Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(237)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 337823002: Stop attempting to write to transport sockets in NSS on failure. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: document CountingStreamSocket (try jobs on patch set 1) Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_unittest.cc » ('j') | net/socket/ssl_client_socket_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 872 matching lines...) Expand 10 before | Expand all | Expand 10 after
883 // True if NSS has False Started. 883 // True if NSS has False Started.
884 bool false_started_; 884 bool false_started_;
885 // True if NSS has called HandshakeCallback. 885 // True if NSS has called HandshakeCallback.
886 bool handshake_callback_called_; 886 bool handshake_callback_called_;
887 887
888 HandshakeState nss_handshake_state_; 888 HandshakeState nss_handshake_state_;
889 889
890 bool transport_recv_busy_; 890 bool transport_recv_busy_;
891 bool transport_recv_eof_; 891 bool transport_recv_eof_;
892 bool transport_send_busy_; 892 bool transport_send_busy_;
893 int transport_send_error_;
893 894
894 // Used by Read function. 895 // Used by Read function.
895 scoped_refptr<IOBuffer> user_read_buf_; 896 scoped_refptr<IOBuffer> user_read_buf_;
896 int user_read_buf_len_; 897 int user_read_buf_len_;
897 898
898 // Used by Write function. 899 // Used by Write function.
899 scoped_refptr<IOBuffer> user_write_buf_; 900 scoped_refptr<IOBuffer> user_write_buf_;
900 int user_write_buf_len_; 901 int user_write_buf_len_;
901 902
902 CompletionCallback user_connect_callback_; 903 CompletionCallback user_connect_callback_;
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
949 pending_read_nss_error_(0), 950 pending_read_nss_error_(0),
950 next_handshake_state_(STATE_NONE), 951 next_handshake_state_(STATE_NONE),
951 channel_id_xtn_negotiated_(false), 952 channel_id_xtn_negotiated_(false),
952 channel_id_needed_(false), 953 channel_id_needed_(false),
953 client_auth_cert_needed_(false), 954 client_auth_cert_needed_(false),
954 false_started_(false), 955 false_started_(false),
955 handshake_callback_called_(false), 956 handshake_callback_called_(false),
956 transport_recv_busy_(false), 957 transport_recv_busy_(false),
957 transport_recv_eof_(false), 958 transport_recv_eof_(false),
958 transport_send_busy_(false), 959 transport_send_busy_(false),
960 transport_send_error_(0),
wtc 2014/06/16 19:57:21 I assume transport_send_error_ is a net:: error co
davidben 2014/06/16 23:02:13 Done.
959 user_read_buf_len_(0), 961 user_read_buf_len_(0),
960 user_write_buf_len_(0), 962 user_write_buf_len_(0),
961 network_task_runner_(network_task_runner), 963 network_task_runner_(network_task_runner),
962 nss_task_runner_(nss_task_runner), 964 nss_task_runner_(nss_task_runner),
963 weak_net_log_(weak_net_log_factory_.GetWeakPtr()) { 965 weak_net_log_(weak_net_log_factory_.GetWeakPtr()) {
964 } 966 }
965 967
966 SSLClientSocketNSS::Core::~Core() { 968 SSLClientSocketNSS::Core::~Core() {
967 // TODO(wtc): Send SSL close_notify alert. 969 // TODO(wtc): Send SSL close_notify alert.
968 if (nss_fd_ != NULL) { 970 if (nss_fd_ != NULL) {
(...skipping 1163 matching lines...) Expand 10 before | Expand all | Expand 10 after
2132 } 2134 }
2133 2135
2134 // Return 0 if nss_bufs_ was empty, 2136 // Return 0 if nss_bufs_ was empty,
2135 // > 0 for bytes transferred immediately, 2137 // > 0 for bytes transferred immediately,
2136 // < 0 for error (or the non-error ERR_IO_PENDING). 2138 // < 0 for error (or the non-error ERR_IO_PENDING).
2137 int SSLClientSocketNSS::Core::BufferSend() { 2139 int SSLClientSocketNSS::Core::BufferSend() {
2138 DCHECK(OnNSSTaskRunner()); 2140 DCHECK(OnNSSTaskRunner());
2139 2141
2140 if (transport_send_busy_) 2142 if (transport_send_busy_)
2141 return ERR_IO_PENDING; 2143 return ERR_IO_PENDING;
2144 if (transport_send_error_ != 0)
2145 return transport_send_error_;
Ryan Sleevi 2014/06/16 22:07:07 Why introduce another member, when we already have
davidben 2014/06/16 23:02:13 Good point. That's much cleaner. Done.
