Cancel client auth requests when not promptable.

content/browser/ssl/ssl_client_auth_handler.h

Index: content/browser/ssl/ssl_client_auth_handler.h
diff --git a/content/browser/ssl/ssl_client_auth_handler.h b/content/browser/ssl/ssl_client_auth_handler.h
index 75976877a3cecbb9642726379eadb1bb92d5a538..b9c2447c7f48cdb384b37ccbbdf8355c0f8b8825 100644
--- a/content/browser/ssl/ssl_client_auth_handler.h
+++ b/content/browser/ssl/ssl_client_auth_handler.h
@@ -7,8 +7,10 @@
 
 #include "base/basictypes.h"
 #include "base/callback.h"
+#include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
+#include "content/common/content_export.h"
 #include "content/public/browser/browser_thread.h"
 #include "net/ssl/ssl_cert_request_info.h"
 
@@ -23,30 +25,56 @@ namespace content {
 // This class handles the approval and selection of a certificate for SSL client
 // authentication by the user. Should only be used on the IO thread. If the
 // SSLClientAuthHandler is destroyed before the certificate is selected, the
-// selection is canceled and the callback never called.
+// selection is canceled and the delegate never called.
 class SSLClientAuthHandler {
  public:
-  using CertificateCallback = base::Callback<void(net::X509Certificate*)>;
+  // Delegate interface for SSLClientAuthHandler. Method implementations may
+  // delete the handler when called.
+  class CONTENT_EXPORT Delegate {
+   public:
+    Delegate() {}
 
+    // Called to continue the request with |cert|. |cert| may be nullptr.
+    virtual void ContinueWithCertificate(net::X509Certificate* cert) = 0;
+
+    // Called to cancel the certificate selection and abort the request.
+    virtual void CancelCertificateSelection() = 0;
+
+   protected:
+    virtual ~Delegate() {}
+
+   private:
+    DISALLOW_COPY_AND_ASSIGN(Delegate);
+  };
+
+  // Creates a new SSLClientAuthHandler. The caller ensures that the handler
+  // does not outlive |request| or |delegate|.
   SSLClientAuthHandler(scoped_ptr<net::ClientCertStore> client_cert_store,
                        net::URLRequest* request,
                        net::SSLCertRequestInfo* cert_request_info,
-                       const CertificateCallback& callback);
+                       Delegate* delegate);
   ~SSLClientAuthHandler();
 
   // Selects a certificate and resumes the URL request with that certificate.
   void SelectCertificate();
 
+  // Called to continue the request associated with |handler| using |cert|. This
+  // is static to avoid deleting |handler| while it is on the stack.
+  static void ContinueWithCertificate(
+      const base::WeakPtr<SSLClientAuthHandler>& handler,
+      net::X509Certificate* cert);
+
+  // Called to abort the request associated with |handler|. This is static to
+  // avoid deleting |handler| while it is on the stack.
+  static void CancelCertificateSelection(
+      const base::WeakPtr<SSLClientAuthHandler>& handler);
+
  private:
   class Core;
 
   // Called when |core_| is done retrieving the cert list.
   void DidGetClientCerts();
 
-  // Called when the user has selected a cert. If the user chose to continue
-  // with no certificate, |cert| is NULL.
-  void CertificateSelected(net::X509Certificate* cert);
-
   // A reference-counted core so the ClientCertStore may outlive
   // SSLClientAuthHandler if the handler is destroyed while an operation on the
   // ClientCertStore is in progress.
@@ -58,8 +86,8 @@ class SSLClientAuthHandler {
   // The certs to choose from.
   scoped_refptr<net::SSLCertRequestInfo> cert_request_info_;
 
-  // The callback to call when the certificate is selected.
-  CertificateCallback callback_;
+  // The delegate to call back with the result.
+  Delegate* delegate_;
 
   base::WeakPtrFactory<SSLClientAuthHandler> weak_factory_;