OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 2481 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2492 | 2492 |
2493 AddSCTInfoToSSLInfo(ssl_info); | 2493 AddSCTInfoToSSLInfo(ssl_info); |
2494 | 2494 |
2495 ssl_info->connection_status = | 2495 ssl_info->connection_status = |
2496 core_->state().ssl_connection_status; | 2496 core_->state().ssl_connection_status; |
2497 ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes; | 2497 ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes; |
2498 ssl_info->is_issued_by_known_root = | 2498 ssl_info->is_issued_by_known_root = |
2499 server_cert_verify_result_.is_issued_by_known_root; | 2499 server_cert_verify_result_.is_issued_by_known_root; |
2500 ssl_info->client_cert_sent = | 2500 ssl_info->client_cert_sent = |
2501 ssl_config_.send_client_cert && ssl_config_.client_cert.get(); | 2501 ssl_config_.send_client_cert && ssl_config_.client_cert.get(); |
2502 ssl_info->channel_id_sent = WasChannelIDSent(); | 2502 ssl_info->channel_id_sent = core_->state().channel_id_sent; |
2503 ssl_info->pinning_failure_log = pinning_failure_log_; | 2503 ssl_info->pinning_failure_log = pinning_failure_log_; |
2504 | 2504 |
2505 PRUint16 cipher_suite = SSLConnectionStatusToCipherSuite( | 2505 PRUint16 cipher_suite = SSLConnectionStatusToCipherSuite( |
2506 core_->state().ssl_connection_status); | 2506 core_->state().ssl_connection_status); |
2507 SSLCipherSuiteInfo cipher_info; | 2507 SSLCipherSuiteInfo cipher_info; |
2508 SECStatus ok = SSL_GetCipherSuiteInfo(cipher_suite, | 2508 SECStatus ok = SSL_GetCipherSuiteInfo(cipher_suite, |
2509 &cipher_info, sizeof(cipher_info)); | 2509 &cipher_info, sizeof(cipher_info)); |
2510 if (ok == SECSuccess) { | 2510 if (ok == SECSuccess) { |
2511 ssl_info->security_bits = cipher_info.effectiveKeyBits; | 2511 ssl_info->security_bits = cipher_info.effectiveKeyBits; |
2512 } else { | 2512 } else { |
(...skipping 532 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3045 ssl_config_.version_max < ssl_config_.version_fallback_min) { | 3045 ssl_config_.version_max < ssl_config_.version_fallback_min) { |
3046 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; | 3046 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; |
3047 } | 3047 } |
3048 | 3048 |
3049 RecordNegotiationExtension(); | 3049 RecordNegotiationExtension(); |
3050 | 3050 |
3051 // SSL handshake is completed. Let's verify the certificate. | 3051 // SSL handshake is completed. Let's verify the certificate. |
3052 GotoState(STATE_VERIFY_CERT); | 3052 GotoState(STATE_VERIFY_CERT); |
3053 // Done! | 3053 // Done! |
3054 } | 3054 } |
3055 set_channel_id_sent(core_->state().channel_id_sent); | |
3056 set_signed_cert_timestamps_received( | 3055 set_signed_cert_timestamps_received( |
3057 !core_->state().sct_list_from_tls_extension.empty()); | 3056 !core_->state().sct_list_from_tls_extension.empty()); |
3058 set_stapled_ocsp_response_received( | 3057 set_stapled_ocsp_response_received( |
3059 !core_->state().stapled_ocsp_response.empty()); | 3058 !core_->state().stapled_ocsp_response.empty()); |
3060 set_negotiation_extension(core_->state().negotiation_extension_); | 3059 set_negotiation_extension(core_->state().negotiation_extension_); |
3061 | 3060 |
3062 LeaveFunction(result); | 3061 LeaveFunction(result); |
3063 return result; | 3062 return result; |
3064 } | 3063 } |
3065 | 3064 |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3240 scoped_refptr<X509Certificate> | 3239 scoped_refptr<X509Certificate> |
3241 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3240 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
3242 return core_->state().server_cert.get(); | 3241 return core_->state().server_cert.get(); |
3243 } | 3242 } |
3244 | 3243 |
3245 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3244 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
3246 return channel_id_service_; | 3245 return channel_id_service_; |
3247 } | 3246 } |
3248 | 3247 |
3249 } // namespace net | 3248 } // namespace net |
OLD | NEW |