR_IO_PENDING) { |
1113 user_read_callback_ = callback; | 1113 user_read_callback_ = callback; |
wtc
2012/12/14 22:55:14
Note that there are three cases. This is case 1, a
| |
1114 } else { | 1114 } else { |
1115 user_read_buf_ = NULL; | 1115 user_read_buf_ = NULL; |
1116 user_read_buf_len_ = 0; | 1116 user_read_buf_len_ = 0; |
1117 | 1117 |
1118 if (!OnNetworkTaskRunner()) { | 1118 if (!OnNetworkTaskRunner()) { |
1119 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); | 1119 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); |
1120 return ERR_IO_PENDING; | 1120 return ERR_IO_PENDING; |
1121 } | 1121 } |
1122 } | 1122 } |
1123 | 1123 |
(...skipping 1100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2224 | 2224 |
2225 void SSLClientSocketNSS::Core::DoReadCallback(int rv) { | 2225 void SSLClientSocketNSS::Core::DoReadCallback(int rv) { |
2226 DCHECK(OnNSSTaskRunner()); | 2226 DCHECK(OnNSSTaskRunner()); |
2227 DCHECK_NE(ERR_IO_PENDING, rv); | 2227 DCHECK_NE(ERR_IO_PENDING, rv); |
2228 DCHECK(!user_read_callback_.is_null()); | 2228 DCHECK(!user_read_callback_.is_null()); |
2229 | 2229 |
2230 user_read_buf_ = NULL; | 2230 user_read_buf_ = NULL; |
2231 user_read_buf_len_ = 0; | 2231 user_read_buf_len_ = 0; |
2232 base::Closure c = base::Bind( | 2232 base::Closure c = base::Bind( |
2233 base::ResetAndReturn(&user_read_callback_), | 2233 base::ResetAndReturn(&user_read_callback_), |
2234 rv); | 2234 rv); |
wtc
2012/12/14 22:55:14
Core::Read() may be completed asynchronously and r
| |
2235 PostOrRunCallback(FROM_HERE, c); | 2235 PostOrRunCallback(FROM_HERE, c); |
2236 } | 2236 } |
2237 | 2237 |
2238 void SSLClientSocketNSS::Core::DoWriteCallback(int rv) { | 2238 void SSLClientSocketNSS::Core::DoWriteCallback(int rv) { |
2239 DCHECK(OnNSSTaskRunner()); | 2239 DCHECK(OnNSSTaskRunner()); |
2240 DCHECK_NE(ERR_IO_PENDING, rv); | 2240 DCHECK_NE(ERR_IO_PENDING, rv); |
2241 DCHECK(!user_write_callback_.is_null()); | 2241 DCHECK(!user_write_callback_.is_null()); |
2242 | 2242 |
2243 // Since Run may result in Write being called, clear |user_write_callback_| | 2243 // Since Run may result in Write being called, clear |user_write_callback_| |
2244 // up front. | 2244 // up front. |
(...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2611 scoped_refptr<IOBuffer>(read_buffer), result)); | 2611 scoped_refptr<IOBuffer>(read_buffer), result)); |
2612 return; | 2612 return; |
2613 } | 2613 } |
2614 | 2614 |
2615 DCHECK(OnNSSTaskRunner()); | 2615 DCHECK(OnNSSTaskRunner()); |
2616 | 2616 |
2617 if (result > 0) { | 2617 if (result > 0) { |
2618 char* buf; | 2618 char* buf; |
2619 int nb = memio_GetReadParams(nss_bufs_, &buf); | 2619 int nb = memio_GetReadParams(nss_bufs_, &buf); |
2620 CHECK_GE(nb, result); | 2620 CHECK_GE(nb, result); |
2621 memcpy(buf, read_buffer->data(), result); | 2621 memcpy(buf, read_buffer->data(), result); |
wtc
2012/12/14 22:55:14
IMPORTANT: here we copy data received from transpo
| |
2622 } else if (result == 0) { | 2622 } else if (result == 0) { |
2623 transport_recv_eof_ = true; | 2623 transport_recv_eof_ = true; |
2624 } | 2624 } |
2625 | 2625 |
2626 memio_PutReadResult(nss_bufs_, MapErrorToNSS(result)); | 2626 memio_PutReadResult(nss_bufs_, MapErrorToNSS(result)); |
2627 transport_recv_busy_ = false; | 2627 transport_recv_busy_ = false; |
2628 OnRecvComplete(result); | 2628 OnRecvComplete(result); |
2629 } | 2629 } |
2630 | 2630 |
