net/socket/ssl_client_socket_nss.cc - Issue 7327029: Add client-side support for the origin bound certificate TLS extension.

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 7327029: Add client-side support for the origin bound certificate TLS extension. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: '' Created 9 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived	5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived

6 // from AuthCertificateCallback() in	6 // from AuthCertificateCallback() in

7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.	7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.

8	8

9 /* *** BEGIN LICENSE BLOCK ***	9 /* *** BEGIN LICENSE BLOCK ***

10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

(...skipping 939 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
950 }	950 }

951 #endif	951 #endif

952	952

953 #ifdef SSL_ENABLE_CACHED_INFO	953 #ifdef SSL_ENABLE_CACHED_INFO

954 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_CACHED_INFO,	954 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_CACHED_INFO,

955 ssl_config_.cached_info_enabled);	955 ssl_config_.cached_info_enabled);

956 if (rv != SECSuccess)	956 if (rv != SECSuccess)

957 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_CACHED_INFO");	957 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_CACHED_INFO");

958 #endif	958 #endif

959	959

	960 #ifdef SSL_ENABLE_OB_CERTS

	961 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_OB_CERTS, PR_FALSE);

	962 if (rv != SECSuccess)

	963 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_OB_CERTS");

	964 #endif

	965

960 rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);	966 rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);

961 if (rv != SECSuccess) {	967 if (rv != SECSuccess) {

962 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_HANDSHAKE_AS_CLIENT");	968 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_HANDSHAKE_AS_CLIENT");

963 return ERR_UNEXPECTED;	969 return ERR_UNEXPECTED;

964 }	970 }

965	971

966 rv = SSL_AuthCertificateHook(nss_fd_, OwnAuthCertHandler, this);	972 rv = SSL_AuthCertificateHook(nss_fd_, OwnAuthCertHandler, this);

967 if (rv != SECSuccess) {	973 if (rv != SECSuccess) {

968 LogFailedNSSFunction(net_log_, "SSL_AuthCertificateHook", "");	974 LogFailedNSSFunction(net_log_, "SSL_AuthCertificateHook", "");

969 return ERR_UNEXPECTED;	975 return ERR_UNEXPECTED;

(...skipping 1293 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2263 valid_thread_id_ = base::PlatformThread::CurrentId();	2269 valid_thread_id_ = base::PlatformThread::CurrentId();

2264 }	2270 }

2265	2271

2266 bool SSLClientSocketNSS::CalledOnValidThread() const {	2272 bool SSLClientSocketNSS::CalledOnValidThread() const {

2267 EnsureThreadIdAssigned();	2273 EnsureThreadIdAssigned();

2268 base::AutoLock auto_lock(lock_);	2274 base::AutoLock auto_lock(lock_);

2269 return valid_thread_id_ == base::PlatformThread::CurrentId();	2275 return valid_thread_id_ == base::PlatformThread::CurrentId();

2270 }	2276 }

2271	2277

2272 } // namespace net	2278 } // namespace net

OLD	NEW

« no previous file with comments | « no previous file | net/third_party/nss/ssl/ssl.h » ('j') | no next file with comments »