Index: runtime/bin/secure_socket.cc |
diff --git a/runtime/bin/secure_socket.cc b/runtime/bin/secure_socket.cc |
index d308b3bf83ef781f24c03fb6758877a645c25edd..63dfa77fd9dd5f4c26a49f3e0a978024d4956807 100644 |
--- a/runtime/bin/secure_socket.cc |
+++ b/runtime/bin/secure_socket.cc |
@@ -189,6 +189,23 @@ void FUNCTION_NAME(SecureSocket_Handshake)(Dart_NativeArguments args) { |
} |
+void FUNCTION_NAME(SecureSocket_Renegotiate)(Dart_NativeArguments args) { |
+ Dart_EnterScope(); |
+ bool use_session_cache = |
+ DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 1)); |
+ bool request_client_certificate = |
+ DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 2)); |
+ bool require_client_certificate = |
+ DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 3)); |
+ request_client_certificate = |
+ request_client_certificate || require_client_certificate; |
Anders Johnsen
2013/07/11 11:20:32
Please add a comment here. It's hard to understand
Bill Hesse
2013/07/11 15:25:42
Done.
|
+ GetFilter(args)->Renegotiate(use_session_cache, |
+ request_client_certificate, |
+ require_client_certificate); |
+ Dart_ExitScope(); |
+} |
+ |
+ |
void FUNCTION_NAME(SecureSocket_RegisterHandshakeCompleteCallback)( |
Dart_NativeArguments args) { |
Dart_EnterScope(); |
@@ -827,6 +844,36 @@ void SSLFilter::Handshake() { |
} |
+void SSLFilter::Renegotiate(bool use_session_cache, |
+ bool request_client_certificate, |
+ bool require_client_certificate) { |
+ SECStatus status; |
+ PRBool request_cert = request_client_certificate ? PR_TRUE : PR_FALSE; |
Anders Johnsen
2013/07/11 11:20:32
It can not be cast directly?
Bill Hesse
2013/07/11 15:25:42
Yes, It doesn't even need a cast anymore - PRBool
Bill Hesse
2013/07/11 15:25:42
Yes, the implicit bool -> int cast produces 0 and
|
+ status = SSL_OptionSet(filter_, SSL_REQUEST_CERTIFICATE, request_cert); |
+ if (status != SECSuccess) { |
+ ThrowPRException("TlsException", |
+ "Failure in (Raw)SecureSocket.renegotiate request_client_certificate"); |
+ } |
+ PRBool require_cert = require_client_certificate ? PR_TRUE : PR_FALSE; |
+ status = SSL_OptionSet(filter_, SSL_REQUIRE_CERTIFICATE, require_cert); |
+ if (status != SECSuccess) { |
+ ThrowPRException("TlsException", |
+ "Failure in (Raw)SecureSocket.renegotiate require_client_certificate"); |
+ } |
+ PRBool flush_cache = use_session_cache ? PR_FALSE : PR_TRUE; |
Anders Johnsen
2013/07/11 11:20:32
