OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 1205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1216 CERT_GetDefaultCertDB(), SEC_CERT_NICKNAMES_USER, wincx); | 1216 CERT_GetDefaultCertDB(), SEC_CERT_NICKNAMES_USER, wincx); |
1217 if (names) { | 1217 if (names) { |
1218 for (int i = 0; i < names->numnicknames; ++i) { | 1218 for (int i = 0; i < names->numnicknames; ++i) { |
1219 cert = CERT_FindUserCertByUsage( | 1219 cert = CERT_FindUserCertByUsage( |
1220 CERT_GetDefaultCertDB(), names->nicknames[i], | 1220 CERT_GetDefaultCertDB(), names->nicknames[i], |
1221 certUsageSSLClient, PR_FALSE, wincx); | 1221 certUsageSSLClient, PR_FALSE, wincx); |
1222 if (!cert) | 1222 if (!cert) |
1223 continue; | 1223 continue; |
1224 // Only check unexpired certs. | 1224 // Only check unexpired certs. |
1225 if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) == | 1225 if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) == |
1226 secCertTimeValid && | 1226 secCertTimeValid && (!ca_names->nnames || |
1227 NSS_CmpCertChainWCANames(cert, ca_names) == SECSuccess) { | 1227 NSS_CmpCertChainWCANames(cert, ca_names) == SECSuccess)) { |
1228 privkey = PK11_FindKeyByAnyCert(cert, wincx); | 1228 privkey = PK11_FindKeyByAnyCert(cert, wincx); |
1229 if (privkey) { | 1229 if (privkey) { |
1230 X509Certificate* x509_cert = X509Certificate::CreateFromHandle( | 1230 X509Certificate* x509_cert = X509Certificate::CreateFromHandle( |
1231 cert, X509Certificate::SOURCE_LONE_CERT_IMPORT, | 1231 cert, X509Certificate::SOURCE_LONE_CERT_IMPORT, |
1232 net::X509Certificate::OSCertHandles()); | 1232 net::X509Certificate::OSCertHandles()); |
1233 that->client_certs_.push_back(x509_cert); | 1233 that->client_certs_.push_back(x509_cert); |
1234 SECKEY_DestroyPrivateKey(privkey); | 1234 SECKEY_DestroyPrivateKey(privkey); |
1235 continue; | 1235 continue; |
1236 } | 1236 } |
1237 } | 1237 } |
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1422 } | 1422 } |
1423 PRErrorCode prerr = PR_GetError(); | 1423 PRErrorCode prerr = PR_GetError(); |
1424 if (prerr == PR_WOULD_BLOCK_ERROR) { | 1424 if (prerr == PR_WOULD_BLOCK_ERROR) { |
1425 return ERR_IO_PENDING; | 1425 return ERR_IO_PENDING; |
1426 } | 1426 } |
1427 LeaveFunction(""); | 1427 LeaveFunction(""); |
1428 return MapNSPRError(prerr); | 1428 return MapNSPRError(prerr); |
1429 } | 1429 } |
1430 | 1430 |
1431 } // namespace net | 1431 } // namespace net |
OLD | NEW |