| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/ssl.h> | 10 #include <openssl/ssl.h> |
| (...skipping 263 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 SessionMap session_map_; | 274 SessionMap session_map_; |
| 275 | 275 |
| 276 // Protects access to both the above maps. | 276 // Protects access to both the above maps. |
| 277 Lock lock_; | 277 Lock lock_; |
| 278 | 278 |
| 279 DISALLOW_COPY_AND_ASSIGN(SSLSessionCache); | 279 DISALLOW_COPY_AND_ASSIGN(SSLSessionCache); |
| 280 }; | 280 }; |
| 281 | 281 |
| 282 class SSLContext { | 282 class SSLContext { |
| 283 public: | 283 public: |
| 284 static SSLContext* Get() { return Singleton<SSLContext>::get(); } | 284 static SSLContext* GetInstance() { return Singleton<SSLContext>::get(); } |
| 285 SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); } | 285 SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); } |
| 286 SSLSessionCache* session_cache() { return &session_cache_; } | 286 SSLSessionCache* session_cache() { return &session_cache_; } |
| 287 | 287 |
| 288 SSLClientSocketOpenSSL* GetClientSocketFromSSL(SSL* ssl) { | 288 SSLClientSocketOpenSSL* GetClientSocketFromSSL(SSL* ssl) { |
| 289 DCHECK(ssl); | 289 DCHECK(ssl); |
| 290 SSLClientSocketOpenSSL* socket = static_cast<SSLClientSocketOpenSSL*>( | 290 SSLClientSocketOpenSSL* socket = static_cast<SSLClientSocketOpenSSL*>( |
| 291 SSL_get_ex_data(ssl, ssl_socket_data_index_)); | 291 SSL_get_ex_data(ssl, ssl_socket_data_index_)); |
| 292 DCHECK(socket); | 292 DCHECK(socket); |
| 293 return socket; | 293 return socket; |
| 294 } | 294 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 315 #if defined(OPENSSL_NPN_NEGOTIATED) | 315 #if defined(OPENSSL_NPN_NEGOTIATED) |
| 316 // TODO(kristianm): Only select this if ssl_config_.next_proto is not empty. | 316 // TODO(kristianm): Only select this if ssl_config_.next_proto is not empty. |
| 317 // It would be better if the callback were not a global setting, | 317 // It would be better if the callback were not a global setting, |
| 318 // but that is an OpenSSL issue. | 318 // but that is an OpenSSL issue. |
| 319 SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback, | 319 SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback, |
| 320 NULL); | 320 NULL); |
| 321 #endif | 321 #endif |
| 322 } | 322 } |
| 323 | 323 |
| 324 static int NewSessionCallbackStatic(SSL* ssl, SSL_SESSION* session) { | 324 static int NewSessionCallbackStatic(SSL* ssl, SSL_SESSION* session) { |
| 325 return Get()->NewSessionCallback(ssl, session); | 325 return GetInstance()->NewSessionCallback(ssl, session); |
| 326 } | 326 } |
| 327 | 327 |
| 328 int NewSessionCallback(SSL* ssl, SSL_SESSION* session) { | 328 int NewSessionCallback(SSL* ssl, SSL_SESSION* session) { |
| 329 SSLClientSocketOpenSSL* socket = GetClientSocketFromSSL(ssl); | 329 SSLClientSocketOpenSSL* socket = GetClientSocketFromSSL(ssl); |
| 330 session_cache_.OnSessionAdded(socket->host_and_port(), session); | 330 session_cache_.OnSessionAdded(socket->host_and_port(), session); |
| 331 return 1; // 1 => We took ownership of |session|. | 331 return 1; // 1 => We took ownership of |session|. |
| 332 } | 332 } |
| 333 | 333 |
| 334 static void RemoveSessionCallbackStatic(SSL_CTX* ctx, SSL_SESSION* session) { | 334 static void RemoveSessionCallbackStatic(SSL_CTX* ctx, SSL_SESSION* session) { |
| 335 return Get()->RemoveSessionCallback(ctx, session); | 335 return GetInstance()->RemoveSessionCallback(ctx, session); |
| 336 } | 336 } |
| 337 | 337 |
| 338 void RemoveSessionCallback(SSL_CTX* ctx, SSL_SESSION* session) { | 338 void RemoveSessionCallback(SSL_CTX* ctx, SSL_SESSION* session) { |
| 339 DCHECK(ctx == ssl_ctx()); | 339 DCHECK(ctx == ssl_ctx()); |
| 340 session_cache_.OnSessionRemoved(session); | 340 session_cache_.OnSessionRemoved(session); |
