| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 1205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1216 CERT_GetDefaultCertDB(), SEC_CERT_NICKNAMES_USER, wincx); | 1216 CERT_GetDefaultCertDB(), SEC_CERT_NICKNAMES_USER, wincx); |
| 1217 if (names) { | 1217 if (names) { |
| 1218 for (int i = 0; i < names->numnicknames; ++i) { | 1218 for (int i = 0; i < names->numnicknames; ++i) { |
| 1219 cert = CERT_FindUserCertByUsage( | 1219 cert = CERT_FindUserCertByUsage( |
| 1220 CERT_GetDefaultCertDB(), names->nicknames[i], | 1220 CERT_GetDefaultCertDB(), names->nicknames[i], |
| 1221 certUsageSSLClient, PR_FALSE, wincx); | 1221 certUsageSSLClient, PR_FALSE, wincx); |
| 1222 if (!cert) | 1222 if (!cert) |
| 1223 continue; | 1223 continue; |
| 1224 // Only check unexpired certs. | 1224 // Only check unexpired certs. |
| 1225 if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) == | 1225 if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) == |
| 1226 secCertTimeValid && | 1226 secCertTimeValid && (!ca_names->nnames || |
| 1227 NSS_CmpCertChainWCANames(cert, ca_names) == SECSuccess) { | 1227 NSS_CmpCertChainWCANames(cert, ca_names) == SECSuccess)) { |
| 1228 privkey = PK11_FindKeyByAnyCert(cert, wincx); | 1228 privkey = PK11_FindKeyByAnyCert(cert, wincx); |
| 1229 if (privkey) { | 1229 if (privkey) { |
| 1230 X509Certificate* x509_cert = X509Certificate::CreateFromHandle( | 1230 X509Certificate* x509_cert = X509Certificate::CreateFromHandle( |
| 1231 cert, X509Certificate::SOURCE_LONE_CERT_IMPORT, | 1231 cert, X509Certificate::SOURCE_LONE_CERT_IMPORT, |
| 1232 net::X509Certificate::OSCertHandles()); | 1232 net::X509Certificate::OSCertHandles()); |
| 1233 that->client_certs_.push_back(x509_cert); | 1233 that->client_certs_.push_back(x509_cert); |
| 1234 SECKEY_DestroyPrivateKey(privkey); | 1234 SECKEY_DestroyPrivateKey(privkey); |
| 1235 continue; | 1235 continue; |
| 1236 } | 1236 } |
| 1237 } | 1237 } |
| (...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1422 } | 1422 } |
| 1423 PRErrorCode prerr = PR_GetError(); | 1423 PRErrorCode prerr = PR_GetError(); |
| 1424 if (prerr == PR_WOULD_BLOCK_ERROR) { | 1424 if (prerr == PR_WOULD_BLOCK_ERROR) { |
| 1425 return ERR_IO_PENDING; | 1425 return ERR_IO_PENDING; |
| 1426 } | 1426 } |
| 1427 LeaveFunction(""); | 1427 LeaveFunction(""); |
| 1428 return MapNSPRError(prerr); | 1428 return MapNSPRError(prerr); |
| 1429 } | 1429 } |
| 1430 | 1430 |
| 1431 } // namespace net | 1431 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1637013:
Merge 44442 - If the server's CertificateRequest message contains an empty... (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/375/src/