| OLD | NEW |
|---|
| 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
| 4 | 4 |
| 5 #include "bin/secure_socket.h" | 5 #include "bin/secure_socket.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 10 #include <stdio.h> | 10 #include <stdio.h> |
| (...skipping 432 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 443 status = SSL_ConfigSecureServer(filter_, certificate, key, kt_rsa); | 443 status = SSL_ConfigSecureServer(filter_, certificate, key, kt_rsa); |
| 444 CERT_DestroyCertificate(certificate); | 444 CERT_DestroyCertificate(certificate); |
| 445 SECKEY_DestroyPrivateKey(key); | 445 SECKEY_DestroyPrivateKey(key); |
| 446 if (status != SECSuccess) { | 446 if (status != SECSuccess) { |
| 447 ThrowPRException("Unsuccessful SSL_ConfigSecureServer call"); | 447 ThrowPRException("Unsuccessful SSL_ConfigSecureServer call"); |
| 448 } | 448 } |
| 449 } else { // Client. | 449 } else { // Client. |
| 450 if (SSL_SetURL(filter_, host_name) == -1) { | 450 if (SSL_SetURL(filter_, host_name) == -1) { |
| 451 ThrowPRException("Unsuccessful SetURL call"); | 451 ThrowPRException("Unsuccessful SetURL call"); |
| 452 } | 452 } |
| 453 |
| 454 // This disables the SSL session cache for client connections. |
| 455 // This resolves issue 7208, but degrades performance. |
| 456 // TODO(7230): Reenable session cache, without breaking client connections. |
| 457 status = SSL_OptionSet(filter_, SSL_NO_CACHE, PR_TRUE); |
| 458 if (status != SECSuccess) { |
| 459 ThrowPRException("Failed SSL_OptionSet(NO_CACHE) call"); |
| 460 } |
| 453 } | 461 } |
| 454 | 462 |
| 455 // Install bad certificate callback, and pass 'this' to it if it is called. | 463 // Install bad certificate callback, and pass 'this' to it if it is called. |
| 456 status = SSL_BadCertHook(filter_, | 464 status = SSL_BadCertHook(filter_, |
| 457 BadCertificateCallback, | 465 BadCertificateCallback, |
| 458 static_cast<void*>(this)); | 466 static_cast<void*>(this)); |
| 459 | 467 |
| 460 PRBool as_server = is_server ? PR_TRUE : PR_FALSE; | 468 PRBool as_server = is_server ? PR_TRUE : PR_FALSE; |
| 461 status = SSL_ResetHandshake(filter_, as_server); | 469 status = SSL_ResetHandshake(filter_, as_server); |
| 462 if (status != SECSuccess) { | 470 if (status != SECSuccess) { |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 612 if (PR_WOULD_BLOCK_ERROR != pr_error) { | 620 if (PR_WOULD_BLOCK_ERROR != pr_error) { |
| 613 ThrowPRException("Error reading plaintext from SSLFilter"); | 621 ThrowPRException("Error reading plaintext from SSLFilter"); |
| 614 } | 622 } |
| 615 bytes_processed = 0; | 623 bytes_processed = 0; |
| 616 } | 624 } |
| 617 break; | 625 break; |
| 618 } | 626 } |
| 619 } | 627 } |
| 620 return bytes_processed; | 628 return bytes_processed; |
| 621 } | 629 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11478049:
Disable SSL session cache to fix issue with SecureSocket connections. (Closed)
Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart