Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(177)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_verify_proc_openssl.cc

Issue 1081913003: Route OCSP stapling through CertVerifier. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@boringnss
Patch Set: yet another CrOS-only Verify call Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/cert_verify_proc_openssl.h ('k') | net/cert/cert_verify_proc_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc_openssl.h" 5 #include "net/cert/cert_verify_proc_openssl.h"
6 6
7 #include <openssl/x509v3.h> 7 #include <openssl/x509v3.h>
8 8
9 #include <string> 9 #include <string>
10 #include <vector> 10 #include <vector>
(...skipping 172 matching lines...) Expand 10 before | Expand all | Expand 10 after
183 } // namespace 183 } // namespace
184 184
185 CertVerifyProcOpenSSL::CertVerifyProcOpenSSL() {} 185 CertVerifyProcOpenSSL::CertVerifyProcOpenSSL() {}
186 186
187 CertVerifyProcOpenSSL::~CertVerifyProcOpenSSL() {} 187 CertVerifyProcOpenSSL::~CertVerifyProcOpenSSL() {}
188 188
189 bool CertVerifyProcOpenSSL::SupportsAdditionalTrustAnchors() const { 189 bool CertVerifyProcOpenSSL::SupportsAdditionalTrustAnchors() const {
190 return false; 190 return false;
191 } 191 }
192 192
193 bool CertVerifyProcOpenSSL::SupportsOCSPStapling() const {
194 return false;
195 }
196
193 int CertVerifyProcOpenSSL::VerifyInternal( 197 int CertVerifyProcOpenSSL::VerifyInternal(
194 X509Certificate* cert, 198 X509Certificate* cert,
195 const std::string& hostname, 199 const std::string& hostname,
200 const std::string& ocsp_response,
196 int flags, 201 int flags,
197 CRLSet* crl_set, 202 CRLSet* crl_set,
198 const CertificateList& additional_trust_anchors, 203 const CertificateList& additional_trust_anchors,
199 CertVerifyResult* verify_result) { 204 CertVerifyResult* verify_result) {
200 crypto::EnsureOpenSSLInit(); 205 crypto::EnsureOpenSSLInit();
201 206
202 if (!cert->VerifyNameMatch(hostname, 207 if (!cert->VerifyNameMatch(hostname,
203 &verify_result->common_name_fallback_used)) { 208 &verify_result->common_name_fallback_used)) {
204 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; 209 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
205 } 210 }
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
238 243
239 GetCertChainInfo(ctx.get(), verify_result); 244 GetCertChainInfo(ctx.get(), verify_result);
240 AppendPublicKeyHashes(ctx.get(), &verify_result->public_key_hashes); 245 AppendPublicKeyHashes(ctx.get(), &verify_result->public_key_hashes);
241 if (IsCertStatusError(verify_result->cert_status)) 246 if (IsCertStatusError(verify_result->cert_status))
242 return MapCertStatusToNetError(verify_result->cert_status); 247 return MapCertStatusToNetError(verify_result->cert_status);
243 248
244 return OK; 249 return OK;
245 } 250 }
246 251
247 } // namespace net 252 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/cert_verify_proc_openssl.h ('k') | net/cert/cert_verify_proc_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698