Add TLS-SRP (RFC 5054) support

net/http/http_cache_transaction.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_cache_transaction.h"
 
 #include "build/build_config.h"
 
 #if defined(OS_POSIX)
 #include <unistd.h>
 #endif
 
 #include <string>
 
 #include "base/compiler_specific.h"
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/ref_counted.h"
 #include "base/string_util.h"
 #include "base/time.h"
+#include "base/utf_string_conversions.h"
+#include "net/base/auth.h"
 #include "net/base/cert_status_flags.h"
 #include "net/base/io_buffer.h"
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_log.h"
+#include "net/base/net_util.h"
 #include "net/base/ssl_cert_request_info.h"
 #include "net/base/ssl_config_service.h"
 #include "net/disk_cache/disk_cache.h"
 #include "net/http/disk_cache_based_ssl_host_info.h"
 #include "net/http/http_request_info.h"
 #include "net/http/http_response_headers.h"
 #include "net/http/http_transaction.h"
 #include "net/http/http_util.h"
 #include "net/http/partial_data.h"
 
@@ skipping 62 matching lines @@
 //-----------------------------------------------------------------------------
 
 HttpCache::Transaction::Transaction(HttpCache* cache)
     : next_state_(STATE_NONE),
       request_(NULL),
       cache_(cache->AsWeakPtr()),
       entry_(NULL),
       new_entry_(NULL),
       network_trans_(NULL),
       callback_(NULL),
+      tls_login_auth_data_(NULL),
       new_response_(NULL),
       mode_(NONE),
       target_state_(STATE_NONE),
       reading_(false),
       invalid_range_(false),
       truncated_(false),
       is_sparse_(false),
       server_responded_206_(false),
       cache_pending_(false),
       read_offset_(0),
@@ skipping 168 matching lines @@
     return ERR_UNEXPECTED;
 
   int rv = RestartNetworkRequestWithCertificate(client_cert);
 
   if (rv == ERR_IO_PENDING)
     callback_ = callback;
 
   return rv;
 }
 
+void HttpCache::Transaction::SetTLSLoginAuthData(AuthData* auth_data) {
+  if (network_trans_.get())
+    network_trans_->SetTLSLoginAuthData(auth_data);
+  tls_login_auth_data_ = auth_data;
+}
+
+int HttpCache::Transaction::RestartWithTLSLogin(CompletionCallback *callback) {
+  DCHECK(callback);
+
+  // Ensure that we only have one asynchronous call at a time.
+  DCHECK(!callback_);
+
+  if (!cache_)
+    return ERR_UNEXPECTED;
+
+  int rv;
+
+  if (network_trans_.get()) {
+    rv = RestartNetworkRequestWithTLSLogin();
+  } else {
+    // Start the transaction.
+    next_state_ = STATE_SEND_REQUEST;
+    rv = DoLoop(OK);
+  }
+
+  if (rv == ERR_IO_PENDING)
+    callback_ = callback;
+
+  return rv;
+}
+
 int HttpCache::Transaction::RestartWithAuth(
     const string16& username,
     const string16& password,
     CompletionCallback* callback) {
   DCHECK(auth_response_.headers);
   DCHECK(callback);
 
   // Ensure that we only have one asynchronous call at a time.
   DCHECK(!callback_);
 
@@ skipping 69 matching lines @@
 }
 
 void HttpCache::Transaction::StopCaching() {
 }
 
 const HttpResponseInfo* HttpCache::Transaction::GetResponseInfo() const {
   // Null headers means we encountered an error or haven't a response yet
   if (auth_response_.headers)
     return &auth_response_;
   return (response_.headers || response_.ssl_info.cert ||
-          response_.cert_request_info) ? &response_ : NULL;
+          !response_.ssl_info.tls_username.empty() ||
+          response_.cert_request_info || response_.login_request_info) ?
+      &response_ : NULL;
 }
 
 LoadState HttpCache::Transaction::GetLoadState() const {
   LoadState state = GetWriterLoadState();
   if (state != LOAD_STATE_WAITING_FOR_CACHE)
     return state;
 
   if (cache_)
     return cache_->GetLoadStateForPendingTransaction(this);
 
