| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <certt.h> | 9 #include <certt.h> |
| 10 #include <keyt.h> | 10 #include <keyt.h> |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 160 | 160 |
| 161 // NSS calls this when checking certificates. We pass 'this' as the first | 161 // NSS calls this when checking certificates. We pass 'this' as the first |
| 162 // argument. | 162 // argument. |
| 163 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, | 163 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, |
| 164 PRBool checksig, PRBool is_server); | 164 PRBool checksig, PRBool is_server); |
| 165 // Returns true if connection negotiated the origin bound cert extension. | 165 // Returns true if connection negotiated the origin bound cert extension. |
| 166 static bool OriginBoundCertNegotiated(PRFileDesc* socket); | 166 static bool OriginBoundCertNegotiated(PRFileDesc* socket); |
| 167 // Origin bound cert client auth handler. | 167 // Origin bound cert client auth handler. |
| 168 // Returns the value the ClientAuthHandler function should return. | 168 // Returns the value the ClientAuthHandler function should return. |
| 169 SECStatus OriginBoundClientAuthHandler( | 169 SECStatus OriginBoundClientAuthHandler( |
| 170 const std::vector<uint8>& requested_cert_types, | 170 const SECItem* cert_types, |
| 171 CERTCertificate** result_certificate, | 171 CERTCertificate** result_certificate, |
| 172 SECKEYPrivateKey** result_private_key); | 172 SECKEYPrivateKey** result_private_key); |
| 173 #if defined(NSS_PLATFORM_CLIENT_AUTH) | 173 #if defined(NSS_PLATFORM_CLIENT_AUTH) |
| 174 // On platforms where we use the native certificate store, NSS calls this | 174 // On platforms where we use the native certificate store, NSS calls this |
| 175 // instead when client authentication is requested. At most one of | 175 // instead when client authentication is requested. At most one of |
| 176 // (result_certs, result_private_key) or | 176 // (result_certs, result_private_key) or |
| 177 // (result_nss_certificate, result_nss_private_key) should be set. | 177 // (result_nss_certificate, result_nss_private_key) should be set. |
| 178 static SECStatus PlatformClientAuthHandler( | 178 static SECStatus PlatformClientAuthHandler( |
| 179 void* arg, | 179 void* arg, |
| 180 PRFileDesc* socket, | 180 PRFileDesc* socket, |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 309 // Added the following code Debugging in release mode. | 309 // Added the following code Debugging in release mode. |
| 310 mutable base::Lock lock_; | 310 mutable base::Lock lock_; |
| 311 // This is mutable so that CalledOnValidThread can set it. | 311 // This is mutable so that CalledOnValidThread can set it. |
| 312 // It's guarded by |lock_|. | 312 // It's guarded by |lock_|. |
| 313 mutable base::PlatformThreadId valid_thread_id_; | 313 mutable base::PlatformThreadId valid_thread_id_; |
| 314 }; | 314 }; |
| 315 | 315 |
| 316 } // namespace net | 316 } // namespace net |
| 317 | 317 |
| 318 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 318 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8821002:
Honor server requested origin bound client cert types. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src