OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
48 #include "net/ssl/ssl_private_key.h" | 48 #include "net/ssl/ssl_private_key.h" |
49 | 49 |
50 #if defined(OS_WIN) | 50 #if defined(OS_WIN) |
51 #include "base/win/windows_version.h" | 51 #include "base/win/windows_version.h" |
52 #endif | 52 #endif |
53 | 53 |
54 #if !defined(OS_NACL) | 54 #if !defined(OS_NACL) |
55 #include "net/ssl/ssl_platform_key.h" | 55 #include "net/ssl/ssl_platform_key.h" |
56 #endif | 56 #endif |
57 | 57 |
| 58 #if defined(USE_NSS_CERTS) || defined(OS_IOS) |
| 59 #include "net/cert_net/nss_ocsp.h" |
| 60 #endif |
| 61 |
58 namespace net { | 62 namespace net { |
59 | 63 |
60 namespace { | 64 namespace { |
61 | 65 |
62 // Enable this to see logging for state machine state transitions. | 66 // Enable this to see logging for state machine state transitions. |
63 #if 0 | 67 #if 0 |
64 #define GotoState(s) do { DVLOG(2) << (void *)this << " " << __FUNCTION__ << \ | 68 #define GotoState(s) do { DVLOG(2) << (void *)this << " " << __FUNCTION__ << \ |
65 " jump to state " << s; \ | 69 " jump to state " << s; \ |
66 next_handshake_state_ = s; } while (0) | 70 next_handshake_state_ = s; } while (0) |
67 #else | 71 #else |
(...skipping 716 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
784 } | 788 } |
785 | 789 |
786 int SSLClientSocketOpenSSL::SetSendBufferSize(int32 size) { | 790 int SSLClientSocketOpenSSL::SetSendBufferSize(int32 size) { |
787 return transport_->socket()->SetSendBufferSize(size); | 791 return transport_->socket()->SetSendBufferSize(size); |
788 } | 792 } |
789 | 793 |
790 int SSLClientSocketOpenSSL::Init() { | 794 int SSLClientSocketOpenSSL::Init() { |
791 DCHECK(!ssl_); | 795 DCHECK(!ssl_); |
792 DCHECK(!transport_bio_); | 796 DCHECK(!transport_bio_); |
793 | 797 |
| 798 #if defined(USE_NSS_CERTS) || defined(OS_IOS) |
| 799 if (ssl_config_.cert_io_enabled) { |
| 800 // TODO(davidben): Move this out of SSLClientSocket. See |
| 801 // https://crbug.com/539520. |
| 802 EnsureNSSHttpIOInit(); |
| 803 } |
| 804 #endif |
| 805 |
794 SSLContext* context = SSLContext::GetInstance(); | 806 SSLContext* context = SSLContext::GetInstance(); |
795 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 807 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
796 | 808 |
797 ssl_ = SSL_new(context->ssl_ctx()); | 809 ssl_ = SSL_new(context->ssl_ctx()); |
798 if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this)) | 810 if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this)) |
799 return ERR_UNEXPECTED; | 811 return ERR_UNEXPECTED; |
800 | 812 |
801 // SNI should only contain valid DNS hostnames, not IP addresses (see RFC | 813 // SNI should only contain valid DNS hostnames, not IP addresses (see RFC |
802 // 6066, Section 3). | 814 // 6066, Section 3). |
803 // | 815 // |
(...skipping 1351 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2155 OnHandshakeIOComplete(signature_result_); | 2167 OnHandshakeIOComplete(signature_result_); |
2156 return; | 2168 return; |
2157 } | 2169 } |
2158 | 2170 |
2159 // During a renegotiation, either Read or Write calls may be blocked on an | 2171 // During a renegotiation, either Read or Write calls may be blocked on an |
2160 // asynchronous private key operation. | 2172 // asynchronous private key operation. |
2161 PumpReadWriteEvents(); | 2173 PumpReadWriteEvents(); |
2162 } | 2174 } |
2163 | 2175 |
2164 } // namespace net | 2176 } // namespace net |
OLD | NEW |