net: Pass certs that fail the SSL handshake out of the network layer.

This commit is contained in:
Josh Matthews 2020-05-29 11:56:17 -04:00
parent 1cdaf40eb2
commit 0ce2aa917a
7 changed files with 136 additions and 44 deletions

View file

@ -4,7 +4,9 @@
//! A thread that takes a URL and streams back the binary data.
use crate::connector::{create_http_client, create_tls_config, ExtraCerts, ALPN_H2_H1};
use crate::connector::{
create_http_client, create_tls_config, ConnectionCerts, ExtraCerts, ALPN_H2_H1,
};
use crate::cookie;
use crate::cookie_storage::CookieStorage;
use crate::fetch::cors_cache::CorsCache;
@ -127,7 +129,7 @@ struct ResourceChannelManager {
fn create_http_states(
config_dir: Option<&Path>,
certificate_path: Option<String>,
) -> (Arc<HttpState>, Arc<HttpState>, ExtraCerts) {
) -> (Arc<HttpState>, Arc<HttpState>) {
let mut hsts_list = HstsList::from_servo_preload();
let mut auth_cache = AuthCache::new();
let http_cache = HttpCache::new();
@ -144,6 +146,7 @@ fn create_http_states(
};
let extra_certs = ExtraCerts::new();
let connection_certs = ConnectionCerts::new();
let http_state = HttpState {
hsts_list: RwLock::new(hsts_list),
@ -153,11 +156,21 @@ fn create_http_states(
http_cache: RwLock::new(http_cache),
http_cache_state: Mutex::new(HashMap::new()),
client: create_http_client(
create_tls_config(&certs, ALPN_H2_H1, extra_certs.clone()),
create_tls_config(
&certs,
ALPN_H2_H1,
extra_certs.clone(),
connection_certs.clone(),
),
HANDLE.lock().unwrap().as_ref().unwrap().executor(),
),
extra_certs,
connection_certs,
};
let extra_certs = ExtraCerts::new();
let connection_certs = ConnectionCerts::new();
let private_http_state = HttpState {
hsts_list: RwLock::new(HstsList::from_servo_preload()),
cookie_jar: RwLock::new(CookieStorage::new(150)),
@ -166,16 +179,19 @@ fn create_http_states(
http_cache: RwLock::new(HttpCache::new()),
http_cache_state: Mutex::new(HashMap::new()),
client: create_http_client(
create_tls_config(&certs, ALPN_H2_H1, extra_certs.clone()),
create_tls_config(
&certs,
ALPN_H2_H1,
extra_certs.clone(),
connection_certs.clone(),
),
HANDLE.lock().unwrap().as_ref().unwrap().executor(),
),
extra_certs,
connection_certs,
};
(
Arc::new(http_state),
Arc::new(private_http_state),
extra_certs,
)
(Arc::new(http_state), Arc::new(private_http_state))
}
impl ResourceChannelManager {
@ -186,7 +202,7 @@ impl ResourceChannelManager {
private_receiver: IpcReceiver<CoreResourceMsg>,
memory_reporter: IpcReceiver<ReportsChan>,
) {
let (public_http_state, private_http_state, extra_certs) = create_http_states(
let (public_http_state, private_http_state) = create_http_states(
self.config_dir.as_ref().map(Deref::deref),
self.certificate_path.clone(),
);