net/socket/ssl_client_socket_mac.cc - Issue 500018: Handle unexpected connection close during SSL handshake on Mac

Side by Side Diff: net/socket/ssl_client_socket_mac.cc

Issue 500018: Handle unexpected connection close during SSL handshake on Mac (Closed)

Patch Set: Created 11 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/socket/ssl_client_socket_mac.h"	5 #include "net/socket/ssl_client_socket_mac.h"

6	6

7 #include "base/scoped_cftyperef.h"	7 #include "base/scoped_cftyperef.h"

8 #include "base/singleton.h"	8 #include "base/singleton.h"

9 #include "base/string_util.h"	9 #include "base/string_util.h"

10 #include "net/base/cert_verifier.h"	10 #include "net/base/cert_verifier.h"

(...skipping 692 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
703 next_handshake_state_ = STATE_VERIFY_CERT;	703 next_handshake_state_ = STATE_VERIFY_CERT;

704 if (status == errSSLServerAuthCompletedFlag) {	704 if (status == errSSLServerAuthCompletedFlag) {

705 // Override errSSLServerAuthCompletedFlag as it's not actually an error,	705 // Override errSSLServerAuthCompletedFlag as it's not actually an error,

706 // but rather an indication that we're only half way through the	706 // but rather an indication that we're only half way through the

707 // handshake.	707 // handshake.

708 handshake_interrupted_ = true;	708 handshake_interrupted_ = true;

709 status = noErr;	709 status = noErr;

710 }	710 }

711 }	711 }

712	712

	713 if (status == errSSLClosedGraceful)

	714 // The server unexpectedly closed on us.

	715 return ERR_UNEXPECTED;
	wtc 2009/12/16 00:48:52 Please add curly braces {} to this if statement be Please add curly braces {} to this if statement because with the comment the if body has two lines. Please use ERR_SSL_PROTOCOL_ERROR instead of ERR_UNEXPECTED. ERR_UNEXPECTED means the unexpected error is our own fault (i.e., a programming error). So, if a server behaves unexpectedly, it is the server's fault, and we have to handle any unexpected external input properly.
	716

713 int net_error = NetErrorFromOSStatus(status);	717 int net_error = NetErrorFromOSStatus(status);

714 if (status == noErr \|\| IsCertificateError(net_error)) {	718 if (status == noErr \|\| IsCertificateError(net_error)) {

715 server_cert_ = GetServerCert(ssl_context_);	719 server_cert_ = GetServerCert(ssl_context_);

716 if (!server_cert_)	720 if (!server_cert_)

717 return ERR_UNEXPECTED;	721 return ERR_UNEXPECTED;

718 }	722 }

719 return net_error;	723 return net_error;

720 }	724 }

721	725

722 int SSLClientSocketMac::DoVerifyCert() {	726 int SSLClientSocketMac::DoVerifyCert() {

(...skipping 35 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
758	762

759 return result;	763 return result;

760 }	764 }

761	765

762 int SSLClientSocketMac::DoHandshakeFinish() {	766 int SSLClientSocketMac::DoHandshakeFinish() {

763 OSStatus status = SSLHandshake(ssl_context_);	767 OSStatus status = SSLHandshake(ssl_context_);

764	768

765 if (status == errSSLWouldBlock)	769 if (status == errSSLWouldBlock)

766 next_handshake_state_ = STATE_HANDSHAKE_FINISH;	770 next_handshake_state_ = STATE_HANDSHAKE_FINISH;

767	771

	772 if (status == errSSLClosedGraceful)

	773 return ERR_UNEXPECTED;
	wtc 2009/12/16 00:48:52 Same here: please use ERR_SSL_PROTOCOL_ERROR inste Same here: please use ERR_SSL_PROTOCOL_ERROR instead.
	774

768 if (status == noErr) {	775 if (status == noErr) {

769 completed_handshake_ = true;	776 completed_handshake_ = true;

770 DCHECK(next_handshake_state_ == STATE_NONE);	777 DCHECK(next_handshake_state_ == STATE_NONE);

771 }	778 }

772	779

773 return NetErrorFromOSStatus(status);	780 return NetErrorFromOSStatus(status);

774 }	781 }

775	782

776 int SSLClientSocketMac::DoPayloadRead() {	783 int SSLClientSocketMac::DoPayloadRead() {

777 size_t processed = 0;	784 size_t processed = 0;

(...skipping 131 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
909 if (rv < 0 && rv != ERR_IO_PENDING) {	916 if (rv < 0 && rv != ERR_IO_PENDING) {

910 us->write_io_buf_ = NULL;	917 us->write_io_buf_ = NULL;

911 return OSStatusFromNetError(rv);	918 return OSStatusFromNetError(rv);

912 }	919 }

913	920

914 // always lie to our caller	921 // always lie to our caller

915 return noErr;	922 return noErr;

916 }	923 }

917	924

918 } // namespace net	925 } // namespace net

OLD	NEW

« no previous file with comments | « chrome/browser/extensions/cross_origin_xhr_apitest.cc ('k') | no next file » | no next file with comments »