| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/spdy/spdy_session.h" | 5 #include "net/spdy/spdy_session.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 389 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 400 SSLClientSocket::NextProto protocol = g_default_protocol; | 400 SSLClientSocket::NextProto protocol = g_default_protocol; |
| 401 if (is_secure_) { | 401 if (is_secure_) { |
| 402 SSLClientSocket* ssl_socket = GetSSLClientSocket(); | 402 SSLClientSocket* ssl_socket = GetSSLClientSocket(); |
| 403 | 403 |
| 404 SSLClientSocket::NextProto protocol_negotiated = | 404 SSLClientSocket::NextProto protocol_negotiated = |
| 405 ssl_socket->protocol_negotiated(); | 405 ssl_socket->protocol_negotiated(); |
| 406 if (protocol_negotiated != SSLClientSocket::kProtoUnknown) { | 406 if (protocol_negotiated != SSLClientSocket::kProtoUnknown) { |
| 407 protocol = protocol_negotiated; | 407 protocol = protocol_negotiated; |
| 408 } | 408 } |
| 409 | 409 |
| 410 if (ssl_socket->WasOriginBoundCertSent()) { | 410 if (ssl_socket->WasDomainBoundCertSent()) { |
| 411 // According to the SPDY spec, the credential associated with the TLS | 411 // According to the SPDY spec, the credential associated with the TLS |
| 412 // connection is stored in slot[0]. | 412 // connection is stored in slot[0]. |
| 413 credential_state_.SetHasCredential(host_port_pair()); | 413 credential_state_.SetHasCredential(host_port_pair()); |
| 414 } | 414 } |
| 415 } | 415 } |
| 416 | 416 |
| 417 DCHECK(protocol >= SSLClientSocket::kProtoSPDY2); | 417 DCHECK(protocol >= SSLClientSocket::kProtoSPDY2); |
| 418 DCHECK(protocol <= SSLClientSocket::kProtoSPDY3); | 418 DCHECK(protocol <= SSLClientSocket::kProtoSPDY3); |
| 419 int version = (protocol == SSLClientSocket::kProtoSPDY3) ? 3 : 2; | 419 int version = (protocol == SSLClientSocket::kProtoSPDY3) ? 3 : 2; |
| 420 flow_control_ = (protocol >= SSLClientSocket::kProtoSPDY21); | 420 flow_control_ = (protocol >= SSLClientSocket::kProtoSPDY21); |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 592 DCHECK_EQ(active_streams_[stream_id].get(), stream.get()); | 592 DCHECK_EQ(active_streams_[stream_id].get(), stream.get()); |
| 593 return OK; | 593 return OK; |
| 594 } | 594 } |
| 595 | 595 |
| 596 bool SpdySession::NeedsCredentials(const HostPortPair& origin) const { | 596 bool SpdySession::NeedsCredentials(const HostPortPair& origin) const { |
| 597 if (!is_secure_) | 597 if (!is_secure_) |
| 598 return false; | 598 return false; |
| 599 SSLClientSocket* ssl_socket = GetSSLClientSocket(); | 599 SSLClientSocket* ssl_socket = GetSSLClientSocket(); |
| 600 if (ssl_socket->protocol_negotiated() < SSLClientSocket::kProtoSPDY3) | 600 if (ssl_socket->protocol_negotiated() < SSLClientSocket::kProtoSPDY3) |
| 601 return false; | 601 return false; |
| 602 if (!ssl_socket->WasOriginBoundCertSent()) | 602 if (!ssl_socket->WasDomainBoundCertSent()) |
| 603 return false; | 603 return false; |
| 604 return !credential_state_.HasCredential(origin); | 604 return !credential_state_.HasCredential(origin); |
| 605 } | 605 } |
| 606 | 606 |
| 607 void SpdySession::AddPooledAlias(const HostPortProxyPair& alias) { | 607 void SpdySession::AddPooledAlias(const HostPortProxyPair& alias) { |
| 608 pooled_aliases_.insert(alias); | 608 pooled_aliases_.insert(alias); |
| 609 } | 609 } |
| 610 | 610 |
| 611 int SpdySession::GetProtocolVersion() const { | 611 int SpdySession::GetProtocolVersion() const { |
| 612 DCHECK(buffered_spdy_framer_.get()); | 612 DCHECK(buffered_spdy_framer_.get()); |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 674 | 674 |
| 675 std::vector<uint8> proof; | 675 std::vector<uint8> proof; |
| 676 switch (type) { | 676 switch (type) { |
| 677 case CLIENT_CERT_ECDSA_SIGN: { | 677 case CLIENT_CERT_ECDSA_SIGN: { |
| 678 base::StringPiece spki_piece; | 678 base::StringPiece spki_piece; |
| 679 asn1::ExtractSPKIFromDERCert(cert, &spki_piece); | 679 asn1::ExtractSPKIFromDERCert(cert, &spki_piece); |
| 680 std::vector<uint8> spki(spki_piece.data(), | 680 std::vector<uint8> spki(spki_piece.data(), |
