OLD | NEW |
(Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "blimp/net/ssl_client_transport.h" |
| 6 |
| 7 #include "base/callback.h" |
| 8 #include "base/callback_helpers.h" |
| 9 #include "blimp/net/exact_match_cert_verifier.h" |
| 10 #include "blimp/net/stream_socket_connection.h" |
| 11 #include "net/base/host_port_pair.h" |
| 12 #include "net/cert/x509_certificate.h" |
| 13 #include "net/socket/client_socket_factory.h" |
| 14 #include "net/socket/client_socket_handle.h" |
| 15 #include "net/socket/ssl_client_socket.h" |
| 16 #include "net/socket/stream_socket.h" |
| 17 #include "net/socket/tcp_client_socket.h" |
| 18 #include "net/ssl/ssl_config.h" |
| 19 |
| 20 namespace blimp { |
| 21 |
| 22 SSLClientTransport::SSLClientTransport(const net::IPEndPoint& ip_endpoint, |
| 23 scoped_refptr<net::X509Certificate> cert, |
| 24 net::NetLog* net_log) |
| 25 : TCPClientTransport(ip_endpoint, net_log), ip_endpoint_(ip_endpoint) { |
| 26 // Test code may pass in a null value for |cert|. Only spin up a CertVerifier |
| 27 // if there is a cert present. |
| 28 if (cert) { |
| 29 cert_verifier_.reset(new ExactMatchCertVerifier(std::move(cert))); |
| 30 } |
| 31 } |
| 32 |
| 33 SSLClientTransport::~SSLClientTransport() {} |
| 34 |
| 35 const char* SSLClientTransport::GetName() const { |
| 36 return "SSL"; |
| 37 } |
| 38 |
| 39 void SSLClientTransport::OnTCPConnectComplete(int result) { |
| 40 DCHECK_NE(net::ERR_IO_PENDING, result); |
| 41 |
| 42 scoped_ptr<net::StreamSocket> tcp_socket = TCPClientTransport::TakeSocket(); |
| 43 |
| 44 DVLOG(1) << "TCP connection result=" << result; |
| 45 if (result != net::OK) { |
| 46 OnConnectComplete(result); |
| 47 return; |
| 48 } |
| 49 |
| 50 // Construct arguments to use for the SSL socket factory. |
| 51 scoped_ptr<net::ClientSocketHandle> socket_handle( |
| 52 new net::ClientSocketHandle); |
| 53 socket_handle->SetSocket(std::move(tcp_socket)); |
| 54 |
| 55 net::HostPortPair host_port_pair = |
| 56 net::HostPortPair::FromIPEndPoint(ip_endpoint_); |
| 57 |
| 58 net::SSLClientSocketContext create_context; |
| 59 create_context.cert_verifier = cert_verifier_.get(); |
| 60 create_context.transport_security_state = &transport_security_state_; |
| 61 |
| 62 scoped_ptr<net::StreamSocket> ssl_socket( |
| 63 socket_factory()->CreateSSLClientSocket(std::move(socket_handle), |
| 64 host_port_pair, net::SSLConfig(), |
| 65 create_context)); |
| 66 |
| 67 if (!ssl_socket) { |
| 68 OnConnectComplete(net::ERR_SSL_PROTOCOL_ERROR); |
| 69 return; |
| 70 } |
| 71 |
| 72 result = ssl_socket->Connect(base::Bind( |
| 73 &SSLClientTransport::OnSSLConnectComplete, base::Unretained(this))); |
| 74 SetSocket(std::move(ssl_socket)); |
| 75 |
| 76 if (result == net::ERR_IO_PENDING) { |
| 77 // SSL connection will complete asynchronously. |
| 78 return; |
| 79 } |
| 80 |
| 81 OnSSLConnectComplete(result); |
| 82 } |
| 83 |
| 84 void SSLClientTransport::OnSSLConnectComplete(int result) { |
| 85 DCHECK_NE(net::ERR_IO_PENDING, result); |
| 86 DVLOG(1) << "SSL connection result=" << result; |
| 87 |
| 88 OnConnectComplete(result); |
| 89 } |
| 90 |
| 91 } // namespace blimp |
OLD | NEW |