| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 680 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 691 // structure has a one-byte length and one-byte address family | 691 // structure has a one-byte length and one-byte address family |
| 692 // field at the beginning. PRNetAddr has a two-byte address | 692 // field at the beginning. PRNetAddr has a two-byte address |
| 693 // family field at the beginning. | 693 // family field at the beginning. |
| 694 peername.raw.family = ai->ai_addr->sa_family; | 694 peername.raw.family = ai->ai_addr->sa_family; |
| 695 | 695 |
| 696 memio_SetPeerName(nss_fd_, &peername); | 696 memio_SetPeerName(nss_fd_, &peername); |
| 697 | 697 |
| 698 // Set the peer ID for session reuse. This is necessary when we create an | 698 // Set the peer ID for session reuse. This is necessary when we create an |
| 699 // SSL tunnel through a proxy -- GetPeerName returns the proxy's address | 699 // SSL tunnel through a proxy -- GetPeerName returns the proxy's address |
| 700 // rather than the destination server's address in that case. | 700 // rather than the destination server's address in that case. |
| 701 std::string peer_id = host_and_port_.ToString(); | 701 // |
| 702 // We incorporate the session cache id to, e.g., have a separate |
| 703 // session cache in incognito mode. |
| 704 const std::string& host_and_port_string = host_and_port_.ToString(); |
| 705 std::string peer_id = base::StringPrintf("%d:%s", |
| 706 ssl_config_.session_cache_id, |
| 707 host_and_port_string.c_str()); |
| 702 SECStatus rv = SSL_SetSockPeerID(nss_fd_, const_cast<char*>(peer_id.c_str())); | 708 SECStatus rv = SSL_SetSockPeerID(nss_fd_, const_cast<char*>(peer_id.c_str())); |
| 703 if (rv != SECSuccess) | 709 if (rv != SECSuccess) |
| 704 LogFailedNSSFunction(net_log_, "SSL_SetSockPeerID", peer_id.c_str()); | 710 LogFailedNSSFunction(net_log_, "SSL_SetSockPeerID", peer_id.c_str()); |
| 705 | 711 |
| 706 peername_initialized_ = true; | 712 peername_initialized_ = true; |
| 707 return OK; | 713 return OK; |
| 708 } | 714 } |
| 709 | 715 |
| 710 void SSLClientSocketNSS::Disconnect() { | 716 void SSLClientSocketNSS::Disconnect() { |
| 711 EnterFunction(""); | 717 EnterFunction(""); |
| (...skipping 1711 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2423 case SSL_CONNECTION_VERSION_TLS1_1: | 2429 case SSL_CONNECTION_VERSION_TLS1_1: |
| 2424 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); | 2430 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_1); |
| 2425 break; | 2431 break; |
| 2426 case SSL_CONNECTION_VERSION_TLS1_2: | 2432 case SSL_CONNECTION_VERSION_TLS1_2: |
| 2427 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); | 2433 UpdateConnectionTypeHistograms(CONNECTION_SSL_TLS1_2); |
| 2428 break; | 2434 break; |
| 2429 }; | 2435 }; |
| 2430 } | 2436 } |
| 2431 | 2437 |
| 2432 } // namespace net | 2438 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6019005:
Use separate SSL session caches per profile (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src