2631 void SSLClientSocketNSS::Core::PostOrRunCallback( | 2631 void SSLClientSocketNSS::Core::PostOrRunCallback( |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2670 const SSLConfig& ssl_config, | 2670 const SSLConfig& ssl_config, |
2671 const SSLClientSocketContext& context) | 2671 const SSLClientSocketContext& context) |
2672 : nss_task_runner_(nss_task_runner), | 2672 : nss_task_runner_(nss_task_runner), |
2673 transport_(transport_socket), | 2673 transport_(transport_socket), |
2674 host_and_port_(host_and_port), | 2674 host_and_port_(host_and_port), |
2675 ssl_config_(ssl_config), | 2675 ssl_config_(ssl_config), |
2676 cert_verifier_(context.cert_verifier), | 2676 cert_verifier_(context.cert_verifier), |
2677 server_bound_cert_service_(context.server_bound_cert_service), | 2677 server_bound_cert_service_(context.server_bound_cert_service), |
2678 ssl_session_cache_shard_(context.ssl_session_cache_shard), | 2678 ssl_session_cache_shard_(context.ssl_session_cache_shard), |
2679 completed_handshake_(false), | 2679 completed_handshake_(false), |
2680 core_recv_eof_(false), | |
2680 next_handshake_state_(STATE_NONE), | 2681 next_handshake_state_(STATE_NONE), |
2681 nss_fd_(NULL), | 2682 nss_fd_(NULL), |
2682 net_log_(transport_socket->socket()->NetLog()), | 2683 net_log_(transport_socket->socket()->NetLog()), |
2683 transport_security_state_(context.transport_security_state), | 2684 transport_security_state_(context.transport_security_state), |
2684 valid_thread_id_(base::kInvalidThreadId) { | 2685 valid_thread_id_(base::kInvalidThreadId) { |
2685 EnterFunction(""); | 2686 EnterFunction(""); |
2686 InitCore(); | 2687 InitCore(); |
2687 LeaveFunction(""); | 2688 LeaveFunction(""); |
2688 } | 2689 } |
2689 | 2690 |
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2857 server_cert_verify_result_.Reset(); | 2858 server_cert_verify_result_.Reset(); |
2858 completed_handshake_ = false; | 2859 completed_handshake_ = false; |
2859 start_cert_verification_time_ = base::TimeTicks(); | 2860 start_cert_verification_time_ = base::TimeTicks(); |
2860 InitCore(); | 2861 InitCore(); |
2861 | 2862 |
2862 LeaveFunction(""); | 2863 LeaveFunction(""); |
2863 } | 2864 } |
2864 | 2865 |
2865 bool SSLClientSocketNSS::IsConnected() const { | 2866 bool SSLClientSocketNSS::IsConnected() const { |
2866 // Ideally, we should also check if we have received the close_notify alert | 2867 // Ideally, we should also check if we have received the close_notify alert |
2867 // message from the server, and return false in that case. We're not doing | 2868 // message from the server, and return false in that case. We're not doing |
wtc
2012/12/14 22:55:14
Note this comment. I believe your CL is trying to
| |
2868 // that, so this function may return a false positive. Since the upper | 2869 // that, so this function may return a false positive. Since the upper |
2869 // layer (HttpNetworkTransaction) needs to handle a persistent connection | 2870 // layer (HttpNetworkTransaction) needs to handle a persistent connection |
2870 // closed by the server when we send a request anyway, a false positive in | 2871 // closed by the server when we send a request anyway, a false positive in |
2871 // exchange for simpler code is a good trade-off. | 2872 // exchange for simpler code is a good trade-off. |
2872 EnterFunction(""); | 2873 EnterFunction(""); |
2873 bool ret = completed_handshake_ && transport_->socket()->IsConnected(); | 2874 bool ret = completed_handshake_ & !core_recv_eof_; |
tyoshino (SeeGerritForStatus)
2012/12/14 15:13:54
why &?
Takashi Toyoshima
2012/12/21 06:39:03
Oops...
