| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_client_auth_handler.h" | 5 #include "content/browser/ssl/ssl_client_auth_handler.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 8 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
| 9 #include "content/browser/loader/resource_request_info_impl.h" | 9 #include "content/browser/loader/resource_request_info_impl.h" |
| 10 #include "content/public/browser/browser_thread.h" | 10 #include "content/public/browser/browser_thread.h" |
| 11 #include "content/public/browser/content_browser_client.h" | 11 #include "content/public/browser/content_browser_client.h" |
| 12 #include "content/public/browser/resource_context.h" |
| 12 #include "net/cert/x509_certificate.h" | 13 #include "net/cert/x509_certificate.h" |
| 13 #include "net/http/http_transaction_factory.h" | 14 #include "net/http/http_transaction_factory.h" |
| 15 #include "net/ssl/client_cert_store.h" |
| 14 #include "net/url_request/url_request.h" | 16 #include "net/url_request/url_request.h" |
| 15 #include "net/url_request/url_request_context.h" | 17 #include "net/url_request/url_request_context.h" |
| 16 | 18 |
| 17 namespace content { | 19 namespace content { |
| 18 | 20 |
| 19 SSLClientAuthHandler::SSLClientAuthHandler( | 21 SSLClientAuthHandler::SSLClientAuthHandler( |
| 22 ResourceContext* context, |
| 20 net::URLRequest* request, | 23 net::URLRequest* request, |
| 21 net::SSLCertRequestInfo* cert_request_info) | 24 net::SSLCertRequestInfo* cert_request_info) |
| 22 : request_(request), | 25 : request_(request), |
| 23 http_network_session_( | 26 http_network_session_( |
| 24 request_->context()->http_transaction_factory()->GetSession()), | 27 request_->context()->http_transaction_factory()->GetSession()), |
| 25 cert_request_info_(cert_request_info) { | 28 cert_request_info_(cert_request_info), |
| 29 client_cert_store_(context->GetClientCertStore()) { |
| 26 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 30 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 27 } | 31 } |
| 28 | 32 |
| 29 SSLClientAuthHandler::~SSLClientAuthHandler() { | 33 SSLClientAuthHandler::~SSLClientAuthHandler() { |
| 30 // If we were simply dropped, then act as if we selected no certificate. | 34 // If we were simply dropped, then act as if we selected no certificate. |
| 31 DoCertificateSelected(NULL); | 35 DoCertificateSelected(NULL); |
| 32 } | 36 } |
| 33 | 37 |
| 34 void SSLClientAuthHandler::OnRequestCancelled() { | 38 void SSLClientAuthHandler::OnRequestCancelled() { |
| 35 request_ = NULL; | 39 request_ = NULL; |
| 36 } | 40 } |
| 37 | 41 |
| 38 void SSLClientAuthHandler::SelectCertificate() { | 42 void SSLClientAuthHandler::SelectCertificate() { |
| 39 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 43 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 40 DCHECK(request_); | 44 DCHECK(request_); |
| 41 | 45 |
| 46 if (client_cert_store_) |
| 47 client_cert_store_->GetClientCerts( |
| 48 *cert_request_info_, |
| 49 &cert_request_info_->client_certs, |
| 50 base::Bind(&SSLClientAuthHandler::GotClientCerts, this)); |
| 51 else |
| 52 GotClientCerts(); |
| 53 } |
| 54 |
| 55 void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) { |
| 56 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 57 |
| 58 VLOG(1) << this << " CertificateSelected " << cert; |
| 59 BrowserThread::PostTask( |
| 60 BrowserThread::IO, FROM_HERE, |
| 61 base::Bind( |
| 62 &SSLClientAuthHandler::DoCertificateSelected, this, |
| 63 make_scoped_refptr(cert))); |
| 64 } |
| 65 |
| 66 void SSLClientAuthHandler::GotClientCerts() { |
| 67 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 68 // Request may have cancelled while we were getting client certs. |
| 69 if (!request_) |
| 70 return; |
| 71 |
| 72 if (client_cert_store_ && cert_request_info_->client_certs.empty()) { |
| 73 // No need to query the user if there are no certs to choose from. |
| 74 DoCertificateSelected(NULL); |
| 75 return; |
| 76 } |
| 77 |
