Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(411)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket_stream/socket_stream.cc

Issue 10830256: Check ignore-certificate-erros in SocketStream (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // TODO(ukai): code is similar with http_network_transaction.cc. We should 5 // TODO(ukai): code is similar with http_network_transaction.cc. We should
6 // think about ways to share code, if possible. 6 // think about ways to share code, if possible.
7 7
8 #include "net/socket_stream/socket_stream.h" 8 #include "net/socket_stream/socket_stream.h"
9 9
10 #include <set> 10 #include <set>
(...skipping 11 matching lines...) Expand all
22 #include "net/base/auth.h" 22 #include "net/base/auth.h"
23 #include "net/base/host_resolver.h" 23 #include "net/base/host_resolver.h"
24 #include "net/base/io_buffer.h" 24 #include "net/base/io_buffer.h"
25 #include "net/base/net_errors.h" 25 #include "net/base/net_errors.h"
26 #include "net/base/net_util.h" 26 #include "net/base/net_util.h"
27 #include "net/base/ssl_cert_request_info.h" 27 #include "net/base/ssl_cert_request_info.h"
28 #include "net/http/http_auth_handler_factory.h" 28 #include "net/http/http_auth_handler_factory.h"
29 #include "net/http/http_network_session.h" 29 #include "net/http/http_network_session.h"
30 #include "net/http/http_request_info.h" 30 #include "net/http/http_request_info.h"
31 #include "net/http/http_response_headers.h" 31 #include "net/http/http_response_headers.h"
32 #include "net/http/http_stream_factory.h"
32 #include "net/http/http_transaction_factory.h" 33 #include "net/http/http_transaction_factory.h"
33 #include "net/http/http_util.h" 34 #include "net/http/http_util.h"
34 #include "net/socket/client_socket_factory.h" 35 #include "net/socket/client_socket_factory.h"
35 #include "net/socket/socks5_client_socket.h" 36 #include "net/socket/socks5_client_socket.h"
36 #include "net/socket/socks_client_socket.h" 37 #include "net/socket/socks_client_socket.h"
37 #include "net/socket/ssl_client_socket.h" 38 #include "net/socket/ssl_client_socket.h"
38 #include "net/socket/tcp_client_socket.h" 39 #include "net/socket/tcp_client_socket.h"
39 #include "net/socket_stream/socket_stream_metrics.h" 40 #include "net/socket_stream/socket_stream_metrics.h"
40 #include "net/url_request/url_request.h" 41 #include "net/url_request/url_request.h"
41 42
(...skipping 991 matching lines...) Expand 10 before | Expand all | Expand 10 after
1033 result = DidEstablishConnection(); 1034 result = DidEstablishConnection();
1034 else 1035 else
1035 next_state_ = STATE_CLOSE; 1036 next_state_ = STATE_CLOSE;
1036 return result; 1037 return result;
1037 } 1038 }
1038 1039
1039 int SocketStream::DoSSLHandleCertError(int result) { 1040 int SocketStream::DoSSLHandleCertError(int result) {
1040 DCHECK_EQ(STATE_NONE, next_state_); 1041 DCHECK_EQ(STATE_NONE, next_state_);
1041 DCHECK(IsCertificateError(result)); 1042 DCHECK(IsCertificateError(result));
1042 result = HandleCertificateError(result); 1043 result = HandleCertificateError(result);
1043 if (result == ERR_IO_PENDING) 1044 if (result == OK || result == ERR_IO_PENDING)
1044 next_state_ = STATE_SSL_HANDLE_CERT_ERROR_COMPLETE; 1045 next_state_ = STATE_SSL_HANDLE_CERT_ERROR_COMPLETE;
1045 else 1046 else
1046 next_state_ = STATE_CLOSE; 1047 next_state_ = STATE_CLOSE;
1047 return result; 1048 return result;
1048 } 1049 }
1049 1050
1050 int SocketStream::DoSSLHandleCertErrorComplete(int result) { 1051 int SocketStream::DoSSLHandleCertErrorComplete(int result) {
1051 DCHECK_EQ(STATE_NONE, next_state_); 1052 DCHECK_EQ(STATE_NONE, next_state_);
1052 // TODO(toyoshim): Upgrade to SPDY through TLS NPN extension if possible. 1053 // TODO(toyoshim): Upgrade to SPDY through TLS NPN extension if possible.
1053 // If we use HTTPS and this is the first connection to the SPDY server, 1054 // If we use HTTPS and this is the first connection to the SPDY server,
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after
1290 tunnel_response_headers_ = NULL; 1291 tunnel_response_headers_ = NULL;
1291 tunnel_response_headers_capacity_ = 0; 1292 tunnel_response_headers_capacity_ = 0;
1292 tunnel_response_headers_len_ = 0; 1293 tunnel_response_headers_len_ = 0;
1293 1294
1294 next_state_ = STATE_TCP_CONNECT; 1295 next_state_ = STATE_TCP_CONNECT;
1295 DoLoop(OK); 1296 DoLoop(OK);
1296 } 1297 }
1297 1298
1298 int SocketStream::HandleCertificateError(int result) { 1299 int SocketStream::HandleCertificateError(int result) {
1299 DCHECK(IsCertificateError(result)); 1300 DCHECK(IsCertificateError(result));
1301 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(socket_.get());
1302 DCHECK(ssl_socket);
1303
1304 if (HttpStreamFactory::ignore_certificate_errors() &&
1305 ssl_socket->IgnoreCertError(result, LOAD_IGNORE_ALL_CERT_ERRORS))
1306 return OK;
1300 1307
1301 if (!delegate_) 1308 if (!delegate_)
1302 return result; 1309 return result;
1303 1310
1304 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(socket_.get());
1305 DCHECK(ssl_socket);
1306 SSLInfo ssl_info; 1311 SSLInfo ssl_info;
1307 ssl_socket->GetSSLInfo(&ssl_info); 1312 ssl_socket->GetSSLInfo(&ssl_info);
1308 1313
1309 TransportSecurityState::DomainState domain_state; 1314 TransportSecurityState::DomainState domain_state;
1310 DCHECK(context_); 1315 DCHECK(context_);
1311 const bool fatal = 1316 const bool fatal =
1312 context_->transport_security_state() && 1317 context_->transport_security_state() &&
1313 context_->transport_security_state()->GetDomainState( 1318 context_->transport_security_state()->GetDomainState(
1314 url_.host(), 1319 url_.host(),
1315 SSLConfigService::IsSNIAvailable(context_->ssl_config_service()), 1320 SSLConfigService::IsSNIAvailable(context_->ssl_config_service()),
1316 &domain_state); 1321 &domain_state);
1317 1322
1318 delegate_->OnSSLCertificateError(this, ssl_info, fatal); 1323 delegate_->OnSSLCertificateError(this, ssl_info, fatal);
1319 return ERR_IO_PENDING; 1324 return ERR_IO_PENDING;
1320 } 1325 }
1321 1326
1322 SSLConfigService* SocketStream::ssl_config_service() const { 1327 SSLConfigService* SocketStream::ssl_config_service() const {
1323 return context_->ssl_config_service(); 1328 return context_->ssl_config_service();
1324 } 1329 }
1325 1330
1326 ProxyService* SocketStream::proxy_service() const { 1331 ProxyService* SocketStream::proxy_service() const {
1327 return context_->proxy_service(); 1332 return context_->proxy_service();
1328 } 1333 }
1329 1334
1330 } // namespace net 1335 } // namespace net
OLDNEW
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698