| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_server_socket_nss.h" | 5 #include "net/socket/ssl_server_socket_nss.h" |
| 6 | 6 |
| 7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
| 8 #include <winsock2.h> | 8 #include <winsock2.h> |
| 9 #endif | 9 #endif |
| 10 | 10 |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 user_read_buf_len_(0), | 101 user_read_buf_len_(0), |
| 102 user_write_buf_len_(0), | 102 user_write_buf_len_(0), |
| 103 nss_fd_(NULL), | 103 nss_fd_(NULL), |
| 104 nss_bufs_(NULL), | 104 nss_bufs_(NULL), |
| 105 transport_socket_(transport_socket.Pass()), | 105 transport_socket_(transport_socket.Pass()), |
| 106 ssl_config_(ssl_config), | 106 ssl_config_(ssl_config), |
| 107 cert_(cert), | 107 cert_(cert), |
| 108 next_handshake_state_(STATE_NONE), | 108 next_handshake_state_(STATE_NONE), |
| 109 completed_handshake_(false) { | 109 completed_handshake_(false) { |
| 110 // TODO(hclam): Need a better way to clone a key. | 110 // TODO(hclam): Need a better way to clone a key. |
| 111 std::vector<uint8> key_bytes; | 111 std::vector<uint8_t> key_bytes; |
| 112 CHECK(key->ExportPrivateKey(&key_bytes)); | 112 CHECK(key->ExportPrivateKey(&key_bytes)); |
| 113 key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); | 113 key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); |
| 114 CHECK(key_.get()); | 114 CHECK(key_.get()); |
| 115 } | 115 } |
| 116 | 116 |
| 117 SSLServerSocketNSS::~SSLServerSocketNSS() { | 117 SSLServerSocketNSS::~SSLServerSocketNSS() { |
| 118 if (nss_fd_ != NULL) { | 118 if (nss_fd_ != NULL) { |
| 119 PR_Close(nss_fd_); | 119 PR_Close(nss_fd_); |
| 120 nss_fd_ = NULL; | 120 nss_fd_ = NULL; |
| 121 } | 121 } |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 232 | 232 |
| 233 if (rv == ERR_IO_PENDING) { | 233 if (rv == ERR_IO_PENDING) { |
| 234 user_write_callback_ = callback; | 234 user_write_callback_ = callback; |
| 235 } else { | 235 } else { |
| 236 user_write_buf_ = NULL; | 236 user_write_buf_ = NULL; |
| 237 user_write_buf_len_ = 0; | 237 user_write_buf_len_ = 0; |
| 238 } | 238 } |
| 239 return rv; | 239 return rv; |
| 240 } | 240 } |
| 241 | 241 |
| 242 int SSLServerSocketNSS::SetReceiveBufferSize(int32 size) { | 242 int SSLServerSocketNSS::SetReceiveBufferSize(int32_t size) { |
| 243 return transport_socket_->SetReceiveBufferSize(size); | 243 return transport_socket_->SetReceiveBufferSize(size); |
| 244 } | 244 } |
| 245 | 245 |
| 246 int SSLServerSocketNSS::SetSendBufferSize(int32 size) { | 246 int SSLServerSocketNSS::SetSendBufferSize(int32_t size) { |
| 247 return transport_socket_->SetSendBufferSize(size); | 247 return transport_socket_->SetSendBufferSize(size); |
| 248 } | 248 } |
| 249 | 249 |
| 250 bool SSLServerSocketNSS::IsConnected() const { | 250 bool SSLServerSocketNSS::IsConnected() const { |
| 251 // TODO(wtc): Find out if we should check transport_socket_->IsConnected() | 251 // TODO(wtc): Find out if we should check transport_socket_->IsConnected() |
| 252 // as well. | 252 // as well. |
| 253 return completed_handshake_; | 253 return completed_handshake_; |
| 254 } | 254 } |
| 255 | 255 |
| 256 void SSLServerSocketNSS::Disconnect() { | 256 void SSLServerSocketNSS::Disconnect() { |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 377 SSLCipherSuiteInfo info; | 377 SSLCipherSuiteInfo info; |
| 378 if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info, sizeof(info)) == | 378 if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info, sizeof(info)) == |
| 379 SECSuccess) { | 379 SECSuccess) { |
