OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/ssl_client_socket_win.h" | 5 #include "net/base/ssl_client_socket_win.h" |
6 | 6 |
7 #include <schnlsp.h> | 7 #include <schnlsp.h> |
8 | 8 |
9 #include "base/lock.h" | 9 #include "base/lock.h" |
10 #include "base/singleton.h" | 10 #include "base/singleton.h" |
| 11 #include "base/stl_util-inl.h" |
11 #include "base/string_util.h" | 12 #include "base/string_util.h" |
12 #include "net/base/connection_type_histograms.h" | 13 #include "net/base/connection_type_histograms.h" |
13 #include "net/base/io_buffer.h" | 14 #include "net/base/io_buffer.h" |
14 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
15 #include "net/base/ssl_cert_request_info.h" | 16 #include "net/base/ssl_cert_request_info.h" |
16 #include "net/base/ssl_info.h" | 17 #include "net/base/ssl_info.h" |
17 | 18 |
18 #pragma comment(lib, "secur32.lib") | 19 #pragma comment(lib, "secur32.lib") |
19 | 20 |
20 namespace net { | 21 namespace net { |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
73 // A bitmask consisting of these bit flags encodes which versions of the SSL | 74 // A bitmask consisting of these bit flags encodes which versions of the SSL |
74 // protocol (SSL 2.0, SSL 3.0, and TLS 1.0) are enabled. | 75 // protocol (SSL 2.0, SSL 3.0, and TLS 1.0) are enabled. |
75 enum { | 76 enum { |
76 SSL2 = 1 << 0, | 77 SSL2 = 1 << 0, |
77 SSL3 = 1 << 1, | 78 SSL3 = 1 << 1, |
78 TLS1 = 1 << 2, | 79 TLS1 = 1 << 2, |
79 SSL_VERSION_MASKS = 1 << 3 // The number of SSL version bitmasks. | 80 SSL_VERSION_MASKS = 1 << 3 // The number of SSL version bitmasks. |
80 }; | 81 }; |
81 | 82 |
82 // CredHandleClass simply gives a default constructor and a destructor to | 83 // CredHandleClass simply gives a default constructor and a destructor to |
83 // SSPI's CredHandle type (a C struct). The default constuctor is required | 84 // SSPI's CredHandle type (a C struct). |
84 // by STL containers. | |
85 class CredHandleClass : public CredHandle { | 85 class CredHandleClass : public CredHandle { |
86 public: | 86 public: |
87 CredHandleClass() { | 87 CredHandleClass() { |
88 dwLower = 0; | 88 dwLower = 0; |
89 dwUpper = 0; | 89 dwUpper = 0; |
90 } | 90 } |
91 | 91 |
92 ~CredHandleClass() { | 92 ~CredHandleClass() { |
93 if (dwLower || dwUpper) { | 93 if (dwLower || dwUpper) { |
94 SECURITY_STATUS status = FreeCredentialsHandle(this); | 94 SECURITY_STATUS status = FreeCredentialsHandle(this); |
95 DCHECK(status == SEC_E_OK); | 95 DCHECK(status == SEC_E_OK); |
96 } | 96 } |
97 } | 97 } |
98 }; | 98 }; |
99 | 99 |
100 // A table of CredHandles. | 100 // A table of CredHandles. |
101 class CredHandleTable { | 101 class CredHandleTable { |
102 public: | 102 public: |
103 CredHandleTable() {} | 103 CredHandleTable() {} |
104 | 104 |
105 ~CredHandleTable() {} | 105 ~CredHandleTable() { |
| 106 STLDeleteContainerPairSecondPointers(client_cert_creds_.begin(), |
| 107 client_cert_creds_.end()); |
| 108 } |
106 | 109 |
107 CredHandle* GetHandle(PCCERT_CONTEXT client_cert, int ssl_version_mask) { | 110 CredHandle* GetHandle(PCCERT_CONTEXT client_cert, int ssl_version_mask) { |
