OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
52 #include "net/ssl/ssl_connection_status_flags.h" | 52 #include "net/ssl/ssl_connection_status_flags.h" |
53 #include "net/ssl/ssl_failure_state.h" | 53 #include "net/ssl/ssl_failure_state.h" |
54 #include "net/ssl/ssl_info.h" | 54 #include "net/ssl/ssl_info.h" |
55 #include "net/ssl/ssl_private_key.h" | 55 #include "net/ssl/ssl_private_key.h" |
56 #include "net/ssl/token_binding.h" | 56 #include "net/ssl/token_binding.h" |
57 | 57 |
58 #if !defined(OS_NACL) | 58 #if !defined(OS_NACL) |
59 #include "net/ssl/ssl_key_logger.h" | 59 #include "net/ssl/ssl_key_logger.h" |
60 #endif | 60 #endif |
61 | 61 |
62 #if defined(USE_NSS_VERIFIER) | 62 #if defined(USE_NSS_CERTS) |
63 #include "net/cert_net/nss_ocsp.h" | 63 #include "net/cert_net/nss_ocsp.h" |
64 #endif | 64 #endif |
65 | 65 |
66 namespace net { | 66 namespace net { |
67 | 67 |
68 namespace { | 68 namespace { |
69 | 69 |
70 // Enable this to see logging for state machine state transitions. | 70 // Enable this to see logging for state machine state transitions. |
71 #if 0 | 71 #if 0 |
72 #define GotoState(s) do { DVLOG(2) << (void *)this << " " << __FUNCTION__ << \ | 72 #define GotoState(s) do { DVLOG(2) << (void *)this << " " << __FUNCTION__ << \ |
(...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
389 PeerCertificateChain(const PeerCertificateChain& other) { *this = other; } | 389 PeerCertificateChain(const PeerCertificateChain& other) { *this = other; } |
390 ~PeerCertificateChain() {} | 390 ~PeerCertificateChain() {} |
391 PeerCertificateChain& operator=(const PeerCertificateChain& other); | 391 PeerCertificateChain& operator=(const PeerCertificateChain& other); |
392 | 392 |
393 // Resets the PeerCertificateChain to the set of certificates in|chain|, | 393 // Resets the PeerCertificateChain to the set of certificates in|chain|, |
394 // which may be NULL, indicating to empty the store certificates. | 394 // which may be NULL, indicating to empty the store certificates. |
395 // Note: If an error occurs, such as being unable to parse the certificates, | 395 // Note: If an error occurs, such as being unable to parse the certificates, |
396 // this will behave as if Reset(NULL) was called. | 396 // this will behave as if Reset(NULL) was called. |
397 void Reset(STACK_OF(X509)* chain); | 397 void Reset(STACK_OF(X509)* chain); |
398 | 398 |
399 // Note that when USE_OPENSSL is defined, OSCertHandle is X509* | |
davidben
2016/04/18 19:36:45
I think this comment is still valid. It was just n
svaldez
2016/04/18 20:21:39
Done.
| |
400 scoped_refptr<X509Certificate> AsOSChain() const; | 399 scoped_refptr<X509Certificate> AsOSChain() const; |
401 | 400 |
402 size_t size() const { | 401 size_t size() const { |
403 if (!openssl_chain_.get()) | 402 if (!openssl_chain_.get()) |
404 return 0; | 403 return 0; |
405 return sk_X509_num(openssl_chain_.get()); | 404 return sk_X509_num(openssl_chain_.get()); |
406 } | 405 } |
407 | 406 |
408 bool empty() const { | 407 bool empty() const { |
409 return size() == 0; | 408 return size() == 0; |
(...skipping 460 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
870 } | 869 } |
871 | 870 |
872 int SSLClientSocketOpenSSL::SetSendBufferSize(int32_t size) { | 871 int SSLClientSocketOpenSSL::SetSendBufferSize(int32_t size) { |
873 return transport_->socket()->SetSendBufferSize(size); | 872 return transport_->socket()->SetSendBufferSize(size); |
874 } | 873 } |
875 | 874 |
876 int SSLClientSocketOpenSSL::Init() { | 875 int SSLClientSocketOpenSSL::Init() { |
877 DCHECK(!ssl_); | 876 DCHECK(!ssl_); |
878 DCHECK(!transport_bio_); | 877 DCHECK(!transport_bio_); |
879 | 878 |
880 #if defined(USE_NSS_VERIFIER) | 879 #if defined(USE_NSS_CERTS) |
881 if (ssl_config_.cert_io_enabled) { | 880 if (ssl_config_.cert_io_enabled) { |
882 // TODO(davidben): Move this out of SSLClientSocket. See | 881 // TODO(davidben): Move this out of SSLClientSocket. See |
883 // https://crbug.com/539520. | 882 // https://crbug.com/539520. |
884 EnsureNSSHttpIOInit(); | 883 EnsureNSSHttpIOInit(); |
885 } | 884 } |
886 #endif | 885 #endif |
887 | 886 |
888 SSLContext* context = SSLContext::GetInstance(); | 887 SSLContext* context = SSLContext::GetInstance(); |
889 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 888 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
890 | 889 |
(...skipping 1414 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2305 tb_was_negotiated_ = true; | 2304 tb_was_negotiated_ = true; |
2306 return 1; | 2305 return 1; |
2307 } | 2306 } |
2308 } | 2307 } |
2309 | 2308 |
2310 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; | 2309 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; |
2311 return 0; | 2310 return 0; |
2312 } | 2311 } |
2313 | 2312 |
2314 } // namespace net | 2313 } // namespace net |
OLD | NEW |