Chromium Code Reviews Chromium Code Reviews
Issue 596873002:
Remove SSLClientAuthHandler's RDH dependency. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_client_auth_handler.h" | 5 #include "content/browser/ssl/ssl_client_auth_handler.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "content/browser/loader/resource_dispatcher_host_impl.h" | |
| 9 #include "content/browser/loader/resource_request_info_impl.h" | 8 #include "content/browser/loader/resource_request_info_impl.h" |
| 10 #include "content/public/browser/browser_thread.h" | 9 #include "content/public/browser/browser_thread.h" |
| 11 #include "content/public/browser/content_browser_client.h" | 10 #include "content/public/browser/content_browser_client.h" |
| 12 #include "net/cert/x509_certificate.h" | 11 #include "net/cert/x509_certificate.h" |
| 13 #include "net/http/http_transaction_factory.h" | |
| 14 #include "net/ssl/client_cert_store.h" | 12 #include "net/ssl/client_cert_store.h" |
| 15 #include "net/url_request/url_request.h" | 13 #include "net/url_request/url_request.h" |
| 16 #include "net/url_request/url_request_context.h" | |
| 17 | 14 |
| 18 namespace content { | 15 namespace content { |
| 19 | 16 |
| 20 SSLClientAuthHandler::SSLClientAuthHandler( | 17 SSLClientAuthHandler::SSLClientAuthHandler( |
| 21 scoped_ptr<net::ClientCertStore> client_cert_store, | 18 scoped_ptr<net::ClientCertStore> client_cert_store, |
| 22 net::URLRequest* request, | 19 net::URLRequest* request, |
| 23 net::SSLCertRequestInfo* cert_request_info) | 20 net::SSLCertRequestInfo* cert_request_info, |
| 21 const SSLClientAuthHandler::CertificateCallback& callback) | |
| 24 : request_(request), | 22 : request_(request), |
| 25 http_network_session_( | |
| 26 request_->context()->http_transaction_factory()->GetSession()), | |
| 27 cert_request_info_(cert_request_info), | 23 cert_request_info_(cert_request_info), |
| 28 client_cert_store_(client_cert_store.Pass()) { | 24 client_cert_store_(client_cert_store.Pass()), |
| 25 callback_(callback), | |
| 26 weak_factory_(this) { | |
| 29 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 27 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 30 } | 28 } |
| 31 | 29 |
| 32 SSLClientAuthHandler::~SSLClientAuthHandler() { | 30 SSLClientAuthHandler::~SSLClientAuthHandler() { |
| 33 // If we were simply dropped, then act as if we selected no certificate. | |
| 34 DoCertificateSelected(NULL); | |
| 35 } | |
| 36 | |
| 37 void SSLClientAuthHandler::OnRequestCancelled() { | |
| 38 request_ = NULL; | |
| 39 } | 31 } |
| 40 | 32 |
| 41 void SSLClientAuthHandler::SelectCertificate() { | 33 void SSLClientAuthHandler::SelectCertificate() { |
| 42 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 34 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 43 DCHECK(request_); | |
| 44 | 35 |
| 45 if (client_cert_store_) { | 36 if (client_cert_store_) { |
| 46 client_cert_store_->GetClientCerts( | 37 client_cert_store_->GetClientCerts( |
| 47 *cert_request_info_, | 38 *cert_request_info_, |
| 48 &cert_request_info_->client_certs, | 39 &cert_request_info_->client_certs, |
| 49 base::Bind(&SSLClientAuthHandler::DidGetClientCerts, this)); | 40 base::Bind(&SSLClientAuthHandler::DidGetClientCerts, |
| 41 weak_factory_.GetWeakPtr())); | |
| 50 } else { | 42 } else { |
| 51 DidGetClientCerts(); | 43 DidGetClientCerts(); |
| 52 } | 44 } |
| 53 } | 45 } |
| 54 | 46 |
| 55 void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) { | |
| 56 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 57 | |
| 58 VLOG(1) << this << " CertificateSelected " << cert; | |
| 59 BrowserThread::PostTask( | |
| 60 BrowserThread::IO, FROM_HERE, | |
| 61 base::Bind( | |
| 62 &SSLClientAuthHandler::DoCertificateSelected, this, | |
| 63 make_scoped_refptr(cert))); | |
| 64 } | |
| 65 | |
| 66 void SSLClientAuthHandler::DidGetClientCerts() { | 47 void SSLClientAuthHandler::DidGetClientCerts() { |
| 67 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 48 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 68 // Request may have cancelled while we were getting client certs. | |
| 69 if (!request_) | |
| 70 return; | |
| 71 | 49 |
| 72 // Note that if |client_cert_store_| is NULL, we intentionally fall through to | 50 // Note that if |client_cert_store_| is NULL, we intentionally fall through to |
| 73 // DoCertificateSelected. This is for platforms where the client cert matching | 51 // DoCertificateSelected. This is for platforms where the client cert matching |
| 74 // is not performed by Chrome, the platform can handle the cert matching | 52 // is not performed by Chrome. Those platforms handle the cert matching before |
