| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_stream_factory_impl_job.h" | 5 #include "net/http/http_stream_factory_impl_job.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
| 10 #include "base/stringprintf.h" | 10 #include "base/stringprintf.h" |
| (...skipping 995 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1006 | 1006 |
| 1007 SSLClientSocket* ssl_socket = | 1007 SSLClientSocket* ssl_socket = |
| 1008 static_cast<SSLClientSocket*>(connection_->socket()); | 1008 static_cast<SSLClientSocket*>(connection_->socket()); |
| 1009 ssl_socket->GetSSLInfo(&ssl_info_); | 1009 ssl_socket->GetSSLInfo(&ssl_info_); |
| 1010 | 1010 |
| 1011 // Add the bad certificate to the set of allowed certificates in the | 1011 // Add the bad certificate to the set of allowed certificates in the |
| 1012 // SSL config object. This data structure will be consulted after calling | 1012 // SSL config object. This data structure will be consulted after calling |
| 1013 // RestartIgnoringLastError(). And the user will be asked interactively | 1013 // RestartIgnoringLastError(). And the user will be asked interactively |
| 1014 // before RestartIgnoringLastError() is ever called. | 1014 // before RestartIgnoringLastError() is ever called. |
| 1015 SSLConfig::CertAndStatus bad_cert; | 1015 SSLConfig::CertAndStatus bad_cert; |
| 1016 bad_cert.cert = ssl_info_.cert; | 1016 |
| 1017 // |ssl_info_.cert| may be NULL if we failed to create |
| 1018 // X509Certificate for whatever reason, but normally it shouldn't |
| 1019 // happen, unless this code is used inside sandbox. |
| 1020 if (ssl_info_.cert == NULL || |
| 1021 !ssl_info_.cert->GetDEREncoded(&bad_cert.der_cert)) |
| 1022 return error; |
| 1017 bad_cert.cert_status = ssl_info_.cert_status; | 1023 bad_cert.cert_status = ssl_info_.cert_status; |
| 1018 ssl_config_.allowed_bad_certs.push_back(bad_cert); | 1024 ssl_config_.allowed_bad_certs.push_back(bad_cert); |
| 1019 | 1025 |
| 1020 int load_flags = request_info_.load_flags; | 1026 int load_flags = request_info_.load_flags; |
| 1021 if (HttpStreamFactory::ignore_certificate_errors()) | 1027 if (HttpStreamFactory::ignore_certificate_errors()) |
| 1022 load_flags |= LOAD_IGNORE_ALL_CERT_ERRORS; | 1028 load_flags |= LOAD_IGNORE_ALL_CERT_ERRORS; |
| 1023 if (ssl_socket->IgnoreCertError(error, load_flags)) | 1029 if (ssl_socket->IgnoreCertError(error, load_flags)) |
| 1024 return OK; | 1030 return OK; |
| 1025 return error; | 1031 return error; |
| 1026 } | 1032 } |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1110 << (using_spdy ? "true\n" : "false\n"); | 1116 << (using_spdy ? "true\n" : "false\n"); |
| 1111 } | 1117 } |
| 1112 } | 1118 } |
| 1113 | 1119 |
| 1114 #if defined(OS_WIN) | 1120 #if defined(OS_WIN) |
| 1115 #pragma optimize( "", on ) | 1121 #pragma optimize( "", on ) |
| 1116 #pragma warning (default: 4748) | 1122 #pragma warning (default: 4748) |
| 1117 #endif | 1123 #endif |
| 1118 | 1124 |
| 1119 } // namespace net | 1125 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7401003:
Don't use X509Certificate in SSLConfig. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src