Chromium Code Reviews Chromium Code Reviews
Issue 7401003:
Don't use X509Certificate in SSLConfig. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_stream_factory_impl_job.h" | 5 #include "net/http/http_stream_factory_impl_job.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/stl_util-inl.h" | 8 #include "base/stl_util-inl.h" |
| 9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
| 10 #include "base/stringprintf.h" | 10 #include "base/stringprintf.h" |
| (...skipping 995 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1006 | 1006 |
| 1007 SSLClientSocket* ssl_socket = | 1007 SSLClientSocket* ssl_socket = |
| 1008 static_cast<SSLClientSocket*>(connection_->socket()); | 1008 static_cast<SSLClientSocket*>(connection_->socket()); |
| 1009 ssl_socket->GetSSLInfo(&ssl_info_); | 1009 ssl_socket->GetSSLInfo(&ssl_info_); |
| 1010 | 1010 |
| 1011 // Add the bad certificate to the set of allowed certificates in the | 1011 // Add the bad certificate to the set of allowed certificates in the |
| 1012 // SSL config object. This data structure will be consulted after calling | 1012 // SSL config object. This data structure will be consulted after calling |
| 1013 // RestartIgnoringLastError(). And the user will be asked interactively | 1013 // RestartIgnoringLastError(). And the user will be asked interactively |
| 1014 // before RestartIgnoringLastError() is ever called. | 1014 // before RestartIgnoringLastError() is ever called. |
| 1015 SSLConfig::CertAndStatus bad_cert; | 1015 SSLConfig::CertAndStatus bad_cert; |
| 1016 bad_cert.cert = ssl_info_.cert; | 1016 if (ssl_info_.cert == NULL || |
| 1017 !ssl_info_.cert->GetDEREncoded(&bad_cert.cert_der)) | |
| 1018 return error; | |
|
wtc
2011/07/19 21:57:01
Are you sure ssl_info_.cert may be NULL here? I d
Sergey Ulanov
2011/07/19 23:50:21
Normally ssl_info.cert should not be set to NULL,
| |
| 1017 bad_cert.cert_status = ssl_info_.cert_status; | 1019 bad_cert.cert_status = ssl_info_.cert_status; |
| 1018 ssl_config_.allowed_bad_certs.push_back(bad_cert); | 1020 ssl_config_.allowed_bad_certs.push_back(bad_cert); |
| 1019 | 1021 |
| 1020 int load_flags = request_info_.load_flags; | 1022 int load_flags = request_info_.load_flags; |
| 1021 if (HttpStreamFactory::ignore_certificate_errors()) | 1023 if (HttpStreamFactory::ignore_certificate_errors()) |
| 1022 load_flags |= LOAD_IGNORE_ALL_CERT_ERRORS; | 1024 load_flags |= LOAD_IGNORE_ALL_CERT_ERRORS; |
| 1023 if (ssl_socket->IgnoreCertError(error, load_flags)) | 1025 if (ssl_socket->IgnoreCertError(error, load_flags)) |
| 1024 return OK; | 1026 return OK; |
| 1025 return error; | 1027 return error; |
| 1026 } | 1028 } |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1110 << (using_spdy ? "true\n" : "false\n"); | 1112 << (using_spdy ? "true\n" : "false\n"); |
| 1111 } | 1113 } |
| 1112 } | 1114 } |
| 1113 | 1115 |
| 1114 #if defined(OS_WIN) | 1116 #if defined(OS_WIN) |
| 1115 #pragma optimize( "", on ) | 1117 #pragma optimize( "", on ) |
| 1116 #pragma warning (default: 4748) | 1118 #pragma warning (default: 4748) |
| 1117 #endif | 1119 #endif |
| 1118 | 1120 |
| 1119 } // namespace net | 1121 } // namespace net |
| OLD | NEW |