@@ skipping 239 matching lines @@
 
 int HttpCache::Transaction::DoSendRequest() {
   DCHECK(mode_ & WRITE || mode_ == NONE);
   DCHECK(!network_trans_.get());
 
   // Create a network transaction.
   int rv = cache_->network_layer_->CreateTransaction(&network_trans_);
   if (rv != OK)
     return rv;
 
+  if (tls_login_auth_data_ &&
+      tls_login_auth_data_->state == AUTH_STATE_HAVE_AUTH) {
+    network_trans_->SetTLSLoginAuthData(tls_login_auth_data_);
+  }
+
   next_state_ = STATE_SEND_REQUEST_COMPLETE;
   rv = network_trans_->Start(request_, &io_callback_, net_log_);
   return rv;
 }
 
 int HttpCache::Transaction::DoSendRequestComplete(int result) {
   if (!cache_)
     return ERR_UNEXPECTED;
 
   if (result == OK) {
     next_state_ = STATE_SUCCESSFUL_SEND_REQUEST;
     return OK;
   }
 
   if (IsCertificateError(result)) {
     const HttpResponseInfo* response = network_trans_->GetResponseInfo();
     // If we get a certificate error, then there is a certificate in ssl_info,
     // so GetResponseInfo() should never returns NULL here.
     DCHECK(response);
     response_.ssl_info = response->ssl_info;
   } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
     const HttpResponseInfo* response = network_trans_->GetResponseInfo();
     DCHECK(response);
     response_.cert_request_info = response->cert_request_info;
+  } else if (result == ERR_TLS_CLIENT_LOGIN_NEEDED ||
+             result == ERR_TLS_CLIENT_LOGIN_FAILED) {
+    const HttpResponseInfo* response = network_trans_->GetResponseInfo();
+    DCHECK(response);
+    response_.login_request_info = response->login_request_info;
   }
   return result;
 }
 
 // We received the response headers and there is no error.
 int HttpCache::Transaction::DoSuccessfulSendRequest() {
   DCHECK(!new_response_);
   const HttpResponseInfo* new_response = network_trans_->GetResponseInfo();
   if (new_response->headers->response_code() == 401 ||
       new_response->headers->response_code() == 407) {
@@ skipping 885 matching lines @@
   DCHECK(network_trans_.get());
   DCHECK_EQ(STATE_NONE, next_state_);
 
   next_state_ = STATE_SEND_REQUEST_COMPLETE;
   int rv = network_trans_->RestartWithCertificate(client_cert, &io_callback_);
   if (rv != ERR_IO_PENDING)
     return DoLoop(rv);
   return rv;
 }
 
+int HttpCache::Transaction::RestartNetworkRequestWithTLSLogin() {
+  DCHECK(mode_ & WRITE || mode_ == NONE);
+  DCHECK(network_trans_.get());
+  DCHECK_EQ(STATE_NONE, next_state_);
+
+  next_state_ = STATE_SEND_REQUEST_COMPLETE;
+  int rv = network_trans_->RestartWithTLSLogin(&io_callback_);
+  if (rv != ERR_IO_PENDING)
+    return DoLoop(rv);
+  return rv;
+}
+
 int HttpCache::Transaction::RestartNetworkRequestWithAuth(
     const string16& username,
     const string16& password) {
   DCHECK(mode_ & WRITE || mode_ == NONE);
   DCHECK(network_trans_.get());
   DCHECK_EQ(STATE_NONE, next_state_);
 
   next_state_ = STATE_SEND_REQUEST_COMPLETE;
   int rv = network_trans_->RestartWithAuth(username, password, &io_callback_);
   if (rv != ERR_IO_PENDING)
@@ skipping 324 matching lines @@
     next_state_ = STATE_START_PARTIAL_CACHE_VALIDATION;
   }
   return result;
 }
 
 void HttpCache::Transaction::OnIOComplete(int result) {
   DoLoop(result);
 }
 
 }  // namespace net