OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 225 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
236 cert_and_status.der_cert = remote_cert_; | 236 cert_and_status.der_cert = remote_cert_; |
237 | 237 |
238 net::SSLConfig ssl_config; | 238 net::SSLConfig ssl_config; |
239 // Certificate verification and revocation checking are not needed | 239 // Certificate verification and revocation checking are not needed |
240 // because we use self-signed certs. Disable it so that the SSL | 240 // because we use self-signed certs. Disable it so that the SSL |
241 // layer doesn't try to initialize OCSP (OCSP works only on the IO | 241 // layer doesn't try to initialize OCSP (OCSP works only on the IO |
242 // thread). | 242 // thread). |
243 ssl_config.cert_io_enabled = false; | 243 ssl_config.cert_io_enabled = false; |
244 ssl_config.rev_checking_enabled = false; | 244 ssl_config.rev_checking_enabled = false; |
245 ssl_config.allowed_bad_certs.push_back(cert_and_status); | 245 ssl_config.allowed_bad_certs.push_back(cert_and_status); |
246 ssl_config.require_ecdhe = false; | 246 ssl_config.require_ecdhe = true; |
247 | 247 |
248 net::HostPortPair host_and_port(kSslFakeHostName, 0); | 248 net::HostPortPair host_and_port(kSslFakeHostName, 0); |
249 net::SSLClientSocketContext context; | 249 net::SSLClientSocketContext context; |
250 context.transport_security_state = transport_security_state_.get(); | 250 context.transport_security_state = transport_security_state_.get(); |
251 context.cert_verifier = cert_verifier_.get(); | 251 context.cert_verifier = cert_verifier_.get(); |
252 scoped_ptr<net::ClientSocketHandle> socket_handle( | 252 scoped_ptr<net::ClientSocketHandle> socket_handle( |
253 new net::ClientSocketHandle); | 253 new net::ClientSocketHandle); |
254 socket_handle->SetSocket( | 254 socket_handle->SetSocket( |
255 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass()))); | 255 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass()))); |
256 | 256 |
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
424 make_scoped_ptr(new P2PStreamSocketAdapter(socket_.Pass()))); | 424 make_scoped_ptr(new P2PStreamSocketAdapter(socket_.Pass()))); |
425 } | 425 } |
426 } | 426 } |
427 | 427 |
428 void SslHmacChannelAuthenticator::NotifyError(int error) { | 428 void SslHmacChannelAuthenticator::NotifyError(int error) { |
429 base::ResetAndReturn(&done_callback_).Run(error, nullptr); | 429 base::ResetAndReturn(&done_callback_).Run(error, nullptr); |
430 } | 430 } |
431 | 431 |
432 } // namespace protocol | 432 } // namespace protocol |
433 } // namespace remoting | 433 } // namespace remoting |
OLD | NEW |