Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_openssl.cc

Issue 655813003: Close SSLClientSocketOpenSSL cleanly if the transport was closed. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rsleevi comment Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle
6 // of operation is derived from SSLClientSocketNSS. 6 // of operation is derived from SSLClientSocketNSS.
7 7
8 #include "net/socket/ssl_client_socket_openssl.h" 8 #include "net/socket/ssl_client_socket_openssl.h"
9 9
10 #include <errno.h> 10 #include <errno.h>
(...skipping 1345 matching lines...) Expand 10 before | Expand all | Expand 10 after
1356 pending_read_error_ = rv; 1356 pending_read_error_ = rv;
1357 rv = total_bytes_read; 1357 rv = total_bytes_read;
1358 next_result = &pending_read_error_; 1358 next_result = &pending_read_error_;
1359 } 1359 }
1360 1360
1361 if (client_auth_cert_needed_) { 1361 if (client_auth_cert_needed_) {
1362 *next_result = ERR_SSL_CLIENT_AUTH_CERT_NEEDED; 1362 *next_result = ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
1363 } else if (*next_result < 0) { 1363 } else if (*next_result < 0) {
1364 int err = SSL_get_error(ssl_, *next_result); 1364 int err = SSL_get_error(ssl_, *next_result);
1365 *next_result = MapOpenSSLError(err, err_tracer); 1365 *next_result = MapOpenSSLError(err, err_tracer);
1366
1367 // Many servers do not reliably send a close_notify alert when shutting
1368 // down a connection, and instead terminate the TCP connection. This is
1369 // reported as ERR_CONNECTION_CLOSED. Because of this, map the unclean
1370 // shutdown to a graceful EOF, instead of treating it as an error as it
1371 // should be.
1372 if (*next_result == ERR_CONNECTION_CLOSED)
1373 *next_result = 0;
1374
1366 if (rv > 0 && *next_result == ERR_IO_PENDING) { 1375 if (rv > 0 && *next_result == ERR_IO_PENDING) {
1367 // If at least some data was read from SSL_read(), do not treat 1376 // If at least some data was read from SSL_read(), do not treat
1368 // insufficient data as an error to return in the next call to 1377 // insufficient data as an error to return in the next call to
1369 // DoPayloadRead() - instead, let the call fall through to check 1378 // DoPayloadRead() - instead, let the call fall through to check
1370 // SSL_read() again. This is because DoTransportIO() may complete 1379 // SSL_read() again. This is because DoTransportIO() may complete
1371 // in between the next call to DoPayloadRead(), and thus it is 1380 // in between the next call to DoPayloadRead(), and thus it is
1372 // important to check SSL_read() on subsequent invocations to see 1381 // important to check SSL_read() on subsequent invocations to see
1373 // if a complete record may now be read. 1382 // if a complete record may now be read.
1374 *next_result = kNoPendingReadResult; 1383 *next_result = kNoPendingReadResult;
1375 } 1384 }
(...skipping 395 matching lines...) Expand 10 before | Expand all | Expand 10 after
1771 ct::SCT_STATUS_LOG_UNKNOWN)); 1780 ct::SCT_STATUS_LOG_UNKNOWN));
1772 } 1781 }
1773 } 1782 }
1774 1783
1775 scoped_refptr<X509Certificate> 1784 scoped_refptr<X509Certificate>
1776 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { 1785 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
1777 return server_cert_; 1786 return server_cert_;
1778 } 1787 }
1779 1788
1780 } // namespace net 1789 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698