Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1071)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sdk/lib/io/secure_socket.dart

Issue 16081005: dart:io | Add documentation for the default root certificate database for secure networking. (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart
Patch Set: Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 part of dart.io; 5 part of dart.io;
6 6
7 /** 7 /**
8 * A high-level class for communicating securely over a TCP socket, using 8 * A high-level class for communicating securely over a TCP socket, using
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an
10 * [IOSink] interface, making it ideal for using together with 10 * [IOSink] interface, making it ideal for using together with
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after
142 * [peerCertificate] will return the server's certificate. 142 * [peerCertificate] will return the server's certificate.
143 */ 143 */
144 X509Certificate get peerCertificate; 144 X509Certificate get peerCertificate;
145 145
146 /** 146 /**
147 * Initializes the NSS library. If [initialize] is not called, the library 147 * Initializes the NSS library. If [initialize] is not called, the library
148 * is automatically initialized as if [initialize] were called with no 148 * is automatically initialized as if [initialize] were called with no
149 * arguments. 149 * arguments.
150 * 150 *
151 * The optional argument [database] is the path to a certificate database 151 * The optional argument [database] is the path to a certificate database
152 * containing root certificates for verifying certificate paths on 152 * directory containing root certificates for verifying certificate paths on
153 * client connections, and server certificates to provide on server 153 * client connections, and server certificates to provide on server
154 * connections. The argument [password] should be used when creating 154 * connections. The argument [password] should be used when creating
155 * secure server sockets, to allow the private key of the server 155 * secure server sockets, to allow the private key of the server
156 * certificate to be fetched. If [useBuiltinRoots] is true (the default), 156 * certificate to be fetched. If [useBuiltinRoots] is true (the default),
157 * then a built-in set of root certificates for trusted certificate 157 * then a built-in set of root certificates for trusted certificate
158 * authorities is merged with the certificates in the database. 158 * authorities is merged with the certificates in the database.
159 * The list of built-in root certificates, and documentation about this
160 * default database, is available at
161 * http://www.mozilla.org/projects/security/certs/included/ .
162 * If no value is provided for the [database] argument, then only the
Lasse Reichstein Nielsen 2013/05/31 08:49:06 We'd usually write "If the [database] argument is
Bill Hesse 2013/05/31 09:08:38 Done.
163 * builtin root certificates are used, unless they are disabled.
Lasse Reichstein Nielsen 2013/05/31 08:49:06 "unless they are disabled"? How can they be disabl
Bill Hesse 2013/05/31 09:08:38 Done.
159 * 164 *
160 * Examples: 165 * Examples:
161 * 1) Use only the builtin root certificates: 166 * 1) Use only the builtin root certificates:
162 * SecureSocket.initialize(); or 167 * SecureSocket.initialize(); or
163 * 168 *
164 * 2) Use a specified database and the builtin roots: 169 * 2) Use a specified database directory and the builtin roots:
165 * SecureSocket.initialize(database: 'path/to/my/database', 170 * SecureSocket.initialize(database: 'path/to/my/database',
166 * password: 'my_password'); 171 * password: 'my_password');
167 * 172 *
168 * 3) Use a specified database, without builtin roots: 173 * 3) Use a specified database directory, without builtin roots:
169 * SecureSocket.initialize(database: 'path/to/my/database', 174 * SecureSocket.initialize(database: 'path/to/my/database',
170 * password: 'my_password'. 175 * password: 'my_password'.
171 * useBuiltinRoots: false); 176 * useBuiltinRoots: false);
Lasse Reichstein Nielsen 2013/05/31 08:49:06 So what happens if you do: initialize(password:
Bill Hesse 2013/05/31 09:08:38 Nothing useful. No certificates are available. y
172 * 177 *
173 * The database should be an NSS certificate database directory 178 * The database should be an NSS certificate database directory
174 * containing a cert9.db file, not a cert8.db file. This version of 179 * containing a cert9.db file, not a cert8.db file. This version of
175 * the database can be created using the NSS certutil tool with "sql:" in 180 * the database can be created using the NSS certutil tool with "sql:" in
176 * front of the absolute path of the database directory, or setting the 181 * front of the absolute path of the database directory, or setting the
177 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". 182 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql".
178 */ 183 */
179 external static void initialize({String database, 184 external static void initialize({String database,
180 String password, 185 String password,
181 bool useBuiltinRoots: true}); 186 bool useBuiltinRoots: true});
(...skipping 784 matching lines...) Expand 10 before | Expand all | Expand 10 after
966 void destroy(); 971 void destroy();
967 void handshake(); 972 void handshake();
968 void init(); 973 void init();
969 X509Certificate get peerCertificate; 974 X509Certificate get peerCertificate;
970 int processBuffer(int bufferIndex); 975 int processBuffer(int bufferIndex);
971 void registerBadCertificateCallback(Function callback); 976 void registerBadCertificateCallback(Function callback);
972 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler); 977 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler);
973 978
974 List<_ExternalBuffer> get buffers; 979 List<_ExternalBuffer> get buffers;
975 } 980 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698