Chromium Code Reviews Chromium Code Reviews
Issue 7327029:
Add client-side support for the origin bound certificate TLS extension. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| Index: net/third_party/nss/ssl/sslsock.c |
| =================================================================== |
| --- net/third_party/nss/ssl/sslsock.c (revision 91902) |
| +++ net/third_party/nss/ssl/sslsock.c (working copy) |
| @@ -187,6 +187,7 @@ |
| PR_FALSE, /* enableFalseStart */ |
| PR_FALSE, /* enableOCSPStapling */ |
| PR_FALSE, /* enableCachedInfo */ |
| + PR_TRUE, /* enableOBCerts */ |
| }; |
| sslSessionIDLookupFunc ssl_sid_lookup; |
| @@ -752,6 +753,10 @@ |
| ss->opt.enableCachedInfo = on; |
| break; |
| + case SSL_ENABLE_OB_CERTS: |
| + ss->opt.enableOBCerts = on; |
| + break; |
| + |
| default: |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| rv = SECFailure; |
| @@ -817,7 +822,8 @@ |
| on = ss->opt.requireSafeNegotiation; break; |
| case SSL_ENABLE_FALSE_START: on = ss->opt.enableFalseStart; break; |
| case SSL_ENABLE_OCSP_STAPLING: on = ss->opt.enableOCSPStapling; break; |
| - case SSL_ENABLE_CACHED_INFO: on = ss->opt.enableCachedInfo; break; |
| + case SSL_ENABLE_CACHED_INFO: on = ss->opt.enableCachedInfo; break; |
| + case SSL_ENABLE_OB_CERTS: on = ss->opt.enableOBCerts; break; |
| default: |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| @@ -873,6 +879,7 @@ |
| on = ssl_defaults.enableOCSPStapling; |
| break; |
| case SSL_ENABLE_CACHED_INFO: on = ssl_defaults.enableCachedInfo; break; |
| + case SSL_ENABLE_OB_CERTS: on = ssl_defaults.enableOBCerts; break; |
|
wtc
2011/07/13 22:13:47
Nit: align the "on = " and "break" with the cases
|
| default: |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| @@ -1028,6 +1035,10 @@ |
| ssl_defaults.enableCachedInfo = on; |
| break; |
| + case SSL_ENABLE_OB_CERTS: |
| + ssl_defaults.enableOBCerts = on; |
| + break; |
| + |
| default: |
| PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| return SECFailure; |