| |
2875 if (ret) | |
2876 ret = transport_->socket()->IsConnected(); | |
wtc
2012/12/14 22:55:14
1. Please define |ret| using a single expression:
Ryan Sleevi
2012/12/15 01:03:04
I discussed with Wan-Teh and would propose an alte
| |
2874 LeaveFunction(""); | 2877 LeaveFunction(""); |
2875 return ret; | 2878 return ret; |
2876 } | 2879 } |
2877 | 2880 |
2878 bool SSLClientSocketNSS::IsConnectedAndIdle() const { | 2881 bool SSLClientSocketNSS::IsConnectedAndIdle() const { |
2879 // Unlike IsConnected, this method doesn't return a false positive. | 2882 // Unlike IsConnected, this method doesn't return a false positive. |
2880 // | 2883 // |
2881 // Strictly speaking, we should check if we have received the close_notify | 2884 // Strictly speaking, we should check if we have received the close_notify |
2882 // alert message from the server, and return false in that case. Although | 2885 // alert message from the server, and return false in that case. Although |
2883 // the close_notify alert message means EOF in the SSL layer, it is just | 2886 // the close_notify alert message means EOF in the SSL layer, it is just |
2884 // bytes to the transport layer below, so | 2887 // bytes to the transport layer below, so |
2885 // transport_->socket()->IsConnectedAndIdle() returns the desired false | 2888 // transport_->socket()->IsConnectedAndIdle() returns the desired false |
2886 // when we receive close_notify. | 2889 // when we receive close_notify. |
2887 EnterFunction(""); | 2890 EnterFunction(""); |
2888 bool ret = completed_handshake_ && transport_->socket()->IsConnectedAndIdle(); | 2891 bool ret = completed_handshake_ & !core_recv_eof_; |
tyoshino (SeeGerritForStatus)
2012/12/14 15:13:54
ditto
Takashi Toyoshima
2012/12/21 06:39:03
Done.
| |
2892 if (ret) | |
2893 ret = transport_->socket()->IsConnectedAndIdle(); | |
2889 LeaveFunction(""); | 2894 LeaveFunction(""); |
2890 return ret; | 2895 return ret; |
2891 } | 2896 } |
2892 | 2897 |
2893 int SSLClientSocketNSS::GetPeerAddress(IPEndPoint* address) const { | 2898 int SSLClientSocketNSS::GetPeerAddress(IPEndPoint* address) const { |
2894 return transport_->socket()->GetPeerAddress(address); | 2899 return transport_->socket()->GetPeerAddress(address); |
2895 } | 2900 } |
2896 | 2901 |
2897 int SSLClientSocketNSS::GetLocalAddress(IPEndPoint* address) const { | 2902 int SSLClientSocketNSS::GetLocalAddress(IPEndPoint* address) const { |
2898 return transport_->socket()->GetLocalAddress(address); | 2903 return transport_->socket()->GetLocalAddress(address); |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2950 return base::TimeDelta::FromMicroseconds(-1); | 2955 return base::TimeDelta::FromMicroseconds(-1); |
2951 } | 2956 } |
2952 | 2957 |
2953 int SSLClientSocketNSS::Read(IOBuffer* buf, int buf_len, | 2958 int SSLClientSocketNSS::Read(IOBuffer* buf, int buf_len, |
2954 const CompletionCallback& callback) { | 2959 const CompletionCallback& callback) { |
2955 DCHECK(core_); | 2960 DCHECK(core_); |
2956 DCHECK(!callback.is_null()); | 2961 DCHECK(!callback.is_null()); |
2957 | 2962 |
2958 EnterFunction(buf_len); | 2963 EnterFunction(buf_len); |
2959 int rv = core_->Read(buf, buf_len, callback); | 2964 int rv = core_->Read(buf, buf_len, callback); |
2965 if (rv == 0) | |
2966 core_recv_eof_ = true; | |
2960 LeaveFunction(rv); | 2967 LeaveFunction(rv); |
2961 | 2968 |
2962 return rv; | 2969 return rv; |
2963 } | 2970 } |
2964 | 2971 |
2965 int SSLClientSocketNSS::Write(IOBuffer* buf, int buf_len, | 2972 int SSLClientSocketNSS::Write(IOBuffer* buf, int buf_len, |
2966 const CompletionCallback& callback) { | 2973 const CompletionCallback& callback) { |
2967 DCHECK(core_); | 2974 DCHECK(core_); |
2968 DCHECK(!callback.is_null()); | 2975 DCHECK(!callback.is_null()); |
2969 | 2976 |
(...skipping 462 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3432 EnsureThreadIdAssigned(); | 3439 EnsureThreadIdAssigned(); |
3433 base::AutoLock auto_lock(lock_); | 3440 base::AutoLock auto_lock(lock_); |
3434 return valid_thread_id_ == base::PlatformThread::CurrentId(); | 3441 return valid_thread_id_ == base::PlatformThread::CurrentId(); |
3435 } | 3442 } |
3436 | 3443 |
3437 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { | 3444 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { |
3438 return server_bound_cert_service_; | 3445 return server_bound_cert_service_; |
3439 } | 3446 } |
3440 | 3447 |
3441 } // namespace net | 3448 } // namespace net |
OLD | NEW |