net/third_party/nss/ssl/sslsock.c - Issue 8771031: Add NSS function to retrieve TLS client cert types requested by server.

Side by Side Diff: net/third_party/nss/ssl/sslsock.c

Issue 8771031: Add NSS function to retrieve TLS client cert types requested by server. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /*	1 /*

2 * vtables (and methods that call through them) for the 4 types of	2 * vtables (and methods that call through them) for the 4 types of

3 * SSLSockets supported. Only one type is still supported.	3 * SSLSockets supported. Only one type is still supported.

4 * Various other functions.	4 * Various other functions.

5 *	5 *

6 * *** BEGIN LICENSE BLOCK ***	6 * *** BEGIN LICENSE BLOCK ***

7 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	7 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

8 *	8 *

9 * The contents of this file are subject to the Mozilla Public License Version	9 * The contents of this file are subject to the Mozilla Public License Version

10 * 1.1 (the "License"); you may not use this file except in compliance with	10 * 1.1 (the "License"); you may not use this file except in compliance with

(...skipping 1597 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1608 if (!ss) {	1608 if (!ss) {

1609 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_HandshakeResumedSession",	1609 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_HandshakeResumedSession",

1610 SSL_GETPID(), fd));	1610 SSL_GETPID(), fd));

1611 return SECFailure;	1611 return SECFailure;

1612 }	1612 }

1613	1613

1614 *handshake_resumed = ss->ssl3.hs.isResuming;	1614 *handshake_resumed = ss->ssl3.hs.isResuming;

1615 return SECSuccess;	1615 return SECSuccess;

1616 }	1616 }

1617	1617

	1618 SSL_IMPORT
	wtc 2011/12/02 22:31:46 Remove SSL_IMPORT, and put SECItem * on its own Remove SSL_IMPORT, and put SECItem * on its own line. Put the opening curly brace '{' on its own line. (That's the NSS style.) mattm 2011/12/06 00:32:01 Done. Show quoted text On 2011/12/02 22:31:46, wtc wrote: > > Remove SSL_IMPORT, and put > SECItem * > on its own line. > > Put the opening curly brace '{' on its own line. (That's > the NSS style.) Done.
	1619 SECItem SSL_CertificateRequestCertTypes(PRFileDesc fd) {

	1620 sslSocket *ss = ssl_FindSocket(fd);

	1621

	1622 if (!ss) {

	1623 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_CertificateRequestCertTypes",

	1624 SSL_GETPID(), fd));

	1625 return NULL;

	1626 }

	1627

	1628 return ss->requestedCertTypes;

	1629 }

	1630

1618 /************************************************************************/	1631 /************************************************************************/

1619 /* The following functions are the TOP LEVEL SSL functions.	1632 /* The following functions are the TOP LEVEL SSL functions.

1620 ** They all get called through the NSPRIOMethods table below.	1633 ** They all get called through the NSPRIOMethods table below.

1621 */	1634 */

1622	1635

1623 static PRFileDesc * PR_CALLBACK	1636 static PRFileDesc * PR_CALLBACK

1624 ssl_Accept(PRFileDesc fd, PRNetAddr sockaddr, PRIntervalTime timeout)	1637 ssl_Accept(PRFileDesc fd, PRNetAddr sockaddr, PRIntervalTime timeout)

1625 {	1638 {

1626 sslSocket *ss;	1639 sslSocket *ss;

1627 sslSocket *ns = NULL;	1640 sslSocket *ns = NULL;

(...skipping 964 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2592 ss->preferredCipher = NULL;	2605 ss->preferredCipher = NULL;

2593 ss->url = NULL;	2606 ss->url = NULL;

2594	2607

2595 for (i=kt_null; i < kt_kea_size; i++) {	2608 for (i=kt_null; i < kt_kea_size; i++) {

2596 sslServerCerts * sc = ss->serverCerts + i;	2609 sslServerCerts * sc = ss->serverCerts + i;

2597 sc->serverCert = NULL;	2610 sc->serverCert = NULL;

2598 sc->serverCertChain = NULL;	2611 sc->serverCertChain = NULL;

2599 sc->serverKeyPair = NULL;	2612 sc->serverKeyPair = NULL;

2600 sc->serverKeyBits = 0;	2613 sc->serverKeyBits = 0;

2601 }	2614 }

2602 ss->stepDownKeyPair = NULL;	2615 ss->stepDownKeyPair = NULL;
	wtc 2011/12/02 22:31:46 Let's also set ss->requestedCertTypes = NULL; Let's also set ss->requestedCertTypes = NULL; here, before this line. mattm 2011/12/06 00:32:01 Done. Show quoted text On 2011/12/02 22:31:46, wtc wrote: > Let's also set > ss->requestedCertTypes = NULL; > here, before this line. Done.
2603 ss->dbHandle = CERT_GetDefaultCertDB();	2616 ss->dbHandle = CERT_GetDefaultCertDB();

2604	2617

2605 /* Provide default implementation of hooks */	2618 /* Provide default implementation of hooks */

2606 ss->authCertificate = SSL_AuthCertificate;	2619 ss->authCertificate = SSL_AuthCertificate;

2607 ss->authCertificateArg = (void *)ss->dbHandle;	2620 ss->authCertificateArg = (void *)ss->dbHandle;

2608 ss->sniSocketConfig = NULL;	2621 ss->sniSocketConfig = NULL;

2609 ss->sniSocketConfigArg = NULL;	2622 ss->sniSocketConfigArg = NULL;

2610 ss->getClientAuthData = NULL;	2623 ss->getClientAuthData = NULL;

2611 #ifdef NSS_PLATFORM_CLIENT_AUTH	2624 #ifdef NSS_PLATFORM_CLIENT_AUTH

2612 ss->getPlatformClientAuthData = NULL;	2625 ss->getPlatformClientAuthData = NULL;

(...skipping 19 matching lines...) Expand all Loading...
2632 if (status != SECSuccess) {	2645 if (status != SECSuccess) {

2633 loser:	2646 loser:

2634 ssl_DestroySocketContents(ss);	2647 ssl_DestroySocketContents(ss);

2635 ssl_DestroyLocks(ss);	2648 ssl_DestroyLocks(ss);

2636 PORT_Free(ss);	2649 PORT_Free(ss);

2637 ss = NULL;	2650 ss = NULL;

2638 }	2651 }

2639 }	2652 }

2640 return ss;	2653 return ss;

2641 }	2654 }

2642

OLD	NEW

« net/third_party/nss/ssl/sslimpl.h ('K') | « net/third_party/nss/ssl/sslimpl.h ('k') | no next file » | no next file with comments »