From 5831a5ffa1cd08d997dc7a449e745c3327514b10 Mon Sep 17 00:00:00 2001 From: Aleksei Kuzmin Date: Mon, 21 Aug 2017 00:35:04 +0300 Subject: [PATCH] Refactor client cert private key handling. https://codereview.chromium.org/2898573002 --- atom/browser/api/atom_api_app.cc | 9 ++++++++- atom/browser/api/atom_api_app.h | 3 ++- atom/browser/atom_browser_client.cc | 2 +- atom/browser/atom_browser_client.h | 3 ++- brightray/browser/net/devtools_network_transaction.cc | 9 +++++---- brightray/browser/net/devtools_network_transaction.h | 7 ++++--- 6 files changed, 22 insertions(+), 11 deletions(-) diff --git a/atom/browser/api/atom_api_app.cc b/atom/browser/api/atom_api_app.cc index ee629fe53ccb..c742ca8ed854 100644 --- a/atom/browser/api/atom_api_app.cc +++ b/atom/browser/api/atom_api_app.cc @@ -699,10 +699,17 @@ void App::AllowCertificateError( void App::SelectClientCertificate( content::WebContents* web_contents, net::SSLCertRequestInfo* cert_request_info, - net::CertificateList client_certs, + net::ClientCertIdentityList identities, std::unique_ptr delegate) { std::shared_ptr shared_delegate(delegate.release()); + + // Convert the ClientCertIdentityList to a CertificateList + // to avoid changes in the API. + auto client_certs = net::CertificateList(); + for (const std::unique_ptr& identity : identities) + client_certs.push_back(identity->certificate()); + bool prevent_default = Emit("select-client-certificate", WebContents::CreateFrom(isolate(), web_contents), diff --git a/atom/browser/api/atom_api_app.h b/atom/browser/api/atom_api_app.h index 98e6f1fdb885..bdd1233ae600 100644 --- a/atom/browser/api/atom_api_app.h +++ b/atom/browser/api/atom_api_app.h @@ -25,6 +25,7 @@ #include "native_mate/dictionary.h" #include "native_mate/handle.h" #include "net/base/completion_callback.h" +#include "net/ssl/client_cert_identity.h" #if defined(USE_NSS_CERTS) #include "chrome/browser/certificate_manager_model.h" @@ -149,7 +150,7 @@ class App : public AtomBrowserClient::Delegate, void SelectClientCertificate( content::WebContents* web_contents, net::SSLCertRequestInfo* cert_request_info, - net::CertificateList client_certs, + net::ClientCertIdentityList client_certs, std::unique_ptr delegate) override; // content::GpuDataManagerObserver: diff --git a/atom/browser/atom_browser_client.cc b/atom/browser/atom_browser_client.cc index 51e98dbecd8e..7e38c5894ae1 100644 --- a/atom/browser/atom_browser_client.cc +++ b/atom/browser/atom_browser_client.cc @@ -316,7 +316,7 @@ void AtomBrowserClient::AllowCertificateError( void AtomBrowserClient::SelectClientCertificate( content::WebContents* web_contents, net::SSLCertRequestInfo* cert_request_info, - net::CertificateList client_certs, + net::ClientCertIdentityList client_certs, std::unique_ptr delegate) { if (!client_certs.empty() && delegate_) { delegate_->SelectClientCertificate(web_contents, cert_request_info, diff --git a/atom/browser/atom_browser_client.h b/atom/browser/atom_browser_client.h index 968afa9a6151..f0d793407cc0 100644 --- a/atom/browser/atom_browser_client.h +++ b/atom/browser/atom_browser_client.h @@ -12,6 +12,7 @@ #include "brightray/browser/browser_client.h" #include "content/public/browser/render_process_host_observer.h" +#include "net/ssl/client_cert_identity.h" namespace content { class QuotaPermissionContext; @@ -77,7 +78,7 @@ class AtomBrowserClient : public brightray::BrowserClient, void SelectClientCertificate( content::WebContents* web_contents, net::SSLCertRequestInfo* cert_request_info, - net::CertificateList client_certs, + net::ClientCertIdentityList client_certs, std::unique_ptr delegate) override; void ResourceDispatcherHostCreated() override; bool CanCreateWindow( diff --git a/brightray/browser/net/devtools_network_transaction.cc b/brightray/browser/net/devtools_network_transaction.cc index bc446186d985..1c18ad17120e 100644 --- a/brightray/browser/net/devtools_network_transaction.cc +++ b/brightray/browser/net/devtools_network_transaction.cc @@ -5,6 +5,7 @@ #include "brightray/browser/net/devtools_network_transaction.h" #include +#include #include "brightray/browser/net/devtools_network_controller.h" #include "brightray/browser/net/devtools_network_upload_data_stream.h" @@ -165,18 +166,18 @@ int DevToolsNetworkTransaction::RestartIgnoringLastError( } int DevToolsNetworkTransaction::RestartWithCertificate( - net::X509Certificate* client_cert, - net::SSLPrivateKey* client_private_key, + scoped_refptr client_cert, + scoped_refptr client_private_key, const net::CompletionCallback& callback) { if (CheckFailed()) return net::ERR_INTERNET_DISCONNECTED; if (!interceptor_) { return transaction_->RestartWithCertificate( - client_cert, client_private_key, callback); + std::move(client_cert), std::move(client_private_key), callback); } int result = transaction_->RestartWithCertificate( - client_cert, client_private_key, + std::move(client_cert), std::move(client_private_key), base::Bind(&DevToolsNetworkTransaction::IOCallback, base::Unretained(this), callback, true)); return Throttle(callback, true, result); diff --git a/brightray/browser/net/devtools_network_transaction.h b/brightray/browser/net/devtools_network_transaction.h index aadf55209015..d038006a6fe4 100644 --- a/brightray/browser/net/devtools_network_transaction.h +++ b/brightray/browser/net/devtools_network_transaction.h @@ -34,9 +34,10 @@ class DevToolsNetworkTransaction : public net::HttpTransaction { const net::NetLogWithSource& net_log) override; int RestartIgnoringLastError( const net::CompletionCallback& callback) override; - int RestartWithCertificate(net::X509Certificate* client_cert, - net::SSLPrivateKey* client_private_key, - const net::CompletionCallback& callback) override; + int RestartWithCertificate( + scoped_refptr client_cert, + scoped_refptr client_private_key, + const net::CompletionCallback& callback) override; int RestartWithAuth(const net::AuthCredentials& credentials, const net::CompletionCallback& callback) override; bool IsReadyToRestartForAuth() override;