| 341 } | 341 } |
| 342 | 342 |
| 343 static int ClientCertCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey) { | 343 static int ClientCertCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey) { |
| 344 SSLClientSocketOpenSSL* socket = Get()->GetClientSocketFromSSL(ssl); | 344 SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl); |
| 345 CHECK(socket); | 345 CHECK(socket); |
| 346 return socket->ClientCertRequestCallback(ssl, x509, pkey); | 346 return socket->ClientCertRequestCallback(ssl, x509, pkey); |
| 347 } | 347 } |
| 348 | 348 |
| 349 static int SelectNextProtoCallback(SSL* ssl, | 349 static int SelectNextProtoCallback(SSL* ssl, |
| 350 unsigned char** out, unsigned char* outlen, | 350 unsigned char** out, unsigned char* outlen, |
| 351 const unsigned char* in, | 351 const unsigned char* in, |
| 352 unsigned int inlen, void* arg) { | 352 unsigned int inlen, void* arg) { |
| 353 SSLClientSocketOpenSSL* socket = Get()->GetClientSocketFromSSL(ssl); | 353 SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl); |
| 354 return socket->SelectNextProtoCallback(out, outlen, in, inlen); | 354 return socket->SelectNextProtoCallback(out, outlen, in, inlen); |
| 355 } | 355 } |
| 356 | 356 |
| 357 // This is the index used with SSL_get_ex_data to retrieve the owner | 357 // This is the index used with SSL_get_ex_data to retrieve the owner |
| 358 // SSLClientSocketOpenSSL object from an SSL instance. | 358 // SSLClientSocketOpenSSL object from an SSL instance. |
| 359 int ssl_socket_data_index_; | 359 int ssl_socket_data_index_; |
| 360 | 360 |
| 361 base::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ssl_ctx_; | 361 base::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ssl_ctx_; |
| 362 SSLSessionCache session_cache_; | 362 SSLSessionCache session_cache_; |
| 363 }; | 363 }; |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 405 } | 405 } |
| 406 | 406 |
| 407 SSLClientSocketOpenSSL::~SSLClientSocketOpenSSL() { | 407 SSLClientSocketOpenSSL::~SSLClientSocketOpenSSL() { |
| 408 Disconnect(); | 408 Disconnect(); |
| 409 } | 409 } |
| 410 | 410 |
| 411 bool SSLClientSocketOpenSSL::Init() { | 411 bool SSLClientSocketOpenSSL::Init() { |
| 412 DCHECK(!ssl_); | 412 DCHECK(!ssl_); |
| 413 DCHECK(!transport_bio_); | 413 DCHECK(!transport_bio_); |
| 414 | 414 |
| 415 SSLContext* context = SSLContext::Get(); | 415 SSLContext* context = SSLContext::GetInstance(); |
| 416 base::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 416 base::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 417 | 417 |
| 418 ssl_ = SSL_new(context->ssl_ctx()); | 418 ssl_ = SSL_new(context->ssl_ctx()); |
| 419 if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this)) | 419 if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this)) |
| 420 return false; | 420 return false; |
| 421 | 421 |
| 422 if (!SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str())) | 422 if (!SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str())) |
| 423 return false; | 423 return false; |
| 424 | 424 |
| 425 trying_cached_session_ = | 425 trying_cached_session_ = |
| (...skipping 755 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1181 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); | 1181 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); |
| 1182 | 1182 |
| 1183 if (rv >= 0) | 1183 if (rv >= 0) |
| 1184 return rv; | 1184 return rv; |
| 1185 | 1185 |
| 1186 int err = SSL_get_error(ssl_, rv); | 1186 int err = SSL_get_error(ssl_, rv); |
| 1187 return MapOpenSSLError(err, err_tracer); | 1187 return MapOpenSSLError(err, err_tracer); |
| 1188 } | 1188 } |
| 1189 | 1189 |
| 1190 } // namespace net | 1190 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5767005:
Fix openssl after singleton refactor (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src