Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Side by Side Diff: content/browser/renderer_host/pepper_tcp_socket.cc

Issue 9699100: Add functionality to pppapi TCPSocket to support secure sockets in flash (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: . Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/renderer_host/pepper_tcp_socket.h" 5 #include "content/browser/renderer_host/pepper_tcp_socket.h"
6 6
7 #include <string.h> 7 #include <string.h>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 !NetAddressPrivateImpl::NetAddressToAddressList(net_addr, 97 !NetAddressPrivateImpl::NetAddressToAddressList(net_addr,
98 &address_list_)) { 98 &address_list_)) {
99 SendConnectACKError(); 99 SendConnectACKError();
100 return; 100 return;
101 } 101 }
102 102
103 connection_state_ = CONNECT_IN_PROGRESS; 103 connection_state_ = CONNECT_IN_PROGRESS;
104 StartConnect(address_list_); 104 StartConnect(address_list_);
105 } 105 }
106 106
107 void PepperTCPSocket::SSLHandshake(const std::string& server_name, 107 void PepperTCPSocket::SSLHandshake(
108 uint16_t server_port) { 108 const std::string& server_name,
109 uint16_t server_port,
110 const std::vector<std::vector<char> >& trusted_certs,
111 const std::vector<std::vector<char> >& untrusted_certs) {
109 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 112 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
110 113
111 // Allow to do SSL handshake only if currently the socket has been connected 114 // Allow to do SSL handshake only if currently the socket has been connected
112 // and there isn't pending read or write. 115 // and there isn't pending read or write.
113 // IsConnected() includes the state that SSL handshake has been finished and 116 // IsConnected() includes the state that SSL handshake has been finished and
114 // therefore isn't suitable here. 117 // therefore isn't suitable here.
115 if (connection_state_ != CONNECTED || read_buffer_.get() || 118 if (connection_state_ != CONNECTED || read_buffer_.get() ||
116 write_buffer_.get()) { 119 write_buffer_.get()) {
117 SendSSLHandshakeACK(false); 120 SendSSLHandshakeACK(false);
118 return; 121 return;
119 } 122 }
120 123
121 connection_state_ = SSL_HANDSHAKE_IN_PROGRESS; 124 connection_state_ = SSL_HANDSHAKE_IN_PROGRESS;
125 // TODO(raymes,rsleevi): Use trusted/untrusted certificates when connecting.
126
122 net::ClientSocketHandle* handle = new net::ClientSocketHandle(); 127 net::ClientSocketHandle* handle = new net::ClientSocketHandle();
123 handle->set_socket(socket_.release()); 128 handle->set_socket(socket_.release());
124 net::ClientSocketFactory* factory = 129 net::ClientSocketFactory* factory =
125 net::ClientSocketFactory::GetDefaultFactory(); 130 net::ClientSocketFactory::GetDefaultFactory();
126 net::HostPortPair host_port_pair(server_name, server_port); 131 net::HostPortPair host_port_pair(server_name, server_port);
127 net::SSLClientSocketContext ssl_context; 132 net::SSLClientSocketContext ssl_context;
128 ssl_context.cert_verifier = manager_->GetCertVerifier(); 133 ssl_context.cert_verifier = manager_->GetCertVerifier();
129 socket_.reset(factory->CreateSSLClientSocket( 134 socket_.reset(factory->CreateSSLClientSocket(
130 handle, host_port_pair, manager_->ssl_config(), NULL, ssl_context)); 135 handle, host_port_pair, manager_->ssl_config(), NULL, ssl_context));
131 if (!socket_.get()) { 136 if (!socket_.get()) {
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after
268 manager_->Send(new PpapiMsg_PPBTCPSocket_ReadACK( 273 manager_->Send(new PpapiMsg_PPBTCPSocket_ReadACK(
269 routing_id_, plugin_dispatcher_id_, socket_id_, false, std::string())); 274 routing_id_, plugin_dispatcher_id_, socket_id_, false, std::string()));
270 } 275 }
271 276
272 void PepperTCPSocket::SendWriteACKError() { 277 void PepperTCPSocket::SendWriteACKError() {
273 manager_->Send(new PpapiMsg_PPBTCPSocket_WriteACK( 278 manager_->Send(new PpapiMsg_PPBTCPSocket_WriteACK(
274 routing_id_, plugin_dispatcher_id_, socket_id_, false, 0)); 279 routing_id_, plugin_dispatcher_id_, socket_id_, false, 0));
275 } 280 }
276 281
277 void PepperTCPSocket::SendSSLHandshakeACK(bool succeeded) { 282 void PepperTCPSocket::SendSSLHandshakeACK(bool succeeded) {
283 ppapi::PPB_X509Certificate_Fields certificate_fields;
284 if (succeeded) {
285 CHECK(socket_.get());
yzshen1 2012/04/06 19:24:33 You don't need this CHECK, it will die below if it
raymes 2012/04/06 23:22:47 Done.
286 // Our socket is guaranteed to be an SSL socket if we get here.
287 net::SSLClientSocket* ssl_socket =
288 static_cast<net::SSLClientSocket*>(socket_.get());
289 net::SSLInfo ssl_info;
290 ssl_socket->GetSSLInfo(&ssl_info);
291 CHECK(ssl_info.cert.get());
Ryan Sleevi 2012/04/06 00:37:49 Note that this can fail for a variety of reasons.
raymes 2012/04/06 23:22:47 Done.
292 bool success = GetCertificateFields(*ssl_info.cert,
293 &certificate_fields);
294 CHECK(success);
yzshen1 2012/04/06 19:24:33 If it failed, do we have to crash the whole browse
raymes 2012/04/06 23:22:47 Probably not. If we can't correctly parse the cert
295 }
278 manager_->Send(new PpapiMsg_PPBTCPSocket_SSLHandshakeACK( 296 manager_->Send(new PpapiMsg_PPBTCPSocket_SSLHandshakeACK(
279 routing_id_, plugin_dispatcher_id_, socket_id_, succeeded)); 297 routing_id_,
298 plugin_dispatcher_id_,
299 socket_id_,
300 succeeded,
301 certificate_fields));
280 } 302 }
281 303
282 void PepperTCPSocket::OnResolveCompleted(int result) { 304 void PepperTCPSocket::OnResolveCompleted(int result) {
283 DCHECK(connection_state_ == CONNECT_IN_PROGRESS); 305 DCHECK(connection_state_ == CONNECT_IN_PROGRESS);
284 306
285 if (result != net::OK) { 307 if (result != net::OK) {
286 SendConnectACKError(); 308 SendConnectACKError();
287 connection_state_ = BEFORE_CONNECT; 309 connection_state_ = BEFORE_CONNECT;
288 return; 310 return;
289 } 311 }
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
355 routing_id_, plugin_dispatcher_id_, socket_id_, true, result)); 377 routing_id_, plugin_dispatcher_id_, socket_id_, true, result));
356 } else { 378 } else {
357 SendWriteACKError(); 379 SendWriteACKError();
358 } 380 }
359 write_buffer_ = NULL; 381 write_buffer_ = NULL;
360 } 382 }
361 383
362 bool PepperTCPSocket::IsConnected() const { 384 bool PepperTCPSocket::IsConnected() const {
363 return connection_state_ == CONNECTED || connection_state_ == SSL_CONNECTED; 385 return connection_state_ == CONNECTED || connection_state_ == SSL_CONNECTED;
364 } 386 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698