2142 2146
2143 const char* buf1; 2147 const char* buf1;
2144 const char* buf2; 2148 const char* buf2;
2145 unsigned int len1, len2; 2149 unsigned int len1, len2;
2146 memio_GetWriteParams(nss_bufs_, &buf1, &len1, &buf2, &len2); 2150 memio_GetWriteParams(nss_bufs_, &buf1, &len1, &buf2, &len2);
2147 const unsigned int len = len1 + len2; 2151 const unsigned int len = len1 + len2;
2148 2152
2149 int rv = 0; 2153 int rv = 0;
2150 if (len) { 2154 if (len) {
2151 scoped_refptr<IOBuffer> send_buffer(new IOBuffer(len)); 2155 scoped_refptr<IOBuffer> send_buffer(new IOBuffer(len));
(...skipping 468 matching lines...) Expand 10 before | Expand all | Expand 10 after
2620 int rv = transport_->socket()->Write( 2624 int rv = transport_->socket()->Write(
2621 send_buffer, len, 2625 send_buffer, len,
2622 base::Bind(&Core::BufferSendComplete, 2626 base::Bind(&Core::BufferSendComplete,
2623 base::Unretained(this))); 2627 base::Unretained(this)));
2624 2628
2625 if (!OnNSSTaskRunner() && rv != ERR_IO_PENDING) { 2629 if (!OnNSSTaskRunner() && rv != ERR_IO_PENDING) {
2626 nss_task_runner_->PostTask( 2630 nss_task_runner_->PostTask(
2627 FROM_HERE, 2631 FROM_HERE,
2628 base::Bind(&Core::BufferSendComplete, this, rv)); 2632 base::Bind(&Core::BufferSendComplete, this, rv));
2629 return rv; 2633 return rv;
2630 } 2634 }
wtc 2014/06/16 19:57:21 IMPORTANT: I think we should also set transport_se
davidben 2014/06/16 23:02:13 Done. And then did Ryan's suggestion.
2631 2635
2632 return rv; 2636 return rv;
2633 } 2637 }
2634 2638
2635 int SSLClientSocketNSS::Core::DoGetDomainBoundCert(const std::string& host) { 2639 int SSLClientSocketNSS::Core::DoGetDomainBoundCert(const std::string& host) {
2636 DCHECK(OnNetworkTaskRunner()); 2640 DCHECK(OnNetworkTaskRunner());
2637 2641
2638 if (detached_) 2642 if (detached_)
2639 return ERR_FAILED; 2643 return ERR_FAILED;
2640 2644
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
2697 2701
2698 nss_task_runner_->PostTask( 2702 nss_task_runner_->PostTask(
2699 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result)); 2703 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result));
2700 return; 2704 return;
2701 } 2705 }
2702 2706
2703 DCHECK(OnNSSTaskRunner()); 2707 DCHECK(OnNSSTaskRunner());
2704 2708
2705 memio_PutWriteResult(nss_bufs_, MapErrorToNSS(result)); 2709 memio_PutWriteResult(nss_bufs_, MapErrorToNSS(result));
2706 transport_send_busy_ = false; 2710 transport_send_busy_ = false;
2711 // If there was an error, save the result on the NSS task runner. Future calls
2712 // to BufferSend will return the error synchronously rather than calling
2713 // DoBufferSend on the network task runner. This is important to prevent
2714 // spinning infinitely. See https://crbug.com/381160.
wtc 2014/06/16 19:57:21 Nit: it may be better to move this comment (starti
davidben 2014/06/16 23:02:13 Done.
2715 if (result < 0)
2716 transport_send_error_ = result;
2707 OnSendComplete(result); 2717 OnSendComplete(result);
2708 } 2718 }
2709 2719
2710 void SSLClientSocketNSS::Core::OnHandshakeIOComplete(int result) { 2720 void SSLClientSocketNSS::Core::OnHandshakeIOComplete(int result) {
2711 if (!OnNSSTaskRunner()) { 2721 if (!OnNSSTaskRunner()) {
2712 if (detached_) 2722 if (detached_)
2713 return; 2723 return;
2714 2724
2715 nss_task_runner_->PostTask( 2725 nss_task_runner_->PostTask(
2716 FROM_HERE, base::Bind(&Core::OnHandshakeIOComplete, this, result)); 2726 FROM_HERE, base::Bind(&Core::OnHandshakeIOComplete, this, result));
(...skipping 897 matching lines...) Expand 10 before | Expand all | Expand 10 after
3614 scoped_refptr<X509Certificate> 3624 scoped_refptr<X509Certificate>
3615 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { 3625 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
3616 return core_->state().server_cert.get(); 3626 return core_->state().server_cert.get();
3617 } 3627 }
3618 3628
3619 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { 3629 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {
3620 return server_bound_cert_service_; 3630 return server_bound_cert_service_;
3621 } 3631 }
3622 3632
3623 } // namespace net 3633 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_unittest.cc » ('j') | net/socket/ssl_client_socket_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698