| 681 spki_piece.data() + spki_piece.size()); | 681 spki_piece.data() + spki_piece.size()); |
| 682 scoped_ptr<crypto::ECPrivateKey> private_key( | 682 scoped_ptr<crypto::ECPrivateKey> private_key( |
| 683 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 683 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
| 684 OriginBoundCertService::kEPKIPassword, key_data, spki)); | 684 ServerBoundCertService::kEPKIPassword, key_data, spki)); |
| 685 scoped_ptr<crypto::ECSignatureCreator> creator( | 685 scoped_ptr<crypto::ECSignatureCreator> creator( |
| 686 crypto::ECSignatureCreator::Create(private_key.get())); | 686 crypto::ECSignatureCreator::Create(private_key.get())); |
| 687 creator->Sign(secret, arraysize(secret), &proof); | 687 creator->Sign(secret, arraysize(secret), &proof); |
| 688 break; | 688 break; |
| 689 } | 689 } |
| 690 default: | 690 default: |
| 691 NOTREACHED(); | 691 NOTREACHED(); |
| 692 } | 692 } |
| 693 | 693 |
| 694 spdy::SpdyCredential credential; | 694 spdy::SpdyCredential credential; |
| (...skipping 570 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1265 } | 1265 } |
| 1266 | 1266 |
| 1267 bool SpdySession::GetSSLCertRequestInfo( | 1267 bool SpdySession::GetSSLCertRequestInfo( |
| 1268 SSLCertRequestInfo* cert_request_info) { | 1268 SSLCertRequestInfo* cert_request_info) { |
| 1269 if (!is_secure_) | 1269 if (!is_secure_) |
| 1270 return false; | 1270 return false; |
| 1271 GetSSLClientSocket()->GetSSLCertRequestInfo(cert_request_info); | 1271 GetSSLClientSocket()->GetSSLCertRequestInfo(cert_request_info); |
| 1272 return true; | 1272 return true; |
| 1273 } | 1273 } |
| 1274 | 1274 |
| 1275 OriginBoundCertService* SpdySession::GetOriginBoundCertService() const { | 1275 ServerBoundCertService* SpdySession::GetServerBoundCertService() const { |
| 1276 if (!is_secure_) | 1276 if (!is_secure_) |
| 1277 return NULL; | 1277 return NULL; |
| 1278 return GetSSLClientSocket()->GetOriginBoundCertService(); | 1278 return GetSSLClientSocket()->GetServerBoundCertService(); |
| 1279 } | 1279 } |
| 1280 | 1280 |
| 1281 SSLClientCertType SpdySession::GetOriginBoundCertType() const { | 1281 SSLClientCertType SpdySession::GetDomainBoundCertType() const { |
| 1282 if (!is_secure_) | 1282 if (!is_secure_) |
| 1283 return CLIENT_CERT_INVALID_TYPE; | 1283 return CLIENT_CERT_INVALID_TYPE; |
| 1284 return GetSSLClientSocket()->origin_bound_cert_type(); | 1284 return GetSSLClientSocket()->domain_bound_cert_type(); |
| 1285 } | 1285 } |
| 1286 | 1286 |
| 1287 void SpdySession::OnError(int error_code) { | 1287 void SpdySession::OnError(int error_code) { |
| 1288 std::string description = base::StringPrintf( | 1288 std::string description = base::StringPrintf( |
| 1289 "SPDY_ERROR error_code: %d.", error_code); | 1289 "SPDY_ERROR error_code: %d.", error_code); |
| 1290 CloseSessionOnError(net::ERR_SPDY_PROTOCOL_ERROR, true, description); | 1290 CloseSessionOnError(net::ERR_SPDY_PROTOCOL_ERROR, true, description); |
| 1291 } | 1291 } |
| 1292 | 1292 |
| 1293 void SpdySession::OnStreamError(spdy::SpdyStreamId stream_id, | 1293 void SpdySession::OnStreamError(spdy::SpdyStreamId stream_id, |
| 1294 const std::string& description) { | 1294 const std::string& description) { |
| (...skipping 655 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1950 SSLClientSocket* SpdySession::GetSSLClientSocket() const { | 1950 SSLClientSocket* SpdySession::GetSSLClientSocket() const { |
| 1951 if (!is_secure_) | 1951 if (!is_secure_) |
| 1952 return NULL; | 1952 return NULL; |
| 1953 SSLClientSocket* ssl_socket = | 1953 SSLClientSocket* ssl_socket = |
| 1954 reinterpret_cast<SSLClientSocket*>(connection_->socket()); | 1954 reinterpret_cast<SSLClientSocket*>(connection_->socket()); |
| 1955 DCHECK(ssl_socket); | 1955 DCHECK(ssl_socket); |
| 1956 return ssl_socket; | 1956 return ssl_socket; |
| 1957 } | 1957 } |
| 1958 | 1958 |
| 1959 } // namespace net | 1959 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9617039:
Change Origin bound certs -> Domain bound certs. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src