An implementation of chrome.socket.secure().

extensions/browser/api/sockets_tcp/sockets_tcp_api.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/browser/api/sockets_tcp/sockets_tcp_api.h"
 
+#include "chrome/browser/profiles/profile.h"
 #include "chrome/common/extensions/api/sockets/sockets_manifest_data.h"
 #include "content/public/common/socket_permission_request.h"
 #include "extensions/browser/api/socket/tcp_socket.h"
+#include "extensions/browser/api/socket/tls_socket.h"
 #include "extensions/browser/api/sockets_tcp/tcp_socket_event_dispatcher.h"
 #include "net/base/net_errors.h"
+#include "net/url_request/url_request_context_getter.h"
 
 using extensions::ResumableTCPSocket;
 using extensions::core_api::sockets_tcp::SocketInfo;
 using extensions::core_api::sockets_tcp::SocketProperties;
 
 namespace {
 
 const char kSocketNotFoundError[] = "Socket not found";
 const char kPermissionError[] = "Does not have permission";
+const char kInvalidSocketStateError[] =
+    "Socket must be a connected client TCP socket.";
+const char kSocketNotConnectedError[] = "Socket not connected";
 
 linked_ptr<SocketInfo> CreateSocketInfo(int socket_id,
                                         ResumableTCPSocket* socket) {
   linked_ptr<SocketInfo> socket_info(new SocketInfo());
   // This represents what we know about the socket, and does not call through
   // to the system.
   socket_info->socket_id = socket_id;
   if (!socket->name().empty()) {
     socket_info->name.reset(new std::string(socket->name()));
   }
@@ skipping 223 matching lines @@
 }
 
 void SocketsTcpConnectFunction::AsyncWorkStart() {
   ResumableTCPSocket* socket = GetTcpSocket(params_->socket_id);
   if (!socket) {
     error_ = kSocketNotFoundError;
     AsyncWorkCompleted();
     return;
   }
 
+  socket->set_hostname(params_->peer_address);
+
   content::SocketPermissionRequest param(SocketPermissionRequest::TCP_CONNECT,
                                          params_->peer_address,
                                          params_->peer_port);
   if (!SocketsManifestData::CheckRequest(GetExtension(), param)) {
     error_ = kPermissionError;
     AsyncWorkCompleted();
     return;
   }
 
   StartDnsLookup(params_->peer_address);
@@ skipping 160 matching lines @@
       int socket_id = *it;
       ResumableTCPSocket* socket = GetTcpSocket(socket_id);
       if (socket) {
         socket_infos.push_back(CreateSocketInfo(socket_id, socket));
       }
     }
   }
   results_ = sockets_tcp::GetSockets::Results::Create(socket_infos);
 }
 
-}  // namespace core_api
+SocketsTcpSecureFunction::SocketsTcpSecureFunction() {}
+SocketsTcpSecureFunction::~SocketsTcpSecureFunction() {}
+
+bool SocketsTcpSecureFunction::Prepare() {
+  DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
+  params_ = core_api::sockets_tcp::Secure::Params::Create(*args_);
+  EXTENSION_FUNCTION_VALIDATE(params_.get());
+  url_request_getter_ = browser_context()->GetRequestContext();
+  return true;
+}
+
+// Override the regular implementation, which would call AsyncWorkCompleted
+// immediately after Work().
+void SocketsTcpSecureFunction::AsyncWorkStart() {
+  DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
+
+  ResumableTCPSocket* socket = GetTcpSocket(params_->socket_id);
+  if (!socket) {
+    SetResult(new base::FundamentalValue(net::ERR_INVALID_ARGUMENT));
+    error_ = kSocketNotFoundError;
+    AsyncWorkCompleted();
+    return;
+  }
+
+  paused_ = socket->paused();
+  persistent_ = socket->persistent();
+
+  // Make sure it's a connected TCP client socket. Error out if it's already
+  // secure()'d.
+  if (socket->GetSocketType() != Socket::TYPE_TCP ||
+      socket->ClientStream() == NULL) {
+    SetResult(new base::FundamentalValue(net::ERR_INVALID_ARGUMENT));
+    error_ = kInvalidSocketStateError;
+    AsyncWorkCompleted();
+    return;
+  }
+
+  if (!socket->IsConnected()) {
+    SetResult(new base::FundamentalValue(net::ERR_INVALID_ARGUMENT));
+    error_ = kSocketNotConnectedError;
+    AsyncWorkCompleted();
+    return;
+  }
+
+  Profile* profile = Profile::FromBrowserContext(browser_context());
+  DCHECK(profile);
+
+  scoped_refptr<net::SSLConfigService> config_service(
+      profile->GetSSLConfigService());
+
+  // UpgradeSocketToTLS() uses the older API's SecureOptions.  Copy the only
+  // values inside -- the TLSVersionConstraints's |min| and |max|, over.
+  core_api::socket::SecureOptions legacy_params;
+  if (params_->options.get() && params_->options->tls_version.get()) {
+    legacy_params.tls_version.reset(
+        new core_api::socket::TLSVersionConstraints);
+    if (params_->options->tls_version->min.get()) {
+      legacy_params.tls_version->min.reset(
+          new std::string(*params_->options->tls_version->min.get()));
+    }
+    if (params_->options->tls_version->max.get()) {
+      legacy_params.tls_version->max.reset(
+          new std::string(*params_->options->tls_version->max.get()));
+    }
+  }
+
+  TLSSocket::UpgradeSocketToTLS(
+      socket,
+      config_service,
+      url_request_getter_,
+      extension_id(),
+      &legacy_params,
+      base::Bind(&SocketsTcpSecureFunction::TlsConnectDone, this));
+}
+
+void SocketsTcpSecureFunction::TlsConnectDone(scoped_ptr<TLSSocket> socket,
+                                              int result) {
+  // |socket| can only be non-null if |result| == net::OK.
+  DCHECK(result == net::OK || socket == NULL);
+
+  if (socket && result == net::OK) {
+    socket->set_persistent(persistent_);
+    socket->set_paused(paused_);
+    ReplaceSocket(params_->socket_id, socket.release());
+  } else {
+    RemoveSocket(params_->socket_id);
+    error_ = net::ErrorToString(result);
+  }
+
+  results_ = core_api::sockets_tcp::Secure::Results::Create(result);
+  AsyncWorkCompleted();
+}
+
+}  // namespace api
 }  // namespace extensions