OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 29 matching lines...) Expand all Loading... |
40 * use your version of this file under the terms of the MPL, indicate your | 40 * use your version of this file under the terms of the MPL, indicate your |
41 * decision by deleting the provisions above and replace them with the notice | 41 * decision by deleting the provisions above and replace them with the notice |
42 * and other provisions required by the GPL or the LGPL. If you do not delete | 42 * and other provisions required by the GPL or the LGPL. If you do not delete |
43 * the provisions above, a recipient may use your version of this file under | 43 * the provisions above, a recipient may use your version of this file under |
44 * the terms of any one of the MPL, the GPL or the LGPL. | 44 * the terms of any one of the MPL, the GPL or the LGPL. |
45 * | 45 * |
46 * ***** END LICENSE BLOCK ***** */ | 46 * ***** END LICENSE BLOCK ***** */ |
47 | 47 |
48 #include "net/socket/ssl_client_socket_nss.h" | 48 #include "net/socket/ssl_client_socket_nss.h" |
49 | 49 |
50 #if defined(USE_SYSTEM_SSL) | |
51 #include <dlfcn.h> | |
52 #endif | |
53 #if defined(OS_MACOSX) | |
54 #include <Security/Security.h> | |
55 #endif | |
56 #include <certdb.h> | 50 #include <certdb.h> |
57 #include <hasht.h> | 51 #include <hasht.h> |
58 #include <keyhi.h> | 52 #include <keyhi.h> |
59 #include <nspr.h> | 53 #include <nspr.h> |
60 #include <nss.h> | 54 #include <nss.h> |
61 #include <pk11pub.h> | 55 #include <pk11pub.h> |
62 #include <secerr.h> | 56 #include <secerr.h> |
63 #include <sechash.h> | 57 #include <sechash.h> |
64 #include <ssl.h> | 58 #include <ssl.h> |
65 #include <sslerr.h> | 59 #include <sslerr.h> |
(...skipping 24 matching lines...) Expand all Loading... |
90 #include "net/base/ssl_cert_request_info.h" | 84 #include "net/base/ssl_cert_request_info.h" |
91 #include "net/base/ssl_connection_status_flags.h" | 85 #include "net/base/ssl_connection_status_flags.h" |
92 #include "net/base/ssl_info.h" | 86 #include "net/base/ssl_info.h" |
93 #include "net/base/sys_addrinfo.h" | 87 #include "net/base/sys_addrinfo.h" |
94 #include "net/ocsp/nss_ocsp.h" | 88 #include "net/ocsp/nss_ocsp.h" |
95 #include "net/socket/client_socket_handle.h" | 89 #include "net/socket/client_socket_handle.h" |
96 #include "net/socket/dns_cert_provenance_check.h" | 90 #include "net/socket/dns_cert_provenance_check.h" |
97 #include "net/socket/ssl_error_params.h" | 91 #include "net/socket/ssl_error_params.h" |
98 #include "net/socket/ssl_host_info.h" | 92 #include "net/socket/ssl_host_info.h" |
99 | 93 |
| 94 #if defined(USE_SYSTEM_SSL) |
| 95 #include <dlfcn.h> |
| 96 #endif |
| 97 #if defined(OS_WIN) |
| 98 #include <windows.h> |
| 99 #include <wincrypt.h> |
| 100 #elif defined(OS_MACOSX) |
| 101 #include <Security/SecBase.h> |
| 102 #include <Security/SecCertificate.h> |
| 103 #include <Security/SecIdentity.h> |
| 104 #endif |
| 105 |
100 static const int kRecvBufferSize = 4096; | 106 static const int kRecvBufferSize = 4096; |
101 | 107 |
102 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a | 108 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a |
103 // Write to an SSL socket which we're False Starting. Since corking stops the | 109 // Write to an SSL socket which we're False Starting. Since corking stops the |
104 // Finished message from being sent, the server sees an incomplete handshake | 110 // Finished message from being sent, the server sees an incomplete handshake |
105 // and some will time out such sockets quite aggressively. | 111 // and some will time out such sockets quite aggressively. |
106 static const int kCorkTimeoutMs = 200; | 112 static const int kCorkTimeoutMs = 200; |
107 | 113 |
108 namespace net { | 114 namespace net { |
109 | 115 |
(...skipping 2489 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2599 case SSL_CONNECTION_VERSION_TLS1_1: | 2605 case SSL_CONNECTION_VERSION_TLS1_1: |
2600 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); | 2606 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); |
2601 break; | 2607 break; |
2602 case SSL_CONNECTION_VERSION_TLS1_2: | 2608 case SSL_CONNECTION_VERSION_TLS1_2: |
2603 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); | 2609 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); |
2604 break; | 2610 break; |
2605 }; | 2611 }; |
2606 } | 2612 } |
2607 | 2613 |
2608 } // namespace net | 2614 } // namespace net |
OLD | NEW |