| 75 // before showing the dialog. | 53 // showing the dialog. |
| 76 if (client_cert_store_ && cert_request_info_->client_certs.empty()) { | 54 if (client_cert_store_ && cert_request_info_->client_certs.empty()) { |
| 77 // No need to query the user if there are no certs to choose from. | 55 // No need to query the user if there are no certs to choose from. |
| 78 DoCertificateSelected(NULL); | 56 CertificateSelected(NULL); |
| 79 return; | 57 return; |
| 80 } | 58 } |
| 81 | 59 |
| 82 int render_process_host_id; | 60 int render_process_host_id; |
| 83 int render_frame_host_id; | 61 int render_frame_host_id; |
| 84 if (!ResourceRequestInfo::ForRequest(request_)->GetAssociatedRenderFrame( | 62 if (!ResourceRequestInfo::ForRequest(request_)->GetAssociatedRenderFrame( |
| 85 &render_process_host_id, | 63 &render_process_host_id, |
| 86 &render_frame_host_id)) | 64 &render_frame_host_id)) { |
| 87 NOTREACHED(); | 65 NOTREACHED(); |
| 66 CertificateSelected(NULL); | |
| 67 return; | |
| 68 } | |
| 88 | 69 |
| 89 // If the RVH does not exist by the time this task gets run, then the task | |
| 90 // will be dropped and the scoped_refptr to SSLClientAuthHandler will go | |
| 91 // away, so we do not leak anything. The destructor takes care of ensuring | |
| 92 // the net::URLRequest always gets a response. | |
| 93 BrowserThread::PostTask( | 70 BrowserThread::PostTask( |
| 94 BrowserThread::UI, FROM_HERE, | 71 BrowserThread::UI, FROM_HERE, |
| 95 base::Bind( | 72 base::Bind(&SSLClientAuthHandler::SelectCertificateOnUIThread, |
| 96 &SSLClientAuthHandler::DoSelectCertificate, this, | 73 weak_factory_.GetWeakPtr(), |
| 97 render_process_host_id, render_frame_host_id)); | 74 render_process_host_id, render_frame_host_id, |
| 75 cert_request_info_)); | |
| 98 } | 76 } |
| 99 | 77 |
| 100 void SSLClientAuthHandler::DoCertificateSelected(net::X509Certificate* cert) { | 78 // static |
| 79 void SSLClientAuthHandler::SelectCertificateOnUIThread( | |
| 80 const base::WeakPtr<SSLClientAuthHandler>& handler, | |
| 81 int render_process_host_id, | |
| 82 int render_frame_host_id, | |
| 83 net::SSLCertRequestInfo* cert_request_info) { | |
| 84 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
|
mmenke
2014/09/24 18:03:41
Should include base/logging.h for DCHECK (Was an i
davidben
2014/09/26 18:49:49
Done.
| |
| 85 | |
| 86 GetContentClient()->browser()->SelectClientCertificate( | |
| 87 render_process_host_id, render_frame_host_id, cert_request_info, | |
| 88 base::Bind(&SSLClientAuthHandler::CertificateSelectedOnUIThread, | |
| 89 handler)); | |
|
mmenke
2014/09/24 18:03:41
Can we move these two static functions into an ano
davidben
2014/09/26 18:49:49
Heh. I'd actually made them static to avoid the ex
| |
| 90 } | |
| 91 | |
| 92 // static | |
| 93 void SSLClientAuthHandler::CertificateSelectedOnUIThread( | |
| 94 const base::WeakPtr<SSLClientAuthHandler>& handler, | |
| 95 net::X509Certificate* cert) { | |
| 96 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 97 | |
| 98 BrowserThread::PostTask( | |
| 99 BrowserThread::IO, FROM_HERE, | |
| 100 base::Bind(&SSLClientAuthHandler::CertificateSelected, | |
| 101 handler, make_scoped_refptr(cert))); | |
| 102 } | |
| 103 | |
| 104 void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) { | |
| 101 VLOG(1) << this << " DoCertificateSelected " << cert; | 105 VLOG(1) << this << " DoCertificateSelected " << cert; |
| 102 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 106 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 103 // request_ could have been NULLed if the request was cancelled while the | |
| 104 // user was choosing a cert, or because we have already responded to the | |
| 105 // certificate. | |
| 106 if (request_) { | |
| 107 request_->ContinueWithCertificate(cert); | |
| 108 | 107 |
| 109 ResourceDispatcherHostImpl::Get()-> | 108 callback_.Run(cert); |
| 110 ClearSSLClientAuthHandlerForRequest(request_); | 109 // |this| may be deleted at this point. |
| 111 request_ = NULL; | |
| 112 } | |
| 113 } | |
| 114 | |
| 115 void SSLClientAuthHandler::DoSelectCertificate( | |
| 116 int render_process_host_id, int render_frame_host_id) { | |
| 117 GetContentClient()->browser()->SelectClientCertificate( | |
| 118 render_process_host_id, | |
| 119 render_frame_host_id, | |
| 120 http_network_session_, | |
| 121 cert_request_info_.get(), | |
| 122 base::Bind(&SSLClientAuthHandler::CertificateSelected, this)); | |
| 123 } | 110 } |
| 124 | 111 |
| 125 } // namespace content | 112 } // namespace content |
| OLD | NEW |
