| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 1238 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1249 "Net.SSLSessionVersionMatch", | 1249 "Net.SSLSessionVersionMatch", |
| 1250 SSL_version(ssl_) == SSL_get_session(ssl_)->ssl_version); | 1250 SSL_version(ssl_) == SSL_get_session(ssl_)->ssl_version); |
| 1251 } | 1251 } |
| 1252 } | 1252 } |
| 1253 | 1253 |
| 1254 const CertStatus cert_status = server_cert_verify_result_.cert_status; | 1254 const CertStatus cert_status = server_cert_verify_result_.cert_status; |
| 1255 if (transport_security_state_ && | 1255 if (transport_security_state_ && |
| 1256 (result == OK || | 1256 (result == OK || |
| 1257 (IsCertificateError(result) && IsCertStatusMinorError(cert_status))) && | 1257 (IsCertificateError(result) && IsCertStatusMinorError(cert_status))) && |
| 1258 !transport_security_state_->CheckPublicKeyPins( | 1258 !transport_security_state_->CheckPublicKeyPins( |
| 1259 host_and_port_.host(), | 1259 host_and_port_, server_cert_verify_result_.is_issued_by_known_root, |
| 1260 server_cert_verify_result_.is_issued_by_known_root, | 1260 server_cert_verify_result_.public_key_hashes, server_cert_.get(), |
| 1261 server_cert_verify_result_.public_key_hashes, | 1261 server_cert_verify_result_.verified_cert.get(), |
| 1262 &pinning_failure_log_)) { | 1262 TransportSecurityState::ENABLE_PIN_REPORTS, &pinning_failure_log_)) { |
| 1263 result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; | 1263 result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; |
| 1264 } | 1264 } |
| 1265 | 1265 |
| 1266 if (result == OK) { | 1266 if (result == OK) { |
| 1267 // Only check Certificate Transparency if there were no other errors with | 1267 // Only check Certificate Transparency if there were no other errors with |
| 1268 // the connection. | 1268 // the connection. |
| 1269 VerifyCT(); | 1269 VerifyCT(); |
| 1270 | 1270 |
| 1271 DCHECK(!certificate_verified_); | 1271 DCHECK(!certificate_verified_); |
| 1272 certificate_verified_ = true; | 1272 certificate_verified_ = true; |
| (...skipping 869 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2142 OnHandshakeIOComplete(signature_result_); | 2142 OnHandshakeIOComplete(signature_result_); |
| 2143 return; | 2143 return; |
| 2144 } | 2144 } |
| 2145 | 2145 |
| 2146 // During a renegotiation, either Read or Write calls may be blocked on an | 2146 // During a renegotiation, either Read or Write calls may be blocked on an |
| 2147 // asynchronous private key operation. | 2147 // asynchronous private key operation. |
| 2148 PumpReadWriteEvents(); | 2148 PumpReadWriteEvents(); |
| 2149 } | 2149 } |
| 2150 | 2150 |
| 2151 } // namespace net | 2151 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1212613004:
Build and send HPKP violation reports (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master