Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(488)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/ssl/client_cert_store_impl_nss.cc

Issue 18121007: *WIP* Store NSS slots per profile. Move keygen to chrome. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: cert manager basics working Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/ssl/client_cert_store_impl_mac.cc ('k') | net/ssl/client_cert_store_impl_win.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/ssl/client_cert_store_impl_nss.cc
diff --git a/net/ssl/client_cert_store_impl_nss.cc b/net/ssl/client_cert_store_impl_nss.cc
index ffab2680c68d7520a5cc5453706ad03b85fd1904..34ec1de060960f565d386f22810a96d6c84d3fd9 100644
--- a/net/ssl/client_cert_store_impl_nss.cc
+++ b/net/ssl/client_cert_store_impl_nss.cc
@@ -7,6 +7,7 @@
#include <nss.h>
#include <ssl.h>
+#include "base/callback.h"
#include "base/logging.h"
#include "net/cert/x509_util.h"
@@ -48,12 +49,15 @@ bool GetClientCertsImpl(CERTCertList* cert_list,
if (!ca_names_items.empty())
ca_names.names = &ca_names_items[0];
+ size_t num_raw = 0;
for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list);
!CERT_LIST_END(node, cert_list);
node = CERT_LIST_NEXT(node)) {
+ ++num_raw;
// Only offer unexpired certificates.
if (CERT_CheckCertValidTimes(node->cert, PR_Now(), PR_TRUE) !=
secCertTimeValid) {
+ LOG(WARNING) << " skipped an expired cert";
continue;
}
@@ -66,9 +70,13 @@ bool GetClientCertsImpl(CERTCertList* cert_list,
cert->IsIssuedByEncoded(request.cert_authorities)) ||
(query_nssdb &&
NSS_CmpCertChainWCANames(node->cert, &ca_names) == SECSuccess)) {
+ LOG(WARNING) << " selected a cert";
selected_certs->push_back(cert);
}
+ else
+ LOG(WARNING) << " skipped a cert";
}
+ LOG(WARNING) << "num_raw:" << num_raw << " res:"<<selected_certs->size();
std::sort(selected_certs->begin(), selected_certs->end(),
x509_util::ClientCertSorter());
@@ -77,18 +85,21 @@ bool GetClientCertsImpl(CERTCertList* cert_list,
} // namespace
-bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
- CertificateList* selected_certs) {
+void ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
+ CertificateList* selected_certs,
+ const base::Closure& callback) {
CERTCertList* client_certs = CERT_FindUserCertsByUsage(
CERT_GetDefaultCertDB(), certUsageSSLClient,
PR_FALSE, PR_FALSE, NULL);
// It is ok for a user not to have any client certs.
- if (!client_certs)
- return true;
+ if (!client_certs) {
+ callback.Run();
+ return;
+ }
- bool rv = GetClientCertsImpl(client_certs, request, true, selected_certs);
+ GetClientCertsImpl(client_certs, request, true, selected_certs);
CERT_DestroyCertList(client_certs);
- return rv;
+ callback.Run();
}
bool ClientCertStoreImpl::SelectClientCertsForTesting(
« no previous file with comments | « net/ssl/client_cert_store_impl_mac.cc ('k') | net/ssl/client_cert_store_impl_win.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698