| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 * use your version of this file under the terms of the MPL, indicate your | 40 * use your version of this file under the terms of the MPL, indicate your |
| 41 * decision by deleting the provisions above and replace them with the notice | 41 * decision by deleting the provisions above and replace them with the notice |
| 42 * and other provisions required by the GPL or the LGPL. If you do not delete | 42 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 43 * the provisions above, a recipient may use your version of this file under | 43 * the provisions above, a recipient may use your version of this file under |
| 44 * the terms of any one of the MPL, the GPL or the LGPL. | 44 * the terms of any one of the MPL, the GPL or the LGPL. |
| 45 * | 45 * |
| 46 * ***** END LICENSE BLOCK ***** */ | 46 * ***** END LICENSE BLOCK ***** */ |
| 47 | 47 |
| 48 #include "net/socket/ssl_client_socket_nss.h" | 48 #include "net/socket/ssl_client_socket_nss.h" |
| 49 | 49 |
| 50 #if defined(USE_SYSTEM_SSL) | |
| 51 #include <dlfcn.h> | |
| 52 #endif | |
| 53 #if defined(OS_MACOSX) | |
| 54 #include <Security/Security.h> | |
| 55 #endif | |
| 56 #include <certdb.h> | 50 #include <certdb.h> |
| 57 #include <hasht.h> | 51 #include <hasht.h> |
| 58 #include <keyhi.h> | 52 #include <keyhi.h> |
| 59 #include <nspr.h> | 53 #include <nspr.h> |
| 60 #include <nss.h> | 54 #include <nss.h> |
| 61 #include <pk11pub.h> | 55 #include <pk11pub.h> |
| 62 #include <secerr.h> | 56 #include <secerr.h> |
| 63 #include <sechash.h> | 57 #include <sechash.h> |
| 64 #include <ssl.h> | 58 #include <ssl.h> |
| 65 #include <sslerr.h> | 59 #include <sslerr.h> |
| (...skipping 24 matching lines...) Expand all Loading... |
| 90 #include "net/base/ssl_cert_request_info.h" | 84 #include "net/base/ssl_cert_request_info.h" |
| 91 #include "net/base/ssl_connection_status_flags.h" | 85 #include "net/base/ssl_connection_status_flags.h" |
| 92 #include "net/base/ssl_info.h" | 86 #include "net/base/ssl_info.h" |
| 93 #include "net/base/sys_addrinfo.h" | 87 #include "net/base/sys_addrinfo.h" |
| 94 #include "net/ocsp/nss_ocsp.h" | 88 #include "net/ocsp/nss_ocsp.h" |
| 95 #include "net/socket/client_socket_handle.h" | 89 #include "net/socket/client_socket_handle.h" |
| 96 #include "net/socket/dns_cert_provenance_check.h" | 90 #include "net/socket/dns_cert_provenance_check.h" |
| 97 #include "net/socket/ssl_error_params.h" | 91 #include "net/socket/ssl_error_params.h" |
| 98 #include "net/socket/ssl_host_info.h" | 92 #include "net/socket/ssl_host_info.h" |
| 99 | 93 |
| 94 #if defined(USE_SYSTEM_SSL) |
| 95 #include <dlfcn.h> |
| 96 #endif |
| 97 #if defined(OS_WIN) |
| 98 #include <windows.h> |
| 99 #include <wincrypt.h> |
| 100 #elif defined(OS_MACOSX) |
| 101 #include <Security/SecBase.h> |
| 102 #include <Security/SecCertificate.h> |
| 103 #include <Security/SecIdentity.h> |
| 104 #endif |
| 105 |
| 100 static const int kRecvBufferSize = 4096; | 106 static const int kRecvBufferSize = 4096; |
| 101 | 107 |
| 102 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a | 108 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a |
| 103 // Write to an SSL socket which we're False Starting. Since corking stops the | 109 // Write to an SSL socket which we're False Starting. Since corking stops the |
| 104 // Finished message from being sent, the server sees an incomplete handshake | 110 // Finished message from being sent, the server sees an incomplete handshake |
| 105 // and some will time out such sockets quite aggressively. | 111 // and some will time out such sockets quite aggressively. |
| 106 static const int kCorkTimeoutMs = 200; | 112 static const int kCorkTimeoutMs = 200; |
| 107 | 113 |
| 108 namespace net { | 114 namespace net { |
| 109 | 115 |
| (...skipping 2489 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2599 case SSL_CONNECTION_VERSION_TLS1_1: | 2605 case SSL_CONNECTION_VERSION_TLS1_1: |
| 2600 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); | 2606 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); |
| 2601 break; | 2607 break; |
| 2602 case SSL_CONNECTION_VERSION_TLS1_2: | 2608 case SSL_CONNECTION_VERSION_TLS1_2: |
| 2603 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); | 2609 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); |
| 2604 break; | 2610 break; |
| 2605 }; | 2611 }; |
| 2606 } | 2612 } |
| 2607 | 2613 |
| 2608 } // namespace net | 2614 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
