Chromium Code Reviews Chromium Code Reviews
Issue 12035105:
Move client certificates retrieval logic out of the SSL sockets. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/loader/resource_loader.h" | 5 #include "content/browser/loader/resource_loader.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/message_loop.h" | 8 #include "base/message_loop.h" |
| 9 #include "base/time.h" | 9 #include "base/time.h" |
| 10 #include "content/browser/child_process_security_policy_impl.h" | 10 #include "content/browser/child_process_security_policy_impl.h" |
| 11 #include "content/browser/loader/doomed_resource_handler.h" | 11 #include "content/browser/loader/doomed_resource_handler.h" |
| 12 #include "content/browser/loader/resource_loader_delegate.h" | 12 #include "content/browser/loader/resource_loader_delegate.h" |
| 13 #include "content/browser/loader/resource_request_info_impl.h" | 13 #include "content/browser/loader/resource_request_info_impl.h" |
| 14 #include "content/browser/ssl/ssl_client_auth_handler.h" | 14 #include "content/browser/ssl/ssl_client_auth_handler.h" |
| 15 #include "content/browser/ssl/ssl_manager.h" | 15 #include "content/browser/ssl/ssl_manager.h" |
| 16 #include "content/common/ssl_status_serialization.h" | 16 #include "content/common/ssl_status_serialization.h" |
| 17 #include "content/public/browser/cert_store.h" | 17 #include "content/public/browser/cert_store.h" |
| 18 #include "content/public/browser/resource_dispatcher_host_login_delegate.h" | 18 #include "content/public/browser/resource_dispatcher_host_login_delegate.h" |
| 19 #include "content/public/browser/site_instance.h" | 19 #include "content/public/browser/site_instance.h" |
| 20 #include "content/public/common/content_client.h" | 20 #include "content/public/common/content_client.h" |
| 21 #include "content/public/common/content_switches.h" | 21 #include "content/public/common/content_switches.h" |
| 22 #include "content/public/common/resource_response.h" | 22 #include "content/public/common/resource_response.h" |
| 23 #include "content/public/common/url_constants.h" | 23 #include "content/public/common/url_constants.h" |
| 24 #include "net/base/client_cert_store.h" | |
| 25 #include "net/base/client_cert_store_impl.h" | |
| 24 #include "net/base/load_flags.h" | 26 #include "net/base/load_flags.h" |
| 25 #include "net/http/http_response_headers.h" | 27 #include "net/http/http_response_headers.h" |
| 26 #include "webkit/appcache/appcache_interceptor.h" | 28 #include "webkit/appcache/appcache_interceptor.h" |
| 27 | 29 |
| 28 using base::TimeDelta; | 30 using base::TimeDelta; |
| 29 using base::TimeTicks; | 31 using base::TimeTicks; |
| 30 | 32 |
| 31 namespace content { | 33 namespace content { |
| 32 namespace { | 34 namespace { |
| 33 | 35 |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 58 ResourceLoader::ResourceLoader(scoped_ptr<net::URLRequest> request, | 60 ResourceLoader::ResourceLoader(scoped_ptr<net::URLRequest> request, |
| 59 scoped_ptr<ResourceHandler> handler, | 61 scoped_ptr<ResourceHandler> handler, |
| 60 ResourceLoaderDelegate* delegate) | 62 ResourceLoaderDelegate* delegate) |
| 61 : deferred_stage_(DEFERRED_NONE), | 63 : deferred_stage_(DEFERRED_NONE), |
| 62 request_(request.Pass()), | 64 request_(request.Pass()), |
| 63 handler_(handler.Pass()), | 65 handler_(handler.Pass()), |
| 64 delegate_(delegate), | 66 delegate_(delegate), |
| 65 last_upload_position_(0), | 67 last_upload_position_(0), |
| 66 waiting_for_upload_progress_ack_(false), | 68 waiting_for_upload_progress_ack_(false), |
| 67 is_transferring_(false), | 69 is_transferring_(false), |
| 70 #if defined(USE_NSS) && !defined(OS_IOS) | |
|
Ryan Sleevi
2013/01/30 19:54:51
This is the wrong use of the define. USE_NSS == "U
ppi
2013/02/01 22:22:34
Thanks! Fixed in patch set 6.
