| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 1839 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1850 if (channel_id_needed_) { | 1850 if (channel_id_needed_) { |
| 1851 GotoState(STATE_GET_DOMAIN_BOUND_CERT_COMPLETE); | 1851 GotoState(STATE_GET_DOMAIN_BOUND_CERT_COMPLETE); |
| 1852 net_error = ERR_IO_PENDING; | 1852 net_error = ERR_IO_PENDING; |
| 1853 } else if (client_auth_cert_needed_) { | 1853 } else if (client_auth_cert_needed_) { |
| 1854 net_error = ERR_SSL_CLIENT_AUTH_CERT_NEEDED; | 1854 net_error = ERR_SSL_CLIENT_AUTH_CERT_NEEDED; |
| 1855 PostOrRunCallback( | 1855 PostOrRunCallback( |
| 1856 FROM_HERE, | 1856 FROM_HERE, |
| 1857 base::Bind(&AddLogEventWithCallback, weak_net_log_, | 1857 base::Bind(&AddLogEventWithCallback, weak_net_log_, |
| 1858 NetLog::TYPE_SSL_HANDSHAKE_ERROR, | 1858 NetLog::TYPE_SSL_HANDSHAKE_ERROR, |
| 1859 CreateNetLogSSLErrorCallback(net_error, 0))); | 1859 CreateNetLogSSLErrorCallback(net_error, 0))); |
| 1860 | |
| 1861 // If the handshake already succeeded (because the server requests but | |
| 1862 // doesn't require a client cert), we need to invalidate the SSL session | |
| 1863 // so that we won't try to resume the non-client-authenticated session in | |
| 1864 // the next handshake. This will cause the server to ask for a client | |
| 1865 // cert again. | |
| 1866 if (rv == SECSuccess && SSL_InvalidateSession(nss_fd_) != SECSuccess) | |
| 1867 LOG(WARNING) << "Couldn't invalidate SSL session: " << PR_GetError(); | |
| 1868 } else if (rv == SECSuccess) { | 1860 } else if (rv == SECSuccess) { |
| 1869 if (!handshake_callback_called_) { | 1861 if (!handshake_callback_called_) { |
| 1870 false_started_ = true; | 1862 false_started_ = true; |
| 1871 HandshakeSucceeded(); | 1863 HandshakeSucceeded(); |
| 1872 } | 1864 } |
| 1873 } else { | 1865 } else { |
| 1874 PRErrorCode prerr = PR_GetError(); | 1866 PRErrorCode prerr = PR_GetError(); |
| 1875 net_error = HandleNSSError(prerr); | 1867 net_error = HandleNSSError(prerr); |
| 1876 | 1868 |
| 1877 // If not done, stay in this state | 1869 // If not done, stay in this state |
| (...skipping 1746 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3624 scoped_refptr<X509Certificate> | 3616 scoped_refptr<X509Certificate> |
| 3625 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3617 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3626 return core_->state().server_cert.get(); | 3618 return core_->state().server_cert.get(); |
| 3627 } | 3619 } |
| 3628 | 3620 |
| 3629 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3621 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
| 3630 return channel_id_service_; | 3622 return channel_id_service_; |
| 3631 } | 3623 } |
| 3632 | 3624 |
| 3633 } // namespace net | 3625 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1013193004:
Remove dead code in client auth logic. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master