| 42 int render_process_host_id; | 78 int render_process_host_id; |
| 43 int render_view_host_id; | 79 int render_view_host_id; |
| 44 if (!ResourceRequestInfo::ForRequest(request_)->GetAssociatedRenderView( | 80 if (!ResourceRequestInfo::ForRequest(request_)->GetAssociatedRenderView( |
| 45 &render_process_host_id, | 81 &render_process_host_id, |
| 46 &render_view_host_id)) | 82 &render_view_host_id)) |
| 47 NOTREACHED(); | 83 NOTREACHED(); |
| 48 | 84 |
| 49 // If the RVH does not exist by the time this task gets run, then the task | 85 // If the RVH does not exist by the time this task gets run, then the task |
| 50 // will be dropped and the scoped_refptr to SSLClientAuthHandler will go | 86 // will be dropped and the scoped_refptr to SSLClientAuthHandler will go |
| 51 // away, so we do not leak anything. The destructor takes care of ensuring | 87 // away, so we do not leak anything. The destructor takes care of ensuring |
| 52 // the net::URLRequest always gets a response. | 88 // the net::URLRequest always gets a response. |
| 53 BrowserThread::PostTask( | 89 BrowserThread::PostTask( |
| 54 BrowserThread::UI, FROM_HERE, | 90 BrowserThread::UI, FROM_HERE, |
| 55 base::Bind( | 91 base::Bind( |
| 56 &SSLClientAuthHandler::DoSelectCertificate, this, | 92 &SSLClientAuthHandler::DoSelectCertificate, this, |
| 57 render_process_host_id, render_view_host_id)); | 93 render_process_host_id, render_view_host_id)); |
| 58 } | 94 } |
| 59 | 95 |
| 60 void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) { | |
| 61 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 62 | |
| 63 VLOG(1) << this << " CertificateSelected " << cert; | |
| 64 BrowserThread::PostTask( | |
| 65 BrowserThread::IO, FROM_HERE, | |
| 66 base::Bind( | |
| 67 &SSLClientAuthHandler::DoCertificateSelected, this, | |
| 68 make_scoped_refptr(cert))); | |
| 69 } | |
| 70 | |
| 71 void SSLClientAuthHandler::DoCertificateSelected(net::X509Certificate* cert) { | 96 void SSLClientAuthHandler::DoCertificateSelected(net::X509Certificate* cert) { |
| 72 VLOG(1) << this << " DoCertificateSelected " << cert; | 97 VLOG(1) << this << " DoCertificateSelected " << cert; |
| 73 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 98 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 74 // request_ could have been NULLed if the request was cancelled while the | 99 // request_ could have been NULLed if the request was cancelled while the |
| 75 // user was choosing a cert, or because we have already responded to the | 100 // user was choosing a cert, or because we have already responded to the |
| 76 // certificate. | 101 // certificate. |
| 77 if (request_) { | 102 if (request_) { |
| 78 request_->ContinueWithCertificate(cert); | 103 request_->ContinueWithCertificate(cert); |
| 79 | 104 |
| 80 ResourceDispatcherHostImpl::Get()-> | 105 ResourceDispatcherHostImpl::Get()-> |
| 81 ClearSSLClientAuthHandlerForRequest(request_); | 106 ClearSSLClientAuthHandlerForRequest(request_); |
| 82 request_ = NULL; | 107 request_ = NULL; |
| 83 } | 108 } |
| 84 } | 109 } |
| 85 | 110 |
| 86 void SSLClientAuthHandler::DoSelectCertificate( | 111 void SSLClientAuthHandler::DoSelectCertificate( |
| 87 int render_process_host_id, int render_view_host_id) { | 112 int render_process_host_id, int render_view_host_id) { |
| 88 GetContentClient()->browser()->SelectClientCertificate( | 113 GetContentClient()->browser()->SelectClientCertificate( |
| 89 render_process_host_id, | 114 render_process_host_id, |
| 90 render_view_host_id, | 115 render_view_host_id, |
| 91 http_network_session_, | 116 http_network_session_, |
| 92 cert_request_info_.get(), | 117 cert_request_info_.get(), |
| 93 base::Bind(&SSLClientAuthHandler::CertificateSelected, this)); | 118 base::Bind(&SSLClientAuthHandler::CertificateSelected, this)); |
| 94 } | 119 } |
| 95 | 120 |
| 96 } // namespace content | 121 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 42773002:
Get ClientCertStore through ResourceContext. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src