| 380 if (strcmp(info.keaTypeName, "ECDHE") != 0) { | 380 if (strcmp(info.keaTypeName, "ECDHE") != 0) { |
| 381 SSL_CipherPrefSet(nss_fd_, ssl_ciphers[i], PR_FALSE); | 381 SSL_CipherPrefSet(nss_fd_, ssl_ciphers[i], PR_FALSE); |
| 382 } | 382 } |
| 383 } | 383 } |
| 384 } | 384 } |
| 385 } | 385 } |
| 386 | 386 |
| 387 for (std::vector<uint16>::const_iterator it = | 387 for (std::vector<uint16_t>::const_iterator it = |
| 388 ssl_config_.disabled_cipher_suites.begin(); | 388 ssl_config_.disabled_cipher_suites.begin(); |
| 389 it != ssl_config_.disabled_cipher_suites.end(); ++it) { | 389 it != ssl_config_.disabled_cipher_suites.end(); ++it) { |
| 390 // This will fail if the specified cipher is not implemented by NSS, but | 390 // This will fail if the specified cipher is not implemented by NSS, but |
| 391 // the failure is harmless. | 391 // the failure is harmless. |
| 392 SSL_CipherPrefSet(nss_fd_, *it, PR_FALSE); | 392 SSL_CipherPrefSet(nss_fd_, *it, PR_FALSE); |
| 393 } | 393 } |
| 394 | 394 |
| 395 // Server socket doesn't need session tickets. | 395 // Server socket doesn't need session tickets. |
| 396 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_FALSE); | 396 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_FALSE); |
| 397 if (rv != SECSuccess) { | 397 if (rv != SECSuccess) { |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 449 | 449 |
| 450 // Parse into a CERTCertificate structure. | 450 // Parse into a CERTCertificate structure. |
| 451 CERTCertificate* cert = CERT_NewTempCertificate( | 451 CERTCertificate* cert = CERT_NewTempCertificate( |
| 452 CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE); | 452 CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE); |
| 453 if (!cert) { | 453 if (!cert) { |
| 454 LogFailedNSSFunction(net_log_, "CERT_NewTempCertificate", ""); | 454 LogFailedNSSFunction(net_log_, "CERT_NewTempCertificate", ""); |
| 455 return MapNSSError(PORT_GetError()); | 455 return MapNSSError(PORT_GetError()); |
| 456 } | 456 } |
| 457 | 457 |
| 458 // Get a key of SECKEYPrivateKey* structure. | 458 // Get a key of SECKEYPrivateKey* structure. |
| 459 std::vector<uint8> key_vector; | 459 std::vector<uint8_t> key_vector; |
| 460 if (!key_->ExportPrivateKey(&key_vector)) { | 460 if (!key_->ExportPrivateKey(&key_vector)) { |
| 461 CERT_DestroyCertificate(cert); | 461 CERT_DestroyCertificate(cert); |
| 462 return ERR_UNEXPECTED; | 462 return ERR_UNEXPECTED; |
| 463 } | 463 } |
| 464 | 464 |
| 465 SECKEYPrivateKeyStr* private_key = NULL; | 465 SECKEYPrivateKeyStr* private_key = NULL; |
| 466 PK11SlotInfo* slot = PK11_GetInternalSlot(); | 466 PK11SlotInfo* slot = PK11_GetInternalSlot(); |
| 467 if (!slot) { | 467 if (!slot) { |
| 468 CERT_DestroyCertificate(cert); | 468 CERT_DestroyCertificate(cert); |
| 469 return ERR_UNEXPECTED; | 469 return ERR_UNEXPECTED; |
| (...skipping 378 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 848 // initializes the NSS base library. | 848 // initializes the NSS base library. |
| 849 EnsureNSSSSLInit(); | 849 EnsureNSSSSLInit(); |
| 850 if (!NSS_IsInitialized()) | 850 if (!NSS_IsInitialized()) |
| 851 return ERR_UNEXPECTED; | 851 return ERR_UNEXPECTED; |
| 852 | 852 |
| 853 EnableSSLServerSockets(); | 853 EnableSSLServerSockets(); |
| 854 return OK; | 854 return OK; |
| 855 } | 855 } |
| 856 | 856 |
| 857 } // namespace net | 857 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1535363003:
Switch to standard integer types in net/. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master