Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(454)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_mac.cc

Issue 173328: Fix a typo IsCertStatusError. It should be IsCertificateError.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Upload before checkin Created 11 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket_mac.h" 5 #include "net/socket/ssl_client_socket_mac.h"
6 6
7 #include "base/singleton.h" 7 #include "base/singleton.h"
8 #include "base/string_util.h" 8 #include "base/string_util.h"
9 #include "net/base/io_buffer.h" 9 #include "net/base/io_buffer.h"
10 #include "net/base/net_errors.h" 10 #include "net/base/net_errors.h"
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
85 // forward the result can be treated as a length. 85 // forward the result can be treated as a length.
86 86
87 namespace net { 87 namespace net {
88 88
89 namespace { 89 namespace {
90 90
91 int NetErrorFromOSStatus(OSStatus status) { 91 int NetErrorFromOSStatus(OSStatus status) {
92 switch (status) { 92 switch (status) {
93 case errSSLWouldBlock: 93 case errSSLWouldBlock:
94 return ERR_IO_PENDING; 94 return ERR_IO_PENDING;
95 case errSSLIllegalParam:
96 case errSSLBadCipherSuite: 95 case errSSLBadCipherSuite:
97 case errSSLBadConfiguration: 96 case errSSLBadConfiguration:
98 return ERR_INVALID_ARGUMENT; 97 return ERR_INVALID_ARGUMENT;
99 case errSSLClosedNoNotify: 98 case errSSLClosedNoNotify:
100 return ERR_CONNECTION_RESET; 99 return ERR_CONNECTION_RESET;
101 case errSSLConnectionRefused: 100 case errSSLConnectionRefused:
102 return ERR_CONNECTION_REFUSED; 101 return ERR_CONNECTION_REFUSED;
103 case errSSLClosedAbort: 102 case errSSLClosedAbort:
104 return ERR_CONNECTION_ABORTED; 103 return ERR_CONNECTION_ABORTED;
105 case errSSLInternal: 104 case errSSLInternal:
106 case errSSLCrypto: 105 case errSSLCrypto:
107 case errSSLFatalAlert: 106 case errSSLFatalAlert:
107 case errSSLIllegalParam: // Received an illegal_parameter alert.
108 case errSSLPeerUnexpectedMsg: // Received an unexpected_message alert.
108 case errSSLProtocol: 109 case errSSLProtocol:
109 return ERR_SSL_PROTOCOL_ERROR; 110 return ERR_SSL_PROTOCOL_ERROR;
110 case errSSLHostNameMismatch: 111 case errSSLHostNameMismatch:
111 return ERR_CERT_COMMON_NAME_INVALID; 112 return ERR_CERT_COMMON_NAME_INVALID;
112 case errSSLCertExpired: 113 case errSSLCertExpired:
113 case errSSLCertNotYetValid: 114 case errSSLCertNotYetValid:
114 return ERR_CERT_DATE_INVALID; 115 return ERR_CERT_DATE_INVALID;
115 case errSSLNoRootCert: 116 case errSSLNoRootCert:
116 case errSSLUnknownRootCert: 117 case errSSLUnknownRootCert:
117 return ERR_CERT_AUTHORITY_INVALID; 118 return ERR_CERT_AUTHORITY_INVALID;
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
239 default: 240 default:
240 return -1; 241 return -1;
241 } 242 }
242 } 243 }
243 244
244 // Returns the server's certificate. The caller must release a reference 245 // Returns the server's certificate. The caller must release a reference
245 // to the return value when done. Returns NULL on failure. 246 // to the return value when done. Returns NULL on failure.
246 X509Certificate* GetServerCert(SSLContextRef ssl_context) { 247 X509Certificate* GetServerCert(SSLContextRef ssl_context) {
247 CFArrayRef certs; 248 CFArrayRef certs;
248 OSStatus status = SSLCopyPeerCertificates(ssl_context, &certs); 249 OSStatus status = SSLCopyPeerCertificates(ssl_context, &certs);
249 if (status != noErr) 250 // SSLCopyPeerCertificates may succeed but return a null |certs|.
251 if (status != noErr || !certs)
250 return NULL; 252 return NULL;
251 253
252 DCHECK_GT(CFArrayGetCount(certs), 0); 254 DCHECK_GT(CFArrayGetCount(certs), 0);
253 255
254 SecCertificateRef server_cert = static_cast<SecCertificateRef>( 256 SecCertificateRef server_cert = static_cast<SecCertificateRef>(
255 const_cast<void*>(CFArrayGetValueAtIndex(certs, 0))); 257 const_cast<void*>(CFArrayGetValueAtIndex(certs, 0)));
256 CFRetain(server_cert); 258 CFRetain(server_cert);
257 CFRelease(certs); 259 CFRelease(certs);
258 return X509Certificate::CreateFromHandle( 260 return X509Certificate::CreateFromHandle(
259 server_cert, X509Certificate::SOURCE_FROM_NETWORK); 261 server_cert, X509Certificate::SOURCE_FROM_NETWORK);
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after
522 server_cert_status_ |= CERT_STATUS_INVALID; 524 server_cert_status_ |= CERT_STATUS_INVALID;
523 525
524 for (size_t i = 0; i < ssl_config_.allowed_bad_certs.size(); ++i) { 526 for (size_t i = 0; i < ssl_config_.allowed_bad_certs.size(); ++i) {
525 if (server_cert_ == ssl_config_.allowed_bad_certs[i].cert) { 527 if (server_cert_ == ssl_config_.allowed_bad_certs[i].cert) {
526 net_error = OK; 528 net_error = OK;
527 server_cert_status_ = ssl_config_.allowed_bad_certs[i].cert_status; 529 server_cert_status_ = ssl_config_.allowed_bad_certs[i].cert_status;
528 break; 530 break;
529 } 531 }
530 } 532 }
531 } 533 }
532 } else if (IsCertStatusError(net_error)) { 534 } else if (IsCertificateError(net_error)) {
533 server_cert_ = GetServerCert(ssl_context_); 535 server_cert_ = GetServerCert(ssl_context_);
534 DCHECK(server_cert_); 536 DCHECK(server_cert_);
535 server_cert_status_ |= MapNetErrorToCertStatus(net_error); 537 server_cert_status_ |= MapNetErrorToCertStatus(net_error);
536 } 538 }
537 539
538 return net_error; 540 return net_error;
539 } 541 }
540 542
541 int SSLClientSocketMac::DoReadComplete(int result) { 543 int SSLClientSocketMac::DoReadComplete(int result) {
542 if (result < 0) { 544 if (result < 0) {
(...skipping 256 matching lines...) Expand 10 before | Expand all | Expand 10 after
799 801
800 if (rv < 0 && rv != ERR_IO_PENDING) { 802 if (rv < 0 && rv != ERR_IO_PENDING) {
801 return OSStatusFromNetError(rv); 803 return OSStatusFromNetError(rv);
802 } 804 }
803 805
804 // always lie to our caller 806 // always lie to our caller
805 return noErr; 807 return noErr;
806 } 808 }
807 809
808 } // namespace net 810 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698