| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_win.h" | 5 #include "net/socket/ssl_client_socket_win.h" |
| 6 | 6 |
| 7 #include <schnlsp.h> | 7 #include <schnlsp.h> |
| 8 | 8 |
| 9 #include "base/lock.h" | 9 #include "base/lock.h" |
| 10 #include "base/singleton.h" | 10 #include "base/singleton.h" |
| (...skipping 855 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 866 } | 866 } |
| 867 | 867 |
| 868 int SSLClientSocketWin::DoVerifyCertComplete(int result) { | 868 int SSLClientSocketWin::DoVerifyCertComplete(int result) { |
| 869 DCHECK(verifier_.get()); | 869 DCHECK(verifier_.get()); |
| 870 verifier_.reset(); | 870 verifier_.reset(); |
| 871 | 871 |
| 872 // If we have been explicitly told to accept this certificate, override the | 872 // If we have been explicitly told to accept this certificate, override the |
| 873 // result of verifier_.Verify. | 873 // result of verifier_.Verify. |
| 874 // Eventually, we should cache the cert verification results so that we don't | 874 // Eventually, we should cache the cert verification results so that we don't |
| 875 // need to call verifier_.Verify repeatedly. But for now we need to do this. | 875 // need to call verifier_.Verify repeatedly. But for now we need to do this. |
| 876 // Alternatively, we might be able to store the cert's status along with | 876 // Alternatively, we could use the cert's status that we stored along with |
| 877 // the cert in the allowed_bad_certs_ set. | 877 // the cert in the allowed_bad_certs vector. |
| 878 if (IsCertificateError(result) && | 878 if (IsCertificateError(result) && |
| 879 ssl_config_.allowed_bad_certs_.count(server_cert_)) | 879 ssl_config_.IsAllowedBadCert(server_cert_)) |
| 880 result = OK; | 880 result = OK; |
| 881 | 881 |
| 882 LogConnectionTypeMetrics(); | 882 LogConnectionTypeMetrics(); |
| 883 if (renegotiating_) { | 883 if (renegotiating_) { |
| 884 DidCompleteRenegotiation(result); | 884 DidCompleteRenegotiation(result); |
| 885 } else { | 885 } else { |
| 886 // The initial handshake, kicked off by a Connect, has completed. | 886 // The initial handshake, kicked off by a Connect, has completed. |
| 887 completed_handshake_ = true; | 887 completed_handshake_ = true; |
| 888 // Exit DoLoop and return the result to the caller of Connect. | 888 // Exit DoLoop and return the result to the caller of Connect. |
| 889 DCHECK(next_state_ == STATE_NONE); | 889 DCHECK(next_state_ == STATE_NONE); |
| (...skipping 306 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1196 } | 1196 } |
| 1197 } | 1197 } |
| 1198 | 1198 |
| 1199 void SSLClientSocketWin::FreeSendBuffer() { | 1199 void SSLClientSocketWin::FreeSendBuffer() { |
| 1200 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); | 1200 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); |
| 1201 DCHECK(status == SEC_E_OK); | 1201 DCHECK(status == SEC_E_OK); |
| 1202 memset(&send_buffer_, 0, sizeof(send_buffer_)); | 1202 memset(&send_buffer_, 0, sizeof(send_buffer_)); |
| 1203 } | 1203 } |
| 1204 | 1204 |
| 1205 } // namespace net | 1205 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 165191:
Implement SSL certificate error handling on the Mac. If the user gives... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/