| |
| 71 client_cert_store_(new net::ClientCertStoreImpl()), | |
| 72 #endif | |
| 68 weak_ptr_factory_(this) { | 73 weak_ptr_factory_(this) { |
| 69 request_->set_delegate(this); | 74 request_->set_delegate(this); |
| 70 handler_->SetController(this); | 75 handler_->SetController(this); |
| 71 } | 76 } |
| 72 | 77 |
| 73 ResourceLoader::~ResourceLoader() { | 78 ResourceLoader::~ResourceLoader() { |
| 74 if (login_delegate_) | 79 if (login_delegate_) |
| 75 login_delegate_->OnRequestCancelled(); | 80 login_delegate_->OnRequestCancelled(); |
| 76 if (ssl_client_auth_handler_) | 81 if (ssl_client_auth_handler_) |
| 77 ssl_client_auth_handler_->OnRequestCancelled(); | 82 ssl_client_auth_handler_->OnRequestCancelled(); |
| (...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 262 void ResourceLoader::OnCertificateRequested( | 267 void ResourceLoader::OnCertificateRequested( |
| 263 net::URLRequest* unused, | 268 net::URLRequest* unused, |
| 264 net::SSLCertRequestInfo* cert_info) { | 269 net::SSLCertRequestInfo* cert_info) { |
| 265 DCHECK_EQ(request_.get(), unused); | 270 DCHECK_EQ(request_.get(), unused); |
| 266 | 271 |
| 267 if (!delegate_->AcceptSSLClientCertificateRequest(this, cert_info)) { | 272 if (!delegate_->AcceptSSLClientCertificateRequest(this, cert_info)) { |
| 268 request_->Cancel(); | 273 request_->Cancel(); |
| 269 return; | 274 return; |
| 270 } | 275 } |
| 271 | 276 |
| 277 #if defined(USE_NSS) && !defined(OS_IOS) | |
| 278 client_cert_store_->GetClientCerts(*cert_info, &cert_info->client_certs); | |
| 279 #endif | |
| 280 | |
| 272 if (cert_info->client_certs.empty()) { | 281 if (cert_info->client_certs.empty()) { |
| 273 // No need to query the user if there are no certs to choose from. | 282 // No need to query the user if there are no certs to choose from. |
| 274 request_->ContinueWithCertificate(NULL); | 283 request_->ContinueWithCertificate(NULL); |
| 275 return; | 284 return; |
| 276 } | 285 } |
|
Ryan Sleevi
2013/01/30 19:54:51
Shouldn't the #endif cover up to here? because cli
ppi
2013/02/01 22:22:34
Definitely, thanks! Fixed in patch set 6.
| |
| 277 | 286 |
| 278 DCHECK(!ssl_client_auth_handler_) << | 287 DCHECK(!ssl_client_auth_handler_) << |
| 279 "OnCertificateRequested called with ssl_client_auth_handler pending"; | 288 "OnCertificateRequested called with ssl_client_auth_handler pending"; |
| 280 ssl_client_auth_handler_ = new SSLClientAuthHandler(request_.get(), | 289 ssl_client_auth_handler_ = new SSLClientAuthHandler(request_.get(), |
| 281 cert_info); | 290 cert_info); |
| 282 ssl_client_auth_handler_->SelectCertificate(); | 291 ssl_client_auth_handler_->SelectCertificate(); |
| 283 } | 292 } |
| 284 | 293 |
| 285 void ResourceLoader::OnSSLCertificateError(net::URLRequest* request, | 294 void ResourceLoader::OnSSLCertificateError(net::URLRequest* request, |
| 286 const net::SSLInfo& ssl_info, | 295 const net::SSLInfo& ssl_info, |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 619 // we resume. | 628 // we resume. |
| 620 deferred_stage_ = DEFERRED_FINISH; | 629 deferred_stage_ = DEFERRED_FINISH; |
| 621 } | 630 } |
| 622 } | 631 } |
| 623 | 632 |
| 624 void ResourceLoader::CallDidFinishLoading() { | 633 void ResourceLoader::CallDidFinishLoading() { |
| 625 delegate_->DidFinishLoading(this); | 634 delegate_->DidFinishLoading(this); |
| 626 } | 635 } |
| 627 | 636 |
| 628 } // namespace content | 637 } // namespace content |
| OLD | NEW |
