| OLD | NEW |
|---|
| 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
| 4 | 4 |
| 5 #include "bin/secure_socket.h" | 5 #include "bin/secure_socket.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 10 #include <stdio.h> | 10 #include <stdio.h> |
| (...skipping 394 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 405 bool is_server, | 405 bool is_server, |
| 406 const char* certificate_name, | 406 const char* certificate_name, |
| 407 bool request_client_certificate, | 407 bool request_client_certificate, |
| 408 bool require_client_certificate, | 408 bool require_client_certificate, |
| 409 bool send_client_certificate) { | 409 bool send_client_certificate) { |
| 410 is_server_ = is_server; | 410 is_server_ = is_server; |
| 411 if (in_handshake_) { | 411 if (in_handshake_) { |
| 412 ThrowException("Connect called while already in handshake state."); | 412 ThrowException("Connect called while already in handshake state."); |
| 413 } | 413 } |
| 414 | 414 |
| 415 if (!is_server && certificate_name != NULL) { |
| 416 client_certificate_name_ = strdup(certificate_name); |
| 417 } |
| 418 |
| 415 filter_ = SSL_ImportFD(NULL, filter_); | 419 filter_ = SSL_ImportFD(NULL, filter_); |
| 416 if (filter_ == NULL) { | 420 if (filter_ == NULL) { |
| 417 ThrowPRException("Failed SSL_ImportFD call"); | 421 ThrowPRException("Failed SSL_ImportFD call"); |
| 418 } | 422 } |
| 419 | 423 |
| 420 SECStatus status; | 424 SECStatus status; |
| 421 if (is_server) { | 425 if (is_server) { |
| 422 PK11_SetPasswordFunc(PasswordCallback); | 426 PK11_SetPasswordFunc(PasswordCallback); |
| 423 CERTCertDBHandle* certificate_database = CERT_GetDefaultCertDB(); | 427 CERTCertDBHandle* certificate_database = CERT_GetDefaultCertDB(); |
| 424 if (certificate_database == NULL) { | 428 if (certificate_database == NULL) { |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 474 // TODO(7230): Reenable session cache, without breaking client connections. | 478 // TODO(7230): Reenable session cache, without breaking client connections. |
| 475 status = SSL_OptionSet(filter_, SSL_NO_CACHE, PR_TRUE); | 479 status = SSL_OptionSet(filter_, SSL_NO_CACHE, PR_TRUE); |
| 476 if (status != SECSuccess) { | 480 if (status != SECSuccess) { |
| 477 ThrowPRException("Failed SSL_OptionSet(NO_CACHE) call"); | 481 ThrowPRException("Failed SSL_OptionSet(NO_CACHE) call"); |
| 478 } | 482 } |
| 479 | 483 |
| 480 if (send_client_certificate) { | 484 if (send_client_certificate) { |
| 481 status = SSL_GetClientAuthDataHook( | 485 status = SSL_GetClientAuthDataHook( |
| 482 filter_, | 486 filter_, |
| 483 NSS_GetClientAuthData, | 487 NSS_GetClientAuthData, |
| 484 static_cast<void*>(const_cast<char*>(certificate_name))); | 488 static_cast<void*>(client_certificate_name_)); |
| 485 if (status != SECSuccess) { | 489 if (status != SECSuccess) { |
| 486 ThrowPRException("Failed SSL_GetClientAuthDataHook call"); | 490 ThrowPRException("Failed SSL_GetClientAuthDataHook call"); |
| 487 } | 491 } |
| 488 } | 492 } |
| 489 } | 493 } |
| 490 | 494 |
| 491 // Install bad certificate callback, and pass 'this' to it if it is called. | 495 // Install bad certificate callback, and pass 'this' to it if it is called. |
| 492 status = SSL_BadCertHook(filter_, | 496 status = SSL_BadCertHook(filter_, |
| 493 BadCertificateCallback, | 497 BadCertificateCallback, |
| 494 static_cast<void*>(this)); | 498 static_cast<void*>(this)); |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 545 for (int i = 0; i < kNumBuffers; ++i) { | 549 for (int i = 0; i < kNumBuffers; ++i) { |
| 546 Dart_DeletePersistentHandle(dart_buffer_objects_[i]); | 550 Dart_DeletePersistentHandle(dart_buffer_objects_[i]); |
| 547 delete[] buffers_[i]; | 551 delete[] buffers_[i]; |
| 548 } | 552 } |
| 549 Dart_DeletePersistentHandle(string_start_); | 553 Dart_DeletePersistentHandle(string_start_); |
| 550 Dart_DeletePersistentHandle(string_length_); | 554 Dart_DeletePersistentHandle(string_length_); |
| 551 Dart_DeletePersistentHandle(handshake_complete_); | 555 Dart_DeletePersistentHandle(handshake_complete_); |
| 552 if (bad_certificate_callback_ != NULL) { | 556 if (bad_certificate_callback_ != NULL) { |
| 553 Dart_DeletePersistentHandle(bad_certificate_callback_); | 557 Dart_DeletePersistentHandle(bad_certificate_callback_); |
| 554 } | 558 } |
| 559 free(client_certificate_name_); |
| 555 | 560 |
| 556 PR_Close(filter_); | 561 PR_Close(filter_); |
| 557 } | 562 } |
| 558 | 563 |
| 559 | 564 |
| 560 intptr_t SSLFilter::ProcessBuffer(int buffer_index) { | 565 intptr_t SSLFilter::ProcessBuffer(int buffer_index) { |
| 561 Dart_Handle buffer_object = dart_buffer_objects_[buffer_index]; | 566 Dart_Handle buffer_object = dart_buffer_objects_[buffer_index]; |
| 562 Dart_Handle start_object = ThrowIfError( | 567 Dart_Handle start_object = ThrowIfError( |
| 563 Dart_GetField(buffer_object, string_start_)); | 568 Dart_GetField(buffer_object, string_start_)); |
| 564 Dart_Handle length_object = ThrowIfError( | 569 Dart_Handle length_object = ThrowIfError( |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 648 if (PR_WOULD_BLOCK_ERROR != pr_error) { | 653 if (PR_WOULD_BLOCK_ERROR != pr_error) { |
| 649 ThrowPRException("Error reading plaintext from SSLFilter"); | 654 ThrowPRException("Error reading plaintext from SSLFilter"); |
| 650 } | 655 } |
| 651 bytes_processed = 0; | 656 bytes_processed = 0; |
| 652 } | 657 } |
| 653 break; | 658 break; |
| 654 } | 659 } |
| 655 } | 660 } |
| 656 return bytes_processed; | 661 return bytes_processed; |
| 657 } | 662 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11553027:
Add client certificates to HttpsServer and HttpClient. (Closed)
Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart