| // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "chrome/browser/ssl/ssl_client_auth_handler.h" |
| |
| #include "chrome/browser/ssl/ssl_client_auth_notification_details.h" |
| #include "content/browser/browser_thread.h" |
| #include "content/browser/renderer_host/render_view_host_delegate.h" |
| #include "content/browser/renderer_host/render_view_host_notification_task.h" |
| #include "content/browser/renderer_host/resource_dispatcher_host.h" |
| #include "content/browser/renderer_host/resource_dispatcher_host_request_info.h" |
| #include "content/common/notification_service.h" |
| #include "net/url_request/url_request.h" |
| |
| SSLClientAuthHandler::SSLClientAuthHandler( |
| net::URLRequest* request, |
| net::SSLCertRequestInfo* cert_request_info) |
| : request_(request), |
| cert_request_info_(cert_request_info) { |
| } |
| |
| SSLClientAuthHandler::~SSLClientAuthHandler() { |
| // If we were simply dropped, then act as if we selected no certificate. |
| DoCertificateSelected(NULL); |
| } |
| |
| void SSLClientAuthHandler::OnRequestCancelled() { |
| request_ = NULL; |
| } |
| |
| void SSLClientAuthHandler::SelectCertificate() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| |
| int render_process_host_id; |
| int render_view_host_id; |
| if (!ResourceDispatcherHost::RenderViewForRequest(request_, |
| &render_process_host_id, |
| &render_view_host_id)) |
| NOTREACHED(); |
| |
| // If the RVH does not exist by the time this task gets run, then the task |
| // will be dropped and the scoped_refptr to SSLClientAuthHandler will go |
| // away, so we do not leak anything. The destructor takes care of ensuring |
| // the net::URLRequest always gets a response. |
| CallRenderViewHostSSLDelegate( |
| render_process_host_id, render_view_host_id, |
| &RenderViewHostDelegate::SSL::ShowClientCertificateRequestDialog, |
| scoped_refptr<SSLClientAuthHandler>(this)); |
| } |
| |
| // Sends an SSL_CLIENT_AUTH_CERT_SELECTED notification and notifies the IO |
| // thread that we have selected a cert. |
| void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) { |
| VLOG(1) << this << " CertificateSelected " << cert; |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| |
| SSLClientAuthNotificationDetails details(cert_request_info_, cert); |
| NotificationService* service = NotificationService::current(); |
| service->Notify(NotificationType::SSL_CLIENT_AUTH_CERT_SELECTED, |
| Source<SSLClientAuthHandler>(this), |
| Details<SSLClientAuthNotificationDetails>(&details)); |
| |
| CertificateSelectedNoNotify(cert); |
| } |
| |
| // Notifies the IO thread that we have selected a cert. |
| void SSLClientAuthHandler::CertificateSelectedNoNotify( |
| net::X509Certificate* cert) { |
| VLOG(1) << this << " CertificateSelectedNoNotify " << cert; |
| BrowserThread::PostTask( |
| BrowserThread::IO, FROM_HERE, |
| NewRunnableMethod( |
| this, &SSLClientAuthHandler::DoCertificateSelected, cert)); |
| } |
| |
| void SSLClientAuthHandler::DoCertificateSelected(net::X509Certificate* cert) { |
| VLOG(1) << this << " DoCertificateSelected " << cert; |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| // request_ could have been NULLed if the request was cancelled while the |
| // user was choosing a cert, or because we have already responded to the |
| // certificate. |
| if (request_) { |
| request_->ContinueWithCertificate(cert); |
| |
| ResourceDispatcherHostRequestInfo* info = |
| ResourceDispatcherHost::InfoForRequest(request_); |
| if (info) |
| info->set_ssl_client_auth_handler(NULL); |
| |
| request_ = NULL; |
| } |
| } |
| |
| SSLClientAuthObserver::SSLClientAuthObserver( |
| net::SSLCertRequestInfo* cert_request_info, |
| SSLClientAuthHandler* handler) |
| : cert_request_info_(cert_request_info), handler_(handler) { |
| } |
| |
| SSLClientAuthObserver::~SSLClientAuthObserver() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| } |
| |
| void SSLClientAuthObserver::Observe( |
| NotificationType type, |
| const NotificationSource& source, |
| const NotificationDetails& details) { |
| VLOG(1) << "SSLClientAuthObserver::Observe " << this << " " << handler_.get(); |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| DCHECK(type == NotificationType::SSL_CLIENT_AUTH_CERT_SELECTED); |
| |
| if (Source<SSLClientAuthHandler>(source).ptr() == handler_.get()) { |
| VLOG(1) << "got notification from ourself " << handler_.get(); |
| return; |
| } |
| |
| SSLClientAuthNotificationDetails* auth_details = |
| Details<SSLClientAuthNotificationDetails>(details).ptr(); |
| if (!auth_details->IsSameHost(cert_request_info_)) |
| return; |
| |
| VLOG(1) << this << " got matching notification for " |
| << handler_.get() << ", selecting cert " |
| << auth_details->selected_cert(); |
| StopObserving(); |
| handler_->CertificateSelectedNoNotify(auth_details->selected_cert()); |
| OnCertSelectedByNotification(); |
| } |
| |
| void SSLClientAuthObserver::StartObserving() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| notification_registrar_.Add(this, |
| NotificationType::SSL_CLIENT_AUTH_CERT_SELECTED, |
| NotificationService::AllSources()); |
| } |
| |
| void SSLClientAuthObserver::StopObserving() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| notification_registrar_.RemoveAll(); |
| } |
