net/socket/ssl_client_socket_openssl.cc - Issue 1474983003: Support for client certs in ssl_server_socket.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_openssl.cc

Issue 1474983003: Support for client certs in ssl_server_socket. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Simplified CertVerifyCallback Created 5 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_openssl.cc

diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc

index 090f2bdffa0344356416a2b04d58685837ae3c75..1ac4a011803c79e6554f253b1fdc8680cdad1201 100644

--- a/net/socket/ssl_client_socket_openssl.cc

+++ b/net/socket/ssl_client_socket_openssl.cc

@@ -92,64 +92,6 @@ const uint8_t kTbProtocolVersionMinor = 3;

const uint8_t kTbMinProtocolVersionMajor = 0;

const uint8_t kTbMinProtocolVersionMinor = 2;

-void FreeX509Stack(STACK_OF(X509)* ptr) {

- sk_X509_pop_free(ptr, X509_free);

-using ScopedX509Stack = crypto::ScopedOpenSSL<STACK_OF(X509), FreeX509Stack>;

-// Used for encoding the |connection_status| field of an SSLInfo object.

-int EncodeSSLConnectionStatus(uint16 cipher_suite,

- int compression,

- int version) {

- return cipher_suite |

- ((compression & SSL_CONNECTION_COMPRESSION_MASK) <<

- SSL_CONNECTION_COMPRESSION_SHIFT) |

- ((version & SSL_CONNECTION_VERSION_MASK) <<

- SSL_CONNECTION_VERSION_SHIFT);

-// Returns the net SSL version number (see ssl_connection_status_flags.h) for

-// this SSL connection.

-int GetNetSSLVersion(SSL* ssl) {

- switch (SSL_version(ssl)) {

- case TLS1_VERSION:

- return SSL_CONNECTION_VERSION_TLS1;

- case TLS1_1_VERSION:

- return SSL_CONNECTION_VERSION_TLS1_1;

- case TLS1_2_VERSION:

- return SSL_CONNECTION_VERSION_TLS1_2;

- default:

- NOTREACHED();

- return SSL_CONNECTION_VERSION_UNKNOWN;

- }

-ScopedX509 OSCertHandleToOpenSSL(

- X509Certificate::OSCertHandle os_handle) {

-#if defined(USE_OPENSSL_CERTS)

- return ScopedX509(X509Certificate::DupOSCertHandle(os_handle));

-#else // !defined(USE_OPENSSL_CERTS)

- std::string der_encoded;

- if (!X509Certificate::GetDEREncoded(os_handle, &der_encoded))

- return ScopedX509();

- const uint8_t* bytes = reinterpret_cast<const uint8_t*>(der_encoded.data());

- return ScopedX509(d2i_X509(NULL, &bytes, der_encoded.size()));

-#endif // defined(USE_OPENSSL_CERTS)

-ScopedX509Stack OSCertHandlesToOpenSSL(

- const X509Certificate::OSCertHandles& os_handles) {

- ScopedX509Stack stack(sk_X509_new_null());

- for (size_t i = 0; i < os_handles.size(); i++) {

- ScopedX509 x509 = OSCertHandleToOpenSSL(os_handles[i]);

- if (!x509)

- return ScopedX509Stack();

- sk_X509_push(stack.get(), x509.release());

- }

- return stack.Pass();

bool EVP_MDToPrivateKeyHash(const EVP_MD* md, SSLPrivateKey::Hash* hash) {

switch (EVP_MD_type(md)) {

case NID_md5_sha1:

« net/cert/mock_client_cert_verifier.cc ('K') | « net/net.gypi ('k') | net/socket/ssl_server_socket.h » ('j') | net/ssl/openssl_ssl_util.cc » ('J')