Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(327)

Issue 604067: Client-side SSL cert support for Mac. (Closed)

Created:
10 years, 10 months ago by Jens Alfke
Modified:
9 years, 7 months ago
Reviewers:
wtc
CC:
chromium-reviews_googlegroups.com, John Grabowski, darin+cc_chromium.org, pam+watch_chromium.org, ben+cc_chromium.org
Visibility:
Public.

Description

Client-side SSL cert support for Mac. This includes sending an existing identity cert, and asking the user which cert to use. Doesn't yet handle SSL renegotiation, or key-gen. BUG=16831 TEST=none Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=39389

Patch Set 1 #

Patch Set 2 : fixed a few style issues #

Total comments: 28

Patch Set 3 : Responded to feedback. #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+457 lines, -124 lines) Patch
M chrome/browser/ssl/ssl_client_auth_handler.h View 1 2 1 chunk +6 lines, -1 line 0 comments Download
M chrome/browser/ssl/ssl_client_auth_handler.cc View 2 chunks +6 lines, -47 lines 0 comments Download
A chrome/browser/ssl/ssl_client_auth_handler_gtk.cc View 1 chunk +12 lines, -0 lines 0 comments Download
A chrome/browser/ssl/ssl_client_auth_handler_mac.mm View 1 2 1 chunk +59 lines, -0 lines 1 comment Download
A chrome/browser/ssl/ssl_client_auth_handler_win.cc View 1 2 1 chunk +56 lines, -0 lines 0 comments Download
M chrome/chrome_browser.gypi View 1 2 1 chunk +3 lines, -0 lines 1 comment Download
M net/base/x509_certificate.h View 1 2 1 chunk +12 lines, -0 lines 0 comments Download
M net/base/x509_certificate_mac.cc View 1 2 3 chunks +180 lines, -20 lines 0 comments Download
M net/socket/ssl_client_socket_mac.h View 1 2 1 chunk +2 lines, -0 lines 0 comments Download
M net/socket/ssl_client_socket_mac.cc View 1 2 9 chunks +121 lines, -56 lines 0 comments Download

Messages

Total messages: 4 (0 generated)
Jens Alfke
This is the working code I have, without any of the SecureTransport renegotiation bug workarounds ...
10 years, 10 months ago (2010-02-16 21:29:35 UTC) #1
wtc
LGTM. Please make the suggested changes below before you check this in. Some of them ...
10 years, 10 months ago (2010-02-17 01:49:31 UTC) #2
Jens Alfke
Thanks! There were two places I disagreed with your suggestion; see below. I've fixed the ...
10 years, 10 months ago (2010-02-17 22:00:10 UTC) #3
wtc
10 years, 10 months ago (2010-02-19 23:55:01 UTC) #4
http://codereview.chromium.org/604067/diff/1010/1017
File net/base/x509_certificate_mac.cc (right):

http://codereview.chromium.org/604067/diff/1010/1017#newcode789
net/base/x509_certificate_mac.cc:789: return true;
On 2010/02/17 22:00:10, Jens Alfke wrote:
>
> I think it's useful to distinguish between "the user has no identity certs"
and
> "I failed to read the identity certs".

Ah, you're right.

http://codereview.chromium.org/604067/diff/8002/9004
File chrome/browser/ssl/ssl_client_auth_handler_mac.mm (right):

http://codereview.chromium.org/604067/diff/8002/9004#newcode7
chrome/browser/ssl/ssl_client_auth_handler_mac.mm:7: #import
<SecurityInterface/SFChooseIdentityPanel.h>
Just curious: what's the difference between #import and
#include?

http://codereview.chromium.org/604067/diff/8002/9006
File chrome/chrome_browser.gypi (right):

http://codereview.chromium.org/604067/diff/8002/9006#newcode1680
chrome/chrome_browser.gypi:1680: 'browser/ssl/ssl_client_auth_handler_gtk.cc',
Nit: ssl_client_auth_handler_gtk.cc should be listed before
ssl_client_auth_handler_mac.mm.

Powered by Google App Engine
This is Rietveld 408576698