108 DCHECK(0 < ssl_version_mask && | 111 DCHECK(0 < ssl_version_mask && |
109 ssl_version_mask < arraysize(anonymous_creds_)); | 112 ssl_version_mask < arraysize(anonymous_creds_)); |
110 CredHandle* handle; | 113 CredHandleClass* handle; |
111 AutoLock lock(lock_); | 114 AutoLock lock(lock_); |
112 if (client_cert) { | 115 if (client_cert) { |
113 handle = &client_cert_creds_[ | 116 CredHandleMapKey key = std::make_pair(client_cert, ssl_version_mask); |
114 std::make_pair(client_cert, ssl_version_mask)]; | 117 CredHandleMap::const_iterator it = client_cert_creds_.find(key); |
| 118 if (it == client_cert_creds_.end()) { |
| 119 handle = new CredHandleClass; |
| 120 client_cert_creds_[key] = handle; |
| 121 } else { |
| 122 handle = it->second; |
| 123 } |
115 } else { | 124 } else { |
116 handle = &anonymous_creds_[ssl_version_mask]; | 125 handle = &anonymous_creds_[ssl_version_mask]; |
117 } | 126 } |
118 if (!handle->dwLower && !handle->dwUpper) | 127 if (!handle->dwLower && !handle->dwUpper) |
119 InitializeHandle(handle, client_cert, ssl_version_mask); | 128 InitializeHandle(handle, client_cert, ssl_version_mask); |
120 return handle; | 129 return handle; |
121 } | 130 } |
122 | 131 |
123 private: | 132 private: |
124 // CredHandleMapKey is a std::pair consisting of these two components: | 133 // CredHandleMapKey is a std::pair consisting of these two components: |
125 // PCCERT_CONTEXT client_cert | 134 // PCCERT_CONTEXT client_cert |
126 // int ssl_version_mask | 135 // int ssl_version_mask |
127 typedef std::pair<PCCERT_CONTEXT, int> CredHandleMapKey; | 136 typedef std::pair<PCCERT_CONTEXT, int> CredHandleMapKey; |
128 | 137 |
129 typedef std::map<CredHandleMapKey, CredHandleClass> CredHandleMap; | 138 typedef std::map<CredHandleMapKey, CredHandleClass*> CredHandleMap; |
130 | 139 |
131 static void InitializeHandle(CredHandle* handle, | 140 static void InitializeHandle(CredHandle* handle, |
132 PCCERT_CONTEXT client_cert, | 141 PCCERT_CONTEXT client_cert, |
133 int ssl_version_mask); | 142 int ssl_version_mask); |
134 | 143 |
135 Lock lock_; | 144 Lock lock_; |
136 | 145 |
137 // Anonymous (no client certificate) CredHandles for all possible | 146 // Anonymous (no client certificate) CredHandles for all possible |
138 // combinations of SSL versions. Defined as an array for fast lookup. | 147 // combinations of SSL versions. Defined as an array for fast lookup. |
139 CredHandleClass anonymous_creds_[SSL_VERSION_MASKS]; | 148 CredHandleClass anonymous_creds_[SSL_VERSION_MASKS]; |
(...skipping 1032 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1172 } | 1181 } |
1173 } | 1182 } |
1174 | 1183 |
1175 void SSLClientSocketWin::FreeSendBuffer() { | 1184 void SSLClientSocketWin::FreeSendBuffer() { |
1176 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); | 1185 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); |
1177 DCHECK(status == SEC_E_OK); | 1186 DCHECK(status == SEC_E_OK); |
1178 memset(&send_buffer_, 0, sizeof(send_buffer_)); | 1187 memset(&send_buffer_, 0, sizeof(send_buffer_)); |
1179 } | 1188 } |
1180 | 1189 |
1181 } // namespace net | 1190 } // namespace net |
OLD | NEW |