OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 1321 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1332 scoped_refptr<ct::EVCertsWhitelist> ev_whitelist = | 1332 scoped_refptr<ct::EVCertsWhitelist> ev_whitelist = |
1333 SSLConfigService::GetEVCertsWhitelist(); | 1333 SSLConfigService::GetEVCertsWhitelist(); |
1334 if (!policy_enforcer_->DoesConformToCTEVPolicy( | 1334 if (!policy_enforcer_->DoesConformToCTEVPolicy( |
1335 server_cert_verify_result_.verified_cert.get(), ev_whitelist.get(), | 1335 server_cert_verify_result_.verified_cert.get(), ev_whitelist.get(), |
1336 ct_verify_result_, net_log_)) { | 1336 ct_verify_result_, net_log_)) { |
1337 // TODO(eranm): Log via the BoundNetLog, see crbug.com/437766 | 1337 // TODO(eranm): Log via the BoundNetLog, see crbug.com/437766 |
1338 VLOG(1) << "EV certificate for " | 1338 VLOG(1) << "EV certificate for " |
1339 << server_cert_verify_result_.verified_cert->subject() | 1339 << server_cert_verify_result_.verified_cert->subject() |
1340 .GetDisplayName() | 1340 .GetDisplayName() |
1341 << " does not conform to CT policy, removing EV status."; | 1341 << " does not conform to CT policy, removing EV status."; |
| 1342 server_cert_verify_result_.cert_status |= |
| 1343 CERT_STATUS_CT_COMPLIANCE_FAILED; |
1342 server_cert_verify_result_.cert_status &= ~CERT_STATUS_IS_EV; | 1344 server_cert_verify_result_.cert_status &= ~CERT_STATUS_IS_EV; |
1343 } | 1345 } |
1344 } | 1346 } |
1345 } | 1347 } |
1346 | 1348 |
1347 void SSLClientSocketOpenSSL::OnHandshakeIOComplete(int result) { | 1349 void SSLClientSocketOpenSSL::OnHandshakeIOComplete(int result) { |
1348 int rv = DoHandshakeLoop(result); | 1350 int rv = DoHandshakeLoop(result); |
1349 if (rv != ERR_IO_PENDING) { | 1351 if (rv != ERR_IO_PENDING) { |
1350 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); | 1352 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); |
1351 DoConnectCallback(rv); | 1353 DoConnectCallback(rv); |
(...skipping 789 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2141 OnHandshakeIOComplete(signature_result_); | 2143 OnHandshakeIOComplete(signature_result_); |
2142 return; | 2144 return; |
2143 } | 2145 } |
2144 | 2146 |
2145 // During a renegotiation, either Read or Write calls may be blocked on an | 2147 // During a renegotiation, either Read or Write calls may be blocked on an |
2146 // asynchronous private key operation. | 2148 // asynchronous private key operation. |
2147 PumpReadWriteEvents(); | 2149 PumpReadWriteEvents(); |
2148 } | 2150 } |
2149 | 2151 |
2150 } // namespace net | 2152 } // namespace net |
OLD | NEW |