Fix SSLSessionOption's name

net/socket/ssl_client_socket_mac.cc

 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket_mac.h"
 
 #include <CoreServices/CoreServices.h>
 
 #include "base/scoped_cftyperef.h"
 #include "base/singleton.h"
@@ skipping 82 matching lines @@
 namespace net {
 
 namespace {
 
 #if MAC_OS_X_VERSION_MAX_ALLOWED <= MAC_OS_X_VERSION_10_5
 // Declarations needed to call the 10.5.7 and later SSLSetSessionOption()
 // function when building with the 10.5.0 SDK.
 typedef enum {
   kSSLSessionOptionBreakOnServerAuth,
   kSSLSessionOptionBreakOnCertRequested,
-} SSLSetSessionOptionType;
+} SSLSessionOption;
 
 enum {
   errSSLServerAuthCompleted = -9841,
   errSSLClientCertRequested = -9842,
 };
 
 // When compiled against the Mac OS X 10.5 SDK, define symbolic constants for
 // cipher suites added in Mac OS X 10.6.
 enum {
   // ECC cipher suites from RFC 4492.
@@ skipping 19 matching lines @@
   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA     = 0xC014,
   TLS_ECDH_anon_WITH_NULL_SHA            = 0xC015,
   TLS_ECDH_anon_WITH_RC4_128_SHA         = 0xC016,
   TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA    = 0xC017,
   TLS_ECDH_anon_WITH_AES_128_CBC_SHA     = 0xC018,
   TLS_ECDH_anon_WITH_AES_256_CBC_SHA     = 0xC019,
 };
 #endif
 
 typedef OSStatus (*SSLSetSessionOptionFuncPtr)(SSLContextRef,
-                                               SSLSetSessionOptionType,
+                                               SSLSessionOption,
                                                Boolean);
 // For an explanation of the Mac OS X error codes, please refer to:
 // http://developer.apple.com/mac/library/documentation/Security/Reference/secureTransportRef/Reference/reference.html
 int NetErrorFromOSStatus(OSStatus status) {
   switch (status) {
     case errSSLWouldBlock:
       return ERR_IO_PENDING;
     case errSSLBadCipherSuite:
     case errSSLBadConfiguration:
       return ERR_INVALID_ARGUMENT;
@@ skipping 565 matching lines @@
   // the server certificate and then re-enter that handshake (assuming the
   // certificate successfully validated).
   //
   // If SSLSetSessionOption() is not present, we do not enable session
   // resumption, because in that case we are verifying the server's certificate
   // after the handshake completes (but before any application data is
   // exchanged). If we were to enable session resumption in this situation,
   // the session would be cached before we verified the certificate, leaving
   // the potential for a session in which the certificate failed to validate
   // to still be able to be resumed.
   SSLSetSessionOptionFuncPtr ssl_set_session_options =

[Mark Mentovai, 2010/02/19 17:50:37]

On an unrelated note, you should really consider making this static.

[Jens Alfke, 2010/02/19 18:42:45]

Good point, since function lookup could be slow. Would you mind making the
change in this patch?

       LookupFunction<SSLSetSessionOptionFuncPtr>(CFSTR("com.apple.security"),
                                                  CFSTR("SSLSetSessionOption"));
   if (ssl_set_session_options) {
     status = ssl_set_session_options(ssl_context_,
                                      kSSLSessionOptionBreakOnServerAuth,
                                      true);
     if (!status)
       status = ssl_set_session_options(ssl_context_,
                                        kSSLSessionOptionBreakOnCertRequested,
                                        true);
@@ skipping 424 matching lines @@
   if (rv < 0 && rv != ERR_IO_PENDING) {
     us->write_io_buf_ = NULL;
     return OSStatusFromNetError(rv);
   }
 
   // always lie to our caller
   return noErr;
 }
 
 }  // namespace net