Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(30)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 1174073003: Add served cert chain to SSLInfo (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rsleevi nits Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket_nss.h ('k') | net/socket/ssl_client_socket_openssl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 2415 matching lines...) Expand 10 before | Expand all | Expand 10 after
2426 bool SSLClientSocketNSS::GetSSLInfo(SSLInfo* ssl_info) { 2426 bool SSLClientSocketNSS::GetSSLInfo(SSLInfo* ssl_info) {
2427 EnterFunction(""); 2427 EnterFunction("");
2428 ssl_info->Reset(); 2428 ssl_info->Reset();
2429 if (core_->state().server_cert_chain.empty() || 2429 if (core_->state().server_cert_chain.empty() ||
2430 !core_->state().server_cert_chain[0]) { 2430 !core_->state().server_cert_chain[0]) {
2431 return false; 2431 return false;
2432 } 2432 }
2433 2433
2434 ssl_info->cert_status = server_cert_verify_result_.cert_status; 2434 ssl_info->cert_status = server_cert_verify_result_.cert_status;
2435 ssl_info->cert = server_cert_verify_result_.verified_cert; 2435 ssl_info->cert = server_cert_verify_result_.verified_cert;
2436 ssl_info->unverified_cert = core_->state().server_cert;
2436 2437
2437 AddSCTInfoToSSLInfo(ssl_info); 2438 AddSCTInfoToSSLInfo(ssl_info);
2438 2439
2439 ssl_info->connection_status = 2440 ssl_info->connection_status =
2440 core_->state().ssl_connection_status; 2441 core_->state().ssl_connection_status;
2441 ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes; 2442 ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes;
2442 ssl_info->is_issued_by_known_root = 2443 ssl_info->is_issued_by_known_root =
2443 server_cert_verify_result_.is_issued_by_known_root; 2444 server_cert_verify_result_.is_issued_by_known_root;
2444 ssl_info->client_cert_sent = 2445 ssl_info->client_cert_sent =
2445 ssl_config_.send_client_cert && ssl_config_.client_cert.get(); 2446 ssl_config_.send_client_cert && ssl_config_.client_cert.get();
(...skipping 721 matching lines...) Expand 10 before | Expand all | Expand 10 after
3167 } 3168 }
3168 for (ct::SCTList::const_iterator iter = 3169 for (ct::SCTList::const_iterator iter =
3169 ct_verify_result_.unknown_logs_scts.begin(); 3170 ct_verify_result_.unknown_logs_scts.begin();
3170 iter != ct_verify_result_.unknown_logs_scts.end(); ++iter) { 3171 iter != ct_verify_result_.unknown_logs_scts.end(); ++iter) {
3171 ssl_info->signed_certificate_timestamps.push_back( 3172 ssl_info->signed_certificate_timestamps.push_back(
3172 SignedCertificateTimestampAndStatus(*iter, 3173 SignedCertificateTimestampAndStatus(*iter,
3173 ct::SCT_STATUS_LOG_UNKNOWN)); 3174 ct::SCT_STATUS_LOG_UNKNOWN));
3174 } 3175 }
3175 } 3176 }
3176 3177
3177 scoped_refptr<X509Certificate>
3178 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
3179 return core_->state().server_cert.get();
3180 }
3181
3182 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { 3178 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const {
3183 return channel_id_service_; 3179 return channel_id_service_;
3184 } 3180 }
3185 3181
3186 SSLFailureState SSLClientSocketNSS::GetSSLFailureState() const { 3182 SSLFailureState SSLClientSocketNSS::GetSSLFailureState() const {
3187 if (completed_handshake_) 3183 if (completed_handshake_)
3188 return SSL_FAILURE_NONE; 3184 return SSL_FAILURE_NONE;
3189 return SSL_FAILURE_UNKNOWN; 3185 return SSL_FAILURE_UNKNOWN;
3190 } 3186 }
3191 3187
3192 } // namespace net 3188 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_nss.h ('k') | net/socket/ssl_client_socket_openssl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698