| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 2549 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2560 SSL_CHANNEL_BINDING_TLS_UNIQUE, | 2560 SSL_CHANNEL_BINDING_TLS_UNIQUE, |
| 2561 buf, &len, arraysize(buf)); | 2561 buf, &len, arraysize(buf)); |
| 2562 if (result != SECSuccess) { | 2562 if (result != SECSuccess) { |
| 2563 LogFailedNSSFunction(net_log_, "SSL_GetChannelBinding", ""); | 2563 LogFailedNSSFunction(net_log_, "SSL_GetChannelBinding", ""); |
| 2564 return MapNSSError(PORT_GetError()); | 2564 return MapNSSError(PORT_GetError()); |
| 2565 } | 2565 } |
| 2566 out->assign(reinterpret_cast<char*>(buf), len); | 2566 out->assign(reinterpret_cast<char*>(buf), len); |
| 2567 return OK; | 2567 return OK; |
| 2568 } | 2568 } |
| 2569 | 2569 |
| 2570 SSLClientSocket::NextProtoStatus | 2570 SSLClientSocket::NextProtoStatus SSLClientSocketNSS::GetNextProto( |
| 2571 SSLClientSocketNSS::GetNextProto(std::string* proto) { | 2571 std::string* proto) const { |
| 2572 *proto = core_->state().next_proto; | 2572 *proto = core_->state().next_proto; |
| 2573 return core_->state().next_proto_status; | 2573 return core_->state().next_proto_status; |
| 2574 } | 2574 } |
| 2575 | 2575 |
| 2576 int SSLClientSocketNSS::Connect(const CompletionCallback& callback) { | 2576 int SSLClientSocketNSS::Connect(const CompletionCallback& callback) { |
| 2577 EnterFunction(""); | 2577 EnterFunction(""); |
| 2578 DCHECK(transport_.get()); | 2578 DCHECK(transport_.get()); |
| 2579 // It is an error to create an SSLClientSocket whose context has no | 2579 // It is an error to create an SSLClientSocket whose context has no |
| 2580 // TransportSecurityState. | 2580 // TransportSecurityState. |
| 2581 DCHECK(transport_security_state_); | 2581 DCHECK(transport_security_state_); |
| (...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3039 | 3039 |
| 3040 int SSLClientSocketNSS::DoHandshakeComplete(int result) { | 3040 int SSLClientSocketNSS::DoHandshakeComplete(int result) { |
| 3041 EnterFunction(result); | 3041 EnterFunction(result); |
| 3042 | 3042 |
| 3043 if (result == OK) { | 3043 if (result == OK) { |
| 3044 if (ssl_config_.version_fallback && | 3044 if (ssl_config_.version_fallback && |
| 3045 ssl_config_.version_max < ssl_config_.version_fallback_min) { | 3045 ssl_config_.version_max < ssl_config_.version_fallback_min) { |
| 3046 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; | 3046 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; |
| 3047 } | 3047 } |
| 3048 | 3048 |
| 3049 RecordNegotiationExtension(); |
| 3050 |
| 3049 // SSL handshake is completed. Let's verify the certificate. | 3051 // SSL handshake is completed. Let's verify the certificate. |
| 3050 GotoState(STATE_VERIFY_CERT); | 3052 GotoState(STATE_VERIFY_CERT); |
| 3051 // Done! | 3053 // Done! |
| 3052 } | 3054 } |
| 3053 set_channel_id_sent(core_->state().channel_id_sent); | 3055 set_channel_id_sent(core_->state().channel_id_sent); |
| 3054 set_signed_cert_timestamps_received( | 3056 set_signed_cert_timestamps_received( |
| 3055 !core_->state().sct_list_from_tls_extension.empty()); | 3057 !core_->state().sct_list_from_tls_extension.empty()); |
| 3056 set_stapled_ocsp_response_received( | 3058 set_stapled_ocsp_response_received( |
| 3057 !core_->state().stapled_ocsp_response.empty()); | 3059 !core_->state().stapled_ocsp_response.empty()); |
| 3058 set_negotiation_extension(core_->state().negotiation_extension_); | 3060 set_negotiation_extension(core_->state().negotiation_extension_); |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3238 scoped_refptr<X509Certificate> | 3240 scoped_refptr<X509Certificate> |
| 3239 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3241 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3240 return core_->state().server_cert.get(); | 3242 return core_->state().server_cert.get(); |
| 3241 } | 3243 } |
| 3242 | 3244 |
| 3243 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3245 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
| 3244 return channel_id_service_; | 3246 return channel_id_service_; |
| 3245 } | 3247 } |
| 3246 | 3248 |
| 3247 } // namespace net | 3249 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1097773003:
Clean up NPN/ALPN-related SSLClientSocket bits. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master