Chromium Code Reviews Chromium Code Reviews
Issue 2944008:
Refactor X509Certificate caching to cache the OS handle, rather than the X509Certificate (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/ssl.h> | 10 #include <openssl/ssl.h> |
| (...skipping 851 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 862 } | 862 } |
| 863 | 863 |
| 864 // Unlike SSL_get_peer_certificate, SSL_get_peer_cert_chain does not | 864 // Unlike SSL_get_peer_certificate, SSL_get_peer_cert_chain does not |
| 865 // increment the reference so sk_X509_free does not need to be called. | 865 // increment the reference so sk_X509_free does not need to be called. |
| 866 STACK_OF(X509)* chain = SSL_get_peer_cert_chain(ssl_); | 866 STACK_OF(X509)* chain = SSL_get_peer_cert_chain(ssl_); |
| 867 X509Certificate::OSCertHandles intermediates; | 867 X509Certificate::OSCertHandles intermediates; |
| 868 if (chain) { | 868 if (chain) { |
| 869 for (int i = 0; i < sk_X509_num(chain); ++i) | 869 for (int i = 0; i < sk_X509_num(chain); ++i) |
| 870 intermediates.push_back(sk_X509_value(chain, i)); | 870 intermediates.push_back(sk_X509_value(chain, i)); |
| 871 } | 871 } |
| 872 server_cert_ = X509Certificate::CreateFromHandle( | 872 server_cert_ = X509Certificate::CreateFromHandle(cert.get(), |
| 873 cert.get(), X509Certificate::SOURCE_FROM_NETWORK, intermediates); | 873 intermediates); |
|
wtc
2011/07/17 01:55:32
This may fit on the previous line.
| |
| 874 DCHECK(server_cert_); | 874 DCHECK(server_cert_); |
| 875 | 875 |
| 876 return server_cert_; | 876 return server_cert_; |
| 877 } | 877 } |
| 878 | 878 |
| 879 bool SSLClientSocketOpenSSL::DoTransportIO() { | 879 bool SSLClientSocketOpenSSL::DoTransportIO() { |
| 880 bool network_moved = false; | 880 bool network_moved = false; |
| 881 int nsent = BufferSend(); | 881 int nsent = BufferSend(); |
| 882 int nreceived = BufferRecv(); | 882 int nreceived = BufferRecv(); |
| 883 network_moved = (nsent > 0 || nreceived >= 0); | 883 network_moved = (nsent > 0 || nreceived >= 0); |
| (...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1210 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, | 1210 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, |
| 1211 user_write_buf_->data()); | 1211 user_write_buf_->data()); |
| 1212 return rv; | 1212 return rv; |
| 1213 } | 1213 } |
| 1214 | 1214 |
| 1215 int err = SSL_get_error(ssl_, rv); | 1215 int err = SSL_get_error(ssl_, rv); |
| 1216 return MapOpenSSLError(err, err_tracer); | 1216 return MapOpenSSLError(err, err_tracer); |
| 1217 } | 1217 } |
| 1218 | 1218 |
| 1219 } // namespace net | 1219 } // namespace net |
| OLD | NEW |
