Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(96)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request_http_job.cc

Issue 23908005: Handle all non-overridable SSL errors in the same place (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Verified that nothing broke despite time passing Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/cert_status_flags.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/url_request/url_request_http_job.h" 5 #include "net/url_request/url_request_http_job.h"
6 6
7 #include "base/base_switches.h" 7 #include "base/base_switches.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/bind_helpers.h" 9 #include "base/bind_helpers.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 871 matching lines...) Expand 10 before | Expand all | Expand 10 after
882 NetLog::StringCallback("source", 882 NetLog::StringCallback("source",
883 &source)); 883 &source));
884 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, error)); 884 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, error));
885 } 885 }
886 return; 886 return;
887 } 887 }
888 } 888 }
889 889
890 SaveCookiesAndNotifyHeadersComplete(net::OK); 890 SaveCookiesAndNotifyHeadersComplete(net::OK);
891 } else if (IsCertificateError(result)) { 891 } else if (IsCertificateError(result)) {
892 // We encountered an SSL certificate error. Ask our delegate to decide 892 // We encountered an SSL certificate error.
893 // what we should do. 893 if (result == ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY ||
894 894 result == ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN) {
895 TransportSecurityState::DomainState domain_state; 895 // These are hard failures. They're handled separately and don't have
896 const URLRequestContext* context = request_->context(); 896 // the correct cert status, so set it here.
897 const bool fatal = context->transport_security_state() && 897 SSLInfo info(transaction_->GetResponseInfo()->ssl_info);
898 context->transport_security_state()->GetDomainState( 898 info.cert_status = MapNetErrorToCertStatus(result);
899 request_info_.url.host(), 899 NotifySSLCertificateError(info, true);
900 SSLConfigService::IsSNIAvailable(context->ssl_config_service()), 900 } else {
901 &domain_state) && 901 // Maybe overridable, maybe not. Ask the delegate to decide.
902 domain_state.ShouldSSLErrorsBeFatal(); 902 TransportSecurityState::DomainState domain_state;
903 NotifySSLCertificateError(transaction_->GetResponseInfo()->ssl_info, fatal); 903 const URLRequestContext* context = request_->context();
904 const bool fatal = context->transport_security_state() &&
905 context->transport_security_state()->GetDomainState(
906 request_info_.url.host(),
907 SSLConfigService::IsSNIAvailable(context->ssl_config_service()),
908 &domain_state) &&
909 domain_state.ShouldSSLErrorsBeFatal();
910 NotifySSLCertificateError(
911 transaction_->GetResponseInfo()->ssl_info, fatal);
912 }
904 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { 913 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
905 NotifyCertificateRequested( 914 NotifyCertificateRequested(
906 transaction_->GetResponseInfo()->cert_request_info.get()); 915 transaction_->GetResponseInfo()->cert_request_info.get());
907 } else { 916 } else {
908 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result)); 917 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result));
909 } 918 }
910 } 919 }
911 920
912 void URLRequestHttpJob::OnHeadersReceivedCallback(int result) { 921 void URLRequestHttpJob::OnHeadersReceivedCallback(int result) {
913 SetUnblockedOnDelegate(); 922 SetUnblockedOnDelegate();
(...skipping 589 matching lines...) Expand 10 before | Expand all | Expand 10 after
1503 1512
1504 void URLRequestHttpJob::NotifyURLRequestDestroyed() { 1513 void URLRequestHttpJob::NotifyURLRequestDestroyed() {
1505 awaiting_callback_ = false; 1514 awaiting_callback_ = false;
1506 } 1515 }
1507 1516
1508 void URLRequestHttpJob::OnDetachRequest() { 1517 void URLRequestHttpJob::OnDetachRequest() {
1509 http_transaction_delegate_->OnDetachRequest(); 1518 http_transaction_delegate_->OnDetachRequest();
1510 } 1519 }
1511 1520
1512 } // namespace net 1521 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/cert_status_flags.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698