net/socket/ssl_client_socket_nss.cc - Issue 4339001: Correctly handle SSL Client Authentication requests when connecting...

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_nss.cc

Issue 4339001: Correctly handle SSL Client Authentication requests when connecting... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Rebase... Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_nss.cc

===================================================================

--- net/socket/ssl_client_socket_nss.cc (revision 65819)

+++ net/socket/ssl_client_socket_nss.cc (working copy)

@@ -397,6 +397,7 @@

SSLClientSocketNSS::SSLClientSocketNSS(ClientSocketHandle* transport_socket,

const std::string& hostname,

+ uint16 port,

const SSLConfig& ssl_config,

SSLHostInfo* ssl_host_info,

DnsRRResolver* dnsrr_resolver)

@@ -411,6 +412,7 @@

this, &SSLClientSocketNSS::OnHandshakeIOComplete)),

transport_(transport_socket),

hostname_(hostname),

+ port_(port),

ssl_config_(ssl_config),

user_connect_callback_(NULL),

user_read_callback_(NULL),

@@ -858,10 +860,7 @@

// Set the peer ID for session reuse. This is necessary when we create an

// SSL tunnel through a proxy -- GetPeerName returns the proxy's address

// rather than the destination server's address in that case.

- // TODO(wtc): port in |peer_address| is not the server's port when a proxy is

- // used.

- std::string peer_id = base::StringPrintf("%s:%d", hostname_.c_str(),

- peer_address.GetPort());

+ std::string peer_id = HostPortPair(hostname_, port_).ToString();

SECStatus rv = SSL_SetSockPeerID(nss_fd_, const_cast<char*>(peer_id.c_str()));

if (rv != SECSuccess)

LogFailedNSSFunction(net_log_, "SSL_SetSockPeerID", peer_id.c_str());

@@ -1184,7 +1183,7 @@

void SSLClientSocketNSS::GetSSLCertRequestInfo(

SSLCertRequestInfo* cert_request_info) {

EnterFunction("");

- cert_request_info->host_and_port = hostname_; // TODO(wtc): no port!

+ cert_request_info->host_and_port = HostPortPair(hostname_, port_).ToString();

cert_request_info->client_certs = client_certs_;

LeaveFunction(cert_request_info->client_certs.size());

}

@@ -2347,14 +2346,6 @@

}

int SSLClientSocketNSS::DoVerifyDNSSEC(int result) {

-#if !defined(USE_OPENSSL)

- if (ssl_config_.dns_cert_provenance_checking_enabled && dnsrr_resolver_) {

- PeerCertificateChain certs(nss_fd_);

- DoAsyncDNSCertProvenanceVerification(

- hostname_, dnsrr_resolver_, certs.AsStringPieceVector());

- }

-#endif

if (ssl_config_.dnssec_enabled) {

DNSValidationResult r = CheckDNSSECChain(hostname_, server_cert_nss_);

if (r == DNSVR_SUCCESS) {

« net/socket/client_socket_factory.h ('K') | « net/socket/ssl_client_socket_nss.h ('k') | net/socket/ssl_client_socket_openssl.h » ('j') | no next file with comments »