net/cert/cert_verify_proc_nss.h - Issue 1081913003: Route OCSP stapling through CertVerifier.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/cert_verify_proc_nss.h

Issue 1081913003: Route OCSP stapling through CertVerifier. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@boringnss

Patch Set: split remoting fix out separately Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/cert_verify_proc_nss.h

diff --git a/net/cert/cert_verify_proc_nss.h b/net/cert/cert_verify_proc_nss.h

index 395facf5aca11f37a34e3c8f42da9bc25cba8e90..519c1aa031710db191d001017689bd472942bf6e 100644

--- a/net/cert/cert_verify_proc_nss.h

+++ b/net/cert/cert_verify_proc_nss.h

@@ -18,6 +18,7 @@ class NET_EXPORT_PRIVATE CertVerifyProcNSS : public CertVerifyProc {

CertVerifyProcNSS();

bool SupportsAdditionalTrustAnchors() const override;

+ bool SupportsOCSPStapling() const override;

protected:

~CertVerifyProcNSS() override;

@@ -27,6 +28,7 @@ class NET_EXPORT_PRIVATE CertVerifyProcNSS : public CertVerifyProc {

// CERTChainVerifyCallbackFunc in NSS's lib/certdb/certt.h.

int VerifyInternalImpl(X509Certificate* cert,

const std::string& hostname,

+ const std::string& ocsp_response,

int flags,

CRLSet* crl_set,

const CertificateList& additional_trust_anchors,

@@ -36,10 +38,22 @@ class NET_EXPORT_PRIVATE CertVerifyProcNSS : public CertVerifyProc {

private:

int VerifyInternal(X509Certificate* cert,

const std::string& hostname,

+ const std::string& ocsp_response,

int flags,

CRLSet* crl_set,

const CertificateList& additional_trust_anchors,

CertVerifyResult* verify_result) override;

+#if defined(USE_NSS_CERTS)

+ using CacheOCSPResponseFromSideChannelFunction =

+ SECStatus (*)(CERTCertDBHandle* handle,

+ CERTCertificate* cert,

+ PRTime time,

+ SECItem* encodedResponse,

+ void* pwArg);

+ CacheOCSPResponseFromSideChannelFunction

Ryan Sleevi 2015/04/23 01:41:23 Const-this, since it will definitely be hit on mul

davidben 2015/04/23 20:41:47 Done.

+ cache_ocsp_response_from_side_channel_;

+#endif

};

} // namespace net

« no previous file with comments | « net/cert/cert_verify_proc_mac.cc ('k') | net/cert/cert_verify_proc_nss.cc » ('j') | net/cert/cert_verify_proc_nss.cc » ('J')