Chromium Code Reviews Chromium Code Reviews
Issue 8342054:
net: enable CRL sets behind a command line flag. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 1646 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1657 | 1657 |
| 1658 int flags = 0; | 1658 int flags = 0; |
| 1659 if (ssl_config_.rev_checking_enabled) | 1659 if (ssl_config_.rev_checking_enabled) |
| 1660 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; | 1660 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; |
| 1661 if (ssl_config_.verify_ev_cert) | 1661 if (ssl_config_.verify_ev_cert) |
| 1662 flags |= X509Certificate::VERIFY_EV_CERT; | 1662 flags |= X509Certificate::VERIFY_EV_CERT; |
| 1663 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); | 1663 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); |
| 1664 server_cert_verify_result_ = &local_server_cert_verify_result_; | 1664 server_cert_verify_result_ = &local_server_cert_verify_result_; |
| 1665 return verifier_->Verify( | 1665 return verifier_->Verify( |
| 1666 server_cert_, host_and_port_.host(), flags, | 1666 server_cert_, host_and_port_.host(), flags, |
| 1667 ssl_config_.crl_set.get(), | |
|
wtc
2011/10/21 23:17:31
Nit: omit .get().
agl
2011/10/24 20:44:27
Done.
| |
| 1667 &local_server_cert_verify_result_, | 1668 &local_server_cert_verify_result_, |
| 1668 base::Bind(&SSLClientSocketNSS::OnHandshakeIOComplete, | 1669 base::Bind(&SSLClientSocketNSS::OnHandshakeIOComplete, |
| 1669 base::Unretained(this)), | 1670 base::Unretained(this)), |
| 1670 net_log_); | 1671 net_log_); |
| 1671 } | 1672 } |
| 1672 | 1673 |
| 1673 // Derived from AuthCertificateCallback() in | 1674 // Derived from AuthCertificateCallback() in |
| 1674 // mozilla/source/security/manager/ssl/src/nsNSSCallbacks.cpp. | 1675 // mozilla/source/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 1675 int SSLClientSocketNSS::DoVerifyCertComplete(int result) { | 1676 int SSLClientSocketNSS::DoVerifyCertComplete(int result) { |
| 1676 verifier_.reset(); | 1677 verifier_.reset(); |
| (...skipping 916 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2593 valid_thread_id_ = base::PlatformThread::CurrentId(); | 2594 valid_thread_id_ = base::PlatformThread::CurrentId(); |
| 2594 } | 2595 } |
| 2595 | 2596 |
| 2596 bool SSLClientSocketNSS::CalledOnValidThread() const { | 2597 bool SSLClientSocketNSS::CalledOnValidThread() const { |
| 2597 EnsureThreadIdAssigned(); | 2598 EnsureThreadIdAssigned(); |
| 2598 base::AutoLock auto_lock(lock_); | 2599 base::AutoLock auto_lock(lock_); |
| 2599 return valid_thread_id_ == base::PlatformThread::CurrentId(); | 2600 return valid_thread_id_ == base::PlatformThread::CurrentId(); |
| 2600 } | 2601 } |
| 2601 | 2602 |
| 2602 } // namespace net | 2603 } // namespace net |
| OLD | NEW |
