Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_server_socket_nss.cc

Issue 1376593007: SSL in EmbeddedTestServer (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: More cleanup. Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_server_socket_nss.h ('k') | net/socket/ssl_server_socket_openssl.h » ('j') | net/ssl/ssl_server_config.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_server_socket_nss.h" 5 #include "net/socket/ssl_server_socket_nss.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <winsock2.h> 8 #include <winsock2.h>
9 #endif 9 #endif
10 10
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
75 } // namespace 75 } // namespace
76 76
77 void EnableSSLServerSockets() { 77 void EnableSSLServerSockets() {
78 g_nss_ssl_server_init_singleton.Get(); 78 g_nss_ssl_server_init_singleton.Get();
79 } 79 }
80 80
81 scoped_ptr<SSLServerSocket> CreateSSLServerSocket( 81 scoped_ptr<SSLServerSocket> CreateSSLServerSocket(
82 scoped_ptr<StreamSocket> socket, 82 scoped_ptr<StreamSocket> socket,
83 X509Certificate* cert, 83 X509Certificate* cert,
84 crypto::RSAPrivateKey* key, 84 crypto::RSAPrivateKey* key,
85 const SSLConfig& ssl_config) { 85 const SSLServerConfig& ssl_config) {
86 DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been" 86 DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been"
87 << " called yet!"; 87 << " called yet!";
88 88
89 return scoped_ptr<SSLServerSocket>( 89 return scoped_ptr<SSLServerSocket>(
90 new SSLServerSocketNSS(socket.Pass(), cert, key, ssl_config)); 90 new SSLServerSocketNSS(socket.Pass(), cert, key, ssl_config));
91 } 91 }
92 92
93 SSLServerSocketNSS::SSLServerSocketNSS( 93 SSLServerSocketNSS::SSLServerSocketNSS(
94 scoped_ptr<StreamSocket> transport_socket, 94 scoped_ptr<StreamSocket> transport_socket,
95 scoped_refptr<X509Certificate> cert, 95 scoped_refptr<X509Certificate> cert,
96 crypto::RSAPrivateKey* key, 96 crypto::RSAPrivateKey* key,
97 const SSLConfig& ssl_config) 97 const SSLServerConfig& ssl_config)
98 : transport_send_busy_(false), 98 : transport_send_busy_(false),
99 transport_recv_busy_(false), 99 transport_recv_busy_(false),
100 user_read_buf_len_(0), 100 user_read_buf_len_(0),
101 user_write_buf_len_(0), 101 user_write_buf_len_(0),
102 nss_fd_(NULL), 102 nss_fd_(NULL),
103 nss_bufs_(NULL), 103 nss_bufs_(NULL),
104 transport_socket_(transport_socket.Pass()), 104 transport_socket_(transport_socket.Pass()),
105 ssl_config_(ssl_config), 105 ssl_config_(ssl_config),
106 cert_(cert), 106 cert_(cert),
107 next_handshake_state_(STATE_NONE), 107 next_handshake_state_(STATE_NONE),
(...skipping 217 matching lines...) Expand 10 before | Expand all | Expand 10 after
325 /* Push SSL onto our fake I/O socket */ 325 /* Push SSL onto our fake I/O socket */
326 nss_fd_ = SSL_ImportFD(NULL, nss_fd_); 326 nss_fd_ = SSL_ImportFD(NULL, nss_fd_);
327 if (nss_fd_ == NULL) { 327 if (nss_fd_ == NULL) {
328 LogFailedNSSFunction(net_log_, "SSL_ImportFD", ""); 328 LogFailedNSSFunction(net_log_, "SSL_ImportFD", "");
329 return ERR_OUT_OF_MEMORY; // TODO(port): map NSPR/NSS error code. 329 return ERR_OUT_OF_MEMORY; // TODO(port): map NSPR/NSS error code.
330 } 330 }
331 // TODO(port): set more ssl options! Check errors! 331 // TODO(port): set more ssl options! Check errors!
332 332
333 int rv; 333 int rv;
334 334
335 if (ssl_config_.require_client_cert) {
336 rv = SSL_OptionSet(nss_fd_, SSL_REQUEST_CERTIFICATE, PR_TRUE);
337 if (rv != SECSuccess) {
338 LogFailedNSSFunction(net_log_, "SSL_OptionSet",
339 "SSL_REQUEST_CERTIFICATE");
340 return ERR_UNEXPECTED;
341 }
342 }
343
335 rv = SSL_OptionSet(nss_fd_, SSL_SECURITY, PR_TRUE); 344 rv = SSL_OptionSet(nss_fd_, SSL_SECURITY, PR_TRUE);
336 if (rv != SECSuccess) { 345 if (rv != SECSuccess) {
337 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_SECURITY"); 346 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_SECURITY");
338 return ERR_UNEXPECTED; 347 return ERR_UNEXPECTED;
339 } 348 }
340 349
341 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SSL2, PR_FALSE); 350 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SSL2, PR_FALSE);
342 if (rv != SECSuccess) { 351 if (rv != SECSuccess) {
343 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_SSL2"); 352 LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_SSL2");
344 return ERR_UNEXPECTED; 353 return ERR_UNEXPECTED;
(...skipping 488 matching lines...) Expand 10 before | Expand all | Expand 10 after
833 // initializes the NSS base library. 842 // initializes the NSS base library.
834 EnsureNSSSSLInit(); 843 EnsureNSSSSLInit();
835 if (!NSS_IsInitialized()) 844 if (!NSS_IsInitialized())
836 return ERR_UNEXPECTED; 845 return ERR_UNEXPECTED;
837 846
838 EnableSSLServerSockets(); 847 EnableSSLServerSockets();
839 return OK; 848 return OK;
840 } 849 }
841 850
842 } // namespace net 851 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_server_socket_nss.h ('k') | net/socket/ssl_server_socket_openssl.h » ('j') | net/ssl/ssl_server_config.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698