Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(511)

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 9454025: Set SSLInfo.client_cert_sent when origin bound cert was sent. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 481 matching lines...) Expand 10 before | Expand all | Expand 10 after
492 ssl_info->cert = server_cert_; 492 ssl_info->cert = server_cert_;
493 ssl_info->connection_status = ssl_connection_status_; 493 ssl_info->connection_status = ssl_connection_status_;
494 ssl_info->public_key_hashes = server_cert_verify_result_->public_key_hashes; 494 ssl_info->public_key_hashes = server_cert_verify_result_->public_key_hashes;
495 for (std::vector<SHA1Fingerprint>::const_iterator 495 for (std::vector<SHA1Fingerprint>::const_iterator
496 i = side_pinned_public_keys_.begin(); 496 i = side_pinned_public_keys_.begin();
497 i != side_pinned_public_keys_.end(); i++) { 497 i != side_pinned_public_keys_.end(); i++) {
498 ssl_info->public_key_hashes.push_back(*i); 498 ssl_info->public_key_hashes.push_back(*i);
499 } 499 }
500 ssl_info->is_issued_by_known_root = 500 ssl_info->is_issued_by_known_root =
501 server_cert_verify_result_->is_issued_by_known_root; 501 server_cert_verify_result_->is_issued_by_known_root;
502 ssl_info->client_cert_sent = 502 ssl_info->client_cert_sent = WasOriginBoundCertSent() ||
wtc 2012/02/24 00:56:57 Another solution is to set ssl_config_.send_client
503 ssl_config_.send_client_cert && ssl_config_.client_cert; 503 (ssl_config_.send_client_cert && ssl_config_.client_cert);
504 504
505 PRUint16 cipher_suite = 505 PRUint16 cipher_suite =
506 SSLConnectionStatusToCipherSuite(ssl_connection_status_); 506 SSLConnectionStatusToCipherSuite(ssl_connection_status_);
507 SSLCipherSuiteInfo cipher_info; 507 SSLCipherSuiteInfo cipher_info;
508 SECStatus ok = SSL_GetCipherSuiteInfo(cipher_suite, 508 SECStatus ok = SSL_GetCipherSuiteInfo(cipher_suite,
509 &cipher_info, sizeof(cipher_info)); 509 &cipher_info, sizeof(cipher_info));
510 if (ok == SECSuccess) { 510 if (ok == SECSuccess) {
511 ssl_info->security_bits = cipher_info.effectiveKeyBits; 511 ssl_info->security_bits = cipher_info.effectiveKeyBits;
512 } else { 512 } else {
513 ssl_info->security_bits = -1; 513 ssl_info->security_bits = -1;
(...skipping 2197 matching lines...) Expand 10 before | Expand all | Expand 10 after
2711 EnsureThreadIdAssigned(); 2711 EnsureThreadIdAssigned();
2712 base::AutoLock auto_lock(lock_); 2712 base::AutoLock auto_lock(lock_);
2713 return valid_thread_id_ == base::PlatformThread::CurrentId(); 2713 return valid_thread_id_ == base::PlatformThread::CurrentId();
2714 } 2714 }
2715 2715
2716 OriginBoundCertService* SSLClientSocketNSS::GetOriginBoundCertService() const { 2716 OriginBoundCertService* SSLClientSocketNSS::GetOriginBoundCertService() const {
2717 return origin_bound_cert_service_; 2717 return origin_bound_cert_service_;
2718 } 2718 }
2719 2719
2720 } // namespace net 2720 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698