Revert 113419 - Revert 113409 - Add a new method to SSLClientSocket:

was_origin_cert_sent() This will help SpdySession decide to send a CREDENTIAL frame. BUG=106103 TEST=none Review URL: http://codereview.chromium.org/8869004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113528 0039d316-1c4b-4281-b951-d872f2087c98

Revert 113419 - Revert 113409 - Add a new method to SSLClientSocket:
was_origin_cert_sent() This will help SpdySession decide to send a CREDENTIAL frame. BUG=106103 TEST=none Review URL: http://codereview.chromium.org/8869004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113528 0039d316-1c4b-4281-b951-d872f2087c98
19b4a024 · rch@chromium.org · 2531f9f6 · 19b4a024 · 19b4a024 · 19b4a024
Commit 19b4a024 authored Dec 08, 2011 by rch@chromium.org
Showing with 25 additions and 2 deletions

net/socket/ssl_client_socket.cc net/socket/ssl_client_socket.cc +10 -1

net/socket/ssl_client_socket.h net/socket/ssl_client_socket.h +10 -0

net/socket/ssl_client_socket_nss.cc net/socket/ssl_client_socket_nss.cc +5 -1

No files found.
--- a/net/socket/ssl_client_socket.cc
+++ b/net/socket/ssl_client_socket.cc
@@ -10,7 +10,8 @@ namespace net {

 SSLClientSocket::SSLClientSocket()
    : was_npn_negotiated_(false),
-      was_spdy_negotiated_(false) {
+      was_spdy_negotiated_(false),
+      was_origin_bound_cert_sent_(false) {
 }

 SSLClientSocket::NextProto SSLClientSocket::NextProtoFromString(
@@ -90,4 +91,12 @@ bool SSLClientSocket::set_was_spdy_negotiated(bool negotiated) {
  return was_spdy_negotiated_ = negotiated;
 }

+bool SSLClientSocket::was_origin_bound_cert_sent() const {
+  return was_origin_bound_cert_sent_;
+}
+
+bool SSLClientSocket::set_was_origin_bound_cert_sent(bool sent) {
+  return was_origin_bound_cert_sent_ = sent;
+}
+
 }  // namespace net
--- a/net/socket/ssl_client_socket.h
+++ b/net/socket/ssl_client_socket.h
@@ -126,11 +126,21 @@ class NET_EXPORT SSLClientSocket : public SSLSocket {

  virtual bool set_was_spdy_negotiated(bool negotiated);

+  // Returns true if an origin bound certificate was sent on this connection.
+  // This may be useful for protocols, like SPDY, which allow the same
+  // connection to be shared between multiple origins, each of which need
+  // an origin bound certificate.
+  virtual bool was_origin_bound_cert_sent() const;
+
+  virtual bool set_was_origin_bound_cert_sent(bool sent);
+
 private:
  // True if NPN was responded to, independent of selecting SPDY or HTTP.
  bool was_npn_negotiated_;
  // True if NPN successfully negotiated SPDY.
  bool was_spdy_negotiated_;
+  // True if an origin bound certificate was sent.
+  bool was_origin_bound_cert_sent_;
 };

 }  // namespace net

--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -1717,6 +1717,7 @@ int SSLClientSocketNSS::DoGetOBCertComplete(int result) {
    return MapNSSError(PORT_GetError());

  GotoState(STATE_HANDSHAKE);
+  set_was_origin_bound_cert_sent(true);
  return OK;
 }

@@ -2272,8 +2273,11 @@ SECStatus SSLClientSocketNSS::OriginBoundClientAuthHandler(
    // Synchronous success.
    int result = ImportOBCertAndKey(result_certificate,
                                    result_private_key);
-    if (result != OK)
+    if (result == OK) {
+      set_was_origin_bound_cert_sent(true);
+    } else {
      rv = SECFailure;
+    }
  } else {
    rv = SECFailure;  // Synchronous failure.
  }