OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 #include "bin/secure_socket.h" | 5 #include "bin/secure_socket.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <fcntl.h> | 8 #include <fcntl.h> |
9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
10 #include <stdio.h> | 10 #include <stdio.h> |
(...skipping 394 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
405 bool is_server, | 405 bool is_server, |
406 const char* certificate_name, | 406 const char* certificate_name, |
407 bool request_client_certificate, | 407 bool request_client_certificate, |
408 bool require_client_certificate, | 408 bool require_client_certificate, |
409 bool send_client_certificate) { | 409 bool send_client_certificate) { |
410 is_server_ = is_server; | 410 is_server_ = is_server; |
411 if (in_handshake_) { | 411 if (in_handshake_) { |
412 ThrowException("Connect called while already in handshake state."); | 412 ThrowException("Connect called while already in handshake state."); |
413 } | 413 } |
414 | 414 |
| 415 if (!is_server && certificate_name != NULL) { |
| 416 client_certificate_name_ = strdup(certificate_name); |
| 417 } |
| 418 |
415 filter_ = SSL_ImportFD(NULL, filter_); | 419 filter_ = SSL_ImportFD(NULL, filter_); |
416 if (filter_ == NULL) { | 420 if (filter_ == NULL) { |
417 ThrowPRException("Failed SSL_ImportFD call"); | 421 ThrowPRException("Failed SSL_ImportFD call"); |
418 } | 422 } |
419 | 423 |
420 SECStatus status; | 424 SECStatus status; |
421 if (is_server) { | 425 if (is_server) { |
422 PK11_SetPasswordFunc(PasswordCallback); | 426 PK11_SetPasswordFunc(PasswordCallback); |
423 CERTCertDBHandle* certificate_database = CERT_GetDefaultCertDB(); | 427 CERTCertDBHandle* certificate_database = CERT_GetDefaultCertDB(); |
424 if (certificate_database == NULL) { | 428 if (certificate_database == NULL) { |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
474 // TODO(7230): Reenable session cache, without breaking client connections. | 478 // TODO(7230): Reenable session cache, without breaking client connections. |
475 status = SSL_OptionSet(filter_, SSL_NO_CACHE, PR_TRUE); | 479 status = SSL_OptionSet(filter_, SSL_NO_CACHE, PR_TRUE); |
476 if (status != SECSuccess) { | 480 if (status != SECSuccess) { |
477 ThrowPRException("Failed SSL_OptionSet(NO_CACHE) call"); | 481 ThrowPRException("Failed SSL_OptionSet(NO_CACHE) call"); |
478 } | 482 } |
479 | 483 |
480 if (send_client_certificate) { | 484 if (send_client_certificate) { |
481 status = SSL_GetClientAuthDataHook( | 485 status = SSL_GetClientAuthDataHook( |
482 filter_, | 486 filter_, |
483 NSS_GetClientAuthData, | 487 NSS_GetClientAuthData, |
484 static_cast<void*>(const_cast<char*>(certificate_name))); | 488 static_cast<void*>(client_certificate_name_)); |
485 if (status != SECSuccess) { | 489 if (status != SECSuccess) { |
486 ThrowPRException("Failed SSL_GetClientAuthDataHook call"); | 490 ThrowPRException("Failed SSL_GetClientAuthDataHook call"); |
487 } | 491 } |
488 } | 492 } |
489 } | 493 } |
490 | 494 |
491 // Install bad certificate callback, and pass 'this' to it if it is called. | 495 // Install bad certificate callback, and pass 'this' to it if it is called. |
492 status = SSL_BadCertHook(filter_, | 496 status = SSL_BadCertHook(filter_, |
493 BadCertificateCallback, | 497 BadCertificateCallback, |
494 static_cast<void*>(this)); | 498 static_cast<void*>(this)); |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
545 for (int i = 0; i < kNumBuffers; ++i) { | 549 for (int i = 0; i < kNumBuffers; ++i) { |
546 Dart_DeletePersistentHandle(dart_buffer_objects_[i]); | 550 Dart_DeletePersistentHandle(dart_buffer_objects_[i]); |
547 delete[] buffers_[i]; | 551 delete[] buffers_[i]; |
548 } | 552 } |
549 Dart_DeletePersistentHandle(string_start_); | 553 Dart_DeletePersistentHandle(string_start_); |
550 Dart_DeletePersistentHandle(string_length_); | 554 Dart_DeletePersistentHandle(string_length_); |
551 Dart_DeletePersistentHandle(handshake_complete_); | 555 Dart_DeletePersistentHandle(handshake_complete_); |
552 if (bad_certificate_callback_ != NULL) { | 556 if (bad_certificate_callback_ != NULL) { |
553 Dart_DeletePersistentHandle(bad_certificate_callback_); | 557 Dart_DeletePersistentHandle(bad_certificate_callback_); |
554 } | 558 } |
| 559 free(client_certificate_name_); |
555 | 560 |
556 PR_Close(filter_); | 561 PR_Close(filter_); |
557 } | 562 } |
558 | 563 |
559 | 564 |
560 intptr_t SSLFilter::ProcessBuffer(int buffer_index) { | 565 intptr_t SSLFilter::ProcessBuffer(int buffer_index) { |
561 Dart_Handle buffer_object = dart_buffer_objects_[buffer_index]; | 566 Dart_Handle buffer_object = dart_buffer_objects_[buffer_index]; |
562 Dart_Handle start_object = ThrowIfError( | 567 Dart_Handle start_object = ThrowIfError( |
563 Dart_GetField(buffer_object, string_start_)); | 568 Dart_GetField(buffer_object, string_start_)); |
564 Dart_Handle length_object = ThrowIfError( | 569 Dart_Handle length_object = ThrowIfError( |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
648 if (PR_WOULD_BLOCK_ERROR != pr_error) { | 653 if (PR_WOULD_BLOCK_ERROR != pr_error) { |
649 ThrowPRException("Error reading plaintext from SSLFilter"); | 654 ThrowPRException("Error reading plaintext from SSLFilter"); |
650 } | 655 } |
651 bytes_processed = 0; | 656 bytes_processed = 0; |
652 } | 657 } |
653 break; | 658 break; |
654 } | 659 } |
655 } | 660 } |
656 return bytes_processed; | 661 return bytes_processed; |
657 } | 662 } |
OLD | NEW |