OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "blimp/net/ssl_client_transport.h" | |
6 | |
7 #include "base/callback.h" | |
8 #include "base/callback_helpers.h" | |
9 #include "blimp/net/exact_match_cert_verifier.h" | |
10 #include "blimp/net/stream_socket_connection.h" | |
11 #include "net/base/host_port_pair.h" | |
12 #include "net/cert/x509_certificate.h" | |
13 #include "net/socket/client_socket_factory.h" | |
14 #include "net/socket/client_socket_handle.h" | |
15 #include "net/socket/ssl_client_socket.h" | |
16 #include "net/socket/stream_socket.h" | |
17 #include "net/socket/tcp_client_socket.h" | |
18 #include "net/ssl/ssl_config.h" | |
19 | |
20 namespace blimp { | |
21 | |
22 SSLClientTransport::SSLClientTransport(const net::AddressList& addresses, | |
23 scoped_refptr<net::X509Certificate> cert, | |
24 net::NetLog* net_log) | |
25 : TCPClientTransport(addresses, net_log), cert_verifier_(cert) {} | |
Ryan Sleevi
2016/02/19 22:56:08
STYLE: You're passing a scoped_refptr<> as a non-c
Kevin M
2016/02/22 22:53:32
Thanks, but I'll just make this const& for consist
| |
26 | |
27 SSLClientTransport::~SSLClientTransport() {} | |
28 | |
29 const std::string SSLClientTransport::GetName() const { | |
30 return "SSL"; | |
31 } | |
32 | |
33 void SSLClientTransport::OnTCPConnectComplete(int result) { | |
34 DCHECK_NE(net::ERR_IO_PENDING, result); | |
35 | |
36 scoped_ptr<net::StreamSocket> tcp_socket = TCPClientTransport::TakeSocket(); | |
37 | |
38 DVLOG(1) << "TCP connection result=" << result; | |
39 if (result != net::OK) { | |
40 OnConnectComplete(result); | |
41 return; | |
42 } | |
43 | |
44 // Forward connection details to the SSL layer. | |
45 net::IPEndPoint connected_endpoint; | |
46 result = tcp_socket->GetPeerAddress(&connected_endpoint); | |
47 if (result != net::OK) { | |
48 OnConnectComplete(result); | |
49 return; | |
50 } | |
51 | |
52 // Construct arguments to use for the SSL socket factory. | |
53 scoped_ptr<net::ClientSocketHandle> socket_handle( | |
54 new net::ClientSocketHandle); | |
55 socket_handle->SetSocket(std::move(tcp_socket)); | |
56 | |
57 net::HostPortPair host_port_pair = | |
58 net::HostPortPair::FromIPEndPoint(connected_endpoint); | |
Ryan Sleevi
2016/02/19 22:56:08
DESIGN: In production code, this would be categori
Kevin M
2016/02/22 22:53:32
Done - the original address is used here. I can al
| |
59 | |
60 net::SSLClientSocketContext create_context; | |
61 create_context.cert_verifier = &cert_verifier_; | |
62 create_context.transport_security_state = &transport_security_state_; | |
63 | |
64 scoped_ptr<net::StreamSocket> ssl_socket( | |
65 socket_factory()->CreateSSLClientSocket(std::move(socket_handle), | |
66 host_port_pair, net::SSLConfig(), | |
67 create_context)); | |
68 | |
69 if (!ssl_socket) { | |
70 OnConnectComplete(net::ERR_SSL_PROTOCOL_ERROR); | |
71 return; | |
72 } | |
73 | |
74 result = ssl_socket->Connect(base::Bind( | |
75 &SSLClientTransport::OnSSLConnectComplete, base::Unretained(this))); | |
76 SetSocket(std::move(ssl_socket)); | |
77 | |
78 if (result == net::ERR_IO_PENDING) { | |
79 // SSL connection will complete asynchronously. | |
80 return; | |
81 } | |
82 | |
83 OnSSLConnectComplete(result); | |
84 } | |
85 | |
86 void SSLClientTransport::OnSSLConnectComplete(int result) { | |
87 DCHECK_NE(net::ERR_IO_PENDING, result); | |
88 DVLOG(1) << "SSL connection result=" << result; | |
89 | |
90 OnConnectComplete(result); | |
91 } | |
92 | |
93 } // namespace blimp | |
OLD | NEW |