| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "crypto/secure_util.h" | 11 #include "crypto/secure_util.h" |
| 12 #include "net/base/host_port_pair.h" | 12 #include "net/base/host_port_pair.h" |
| 13 #include "net/base/io_buffer.h" | 13 #include "net/base/io_buffer.h" |
| 14 #include "net/base/net_errors.h" | 14 #include "net/base/net_errors.h" |
| 15 #include "net/cert/cert_status_flags.h" | 15 #include "net/cert/cert_status_flags.h" |
| 16 #include "net/cert/cert_verifier.h" | 16 #include "net/cert/cert_verifier.h" |
| 17 #include "net/cert/cert_verify_result.h" | 17 #include "net/cert/cert_verify_result.h" |
| 18 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
| 19 #include "net/http/transport_security_state.h" | 19 #include "net/http/transport_security_state.h" |
| 20 #include "net/socket/client_socket_handle.h" | 20 #include "net/socket/client_socket_handle.h" |
| 21 #include "net/socket/ssl_client_socket.h" | 21 #include "net/socket/ssl_client_socket.h" |
| 22 #include "net/socket/ssl_server_socket.h" | 22 #include "net/socket/ssl_server_socket.h" |
| 23 #include "net/ssl/ssl_config_service.h" | 23 #include "net/ssl/ssl_config_service.h" |
| 24 #include "net/ssl/ssl_server_config.h" |
| 24 #include "remoting/base/rsa_key_pair.h" | 25 #include "remoting/base/rsa_key_pair.h" |
| 25 #include "remoting/protocol/auth_util.h" | 26 #include "remoting/protocol/auth_util.h" |
| 26 #include "remoting/protocol/p2p_stream_socket.h" | 27 #include "remoting/protocol/p2p_stream_socket.h" |
| 27 | 28 |
| 28 #if defined(OS_NACL) | 29 #if defined(OS_NACL) |
| 29 #include "net/socket/ssl_client_socket_openssl.h" | 30 #include "net/socket/ssl_client_socket_openssl.h" |
| 30 #else | 31 #else |
| 31 #include "net/socket/client_socket_factory.h" | 32 #include "net/socket/client_socket_factory.h" |
| 32 #endif | 33 #endif |
| 33 | 34 |
| (...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 208 #else | 209 #else |
| 209 scoped_refptr<net::X509Certificate> cert = | 210 scoped_refptr<net::X509Certificate> cert = |
| 210 net::X509Certificate::CreateFromBytes( | 211 net::X509Certificate::CreateFromBytes( |
| 211 local_cert_.data(), local_cert_.length()); | 212 local_cert_.data(), local_cert_.length()); |
| 212 if (!cert.get()) { | 213 if (!cert.get()) { |
| 213 LOG(ERROR) << "Failed to parse X509Certificate"; | 214 LOG(ERROR) << "Failed to parse X509Certificate"; |
| 214 NotifyError(net::ERR_FAILED); | 215 NotifyError(net::ERR_FAILED); |
| 215 return; | 216 return; |
| 216 } | 217 } |
| 217 | 218 |
| 218 net::SSLConfig ssl_config; | 219 net::SSLServerConfig ssl_config; |
| 219 ssl_config.require_ecdhe = true; | 220 ssl_config.require_ecdhe = true; |
| 220 | 221 |
| 221 scoped_ptr<net::SSLServerSocket> server_socket = net::CreateSSLServerSocket( | 222 scoped_ptr<net::SSLServerSocket> server_socket = net::CreateSSLServerSocket( |
| 222 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass())), cert.get(), | 223 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass())), cert.get(), |
| 223 local_key_pair_->private_key(), ssl_config); | 224 local_key_pair_->private_key(), ssl_config); |
| 224 net::SSLServerSocket* raw_server_socket = server_socket.get(); | 225 net::SSLServerSocket* raw_server_socket = server_socket.get(); |
| 225 socket_ = server_socket.Pass(); | 226 socket_ = server_socket.Pass(); |
| 226 result = raw_server_socket->Handshake( | 227 result = raw_server_socket->Handshake( |
| 227 base::Bind(&SslHmacChannelAuthenticator::OnConnected, | 228 base::Bind(&SslHmacChannelAuthenticator::OnConnected, |
| 228 base::Unretained(this))); | 229 base::Unretained(this))); |
| (...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 424 make_scoped_ptr(new P2PStreamSocketAdapter(socket_.Pass()))); | 425 make_scoped_ptr(new P2PStreamSocketAdapter(socket_.Pass()))); |
| 425 } | 426 } |
| 426 } | 427 } |
| 427 | 428 |
| 428 void SslHmacChannelAuthenticator::NotifyError(int error) { | 429 void SslHmacChannelAuthenticator::NotifyError(int error) { |
| 429 base::ResetAndReturn(&done_callback_).Run(error, nullptr); | 430 base::ResetAndReturn(&done_callback_).Run(error, nullptr); |
| 430 } | 431 } |
| 431 | 432 |
| 432 } // namespace protocol | 433 } // namespace protocol |
| 433 } // namespace remoting | 434 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1376593007:
SSL in EmbeddedTestServer (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master