Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/ssl/openssl_ssl_util.cc

Issue 1474983003: Support for client certs in ssl_server_socket. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Free results from SSL_load_client_CA_file Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/socket/ssl_server_socket_unittest.cc ('K') | « net/ssl/openssl_ssl_util.h ('k') | net/ssl/scoped_openssl_types.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/ssl/openssl_ssl_util.cc
diff --git a/net/ssl/openssl_ssl_util.cc b/net/ssl/openssl_ssl_util.cc
index b91acdd97a2617da0c18241bae33851a3c7cbd90..0d142fb8ee389d2a224e671499e8ebe6e36e980f 100644
--- a/net/ssl/openssl_ssl_util.cc
+++ b/net/ssl/openssl_ssl_util.cc
@@ -16,6 +16,7 @@
#include "base/values.h"
#include "crypto/openssl_util.h"
#include "net/base/net_errors.h"
+#include "net/ssl/ssl_connection_status_flags.h"
namespace net {
@@ -158,7 +159,6 @@ int MapOpenSSLErrorWithDetails(int err,
const crypto::OpenSSLErrStackTracer& tracer,
OpenSSLErrorInfo* out_error_info) {
*out_error_info = OpenSSLErrorInfo();
-
davidben 2016/02/04 00:40:12 Guessing you accidentally hit backspace somewhere?
ryanchung 2016/02/05 01:56:13 Done. Probably a trigger-happy backspace.
switch (err) {
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
@@ -205,4 +205,49 @@ NetLog::ParametersCallback CreateNetLogOpenSSLErrorCallback(
net_error, ssl_error, error_info);
}
+void FreeX509Stack(STACK_OF(X509)* ptr) {
+ sk_X509_pop_free(ptr, X509_free);
+}
+
+void FreeX509NameStack(STACK_OF(X509_NAME)* ptr) {
+ sk_X509_NAME_pop_free(ptr, X509_NAME_free);
+}
+
+int GetNetSSLVersion(SSL* ssl) {
+ switch (SSL_version(ssl)) {
+ case TLS1_VERSION:
+ return SSL_CONNECTION_VERSION_TLS1;
+ case TLS1_1_VERSION:
+ return SSL_CONNECTION_VERSION_TLS1_1;
+ case TLS1_2_VERSION:
+ return SSL_CONNECTION_VERSION_TLS1_2;
+ default:
+ NOTREACHED();
+ return SSL_CONNECTION_VERSION_UNKNOWN;
+ }
+}
+
+ScopedX509 OSCertHandleToOpenSSL(X509Certificate::OSCertHandle os_handle) {
+#if defined(USE_OPENSSL_CERTS)
+ return ScopedX509(X509Certificate::DupOSCertHandle(os_handle));
+#else // !defined(USE_OPENSSL_CERTS)
+ std::string der_encoded;
+ if (!X509Certificate::GetDEREncoded(os_handle, &der_encoded))
+ return ScopedX509();
+ const uint8_t* bytes = reinterpret_cast<const uint8_t*>(der_encoded.data());
+ return ScopedX509(d2i_X509(NULL, &bytes, der_encoded.size()));
+#endif // defined(USE_OPENSSL_CERTS)
+}
+
+ScopedX509Stack OSCertHandlesToOpenSSL(
+ const X509Certificate::OSCertHandles& os_handles) {
+ ScopedX509Stack stack(sk_X509_new_null());
+ for (size_t i = 0; i < os_handles.size(); i++) {
+ ScopedX509 x509 = OSCertHandleToOpenSSL(os_handles[i]);
+ if (!x509)
+ return ScopedX509Stack();
+ sk_X509_push(stack.get(), x509.release());
+ }
+ return stack;
+}
} // namespace net
« net/socket/ssl_server_socket_unittest.cc ('K') | « net/ssl/openssl_ssl_util.h ('k') | net/ssl/scoped_openssl_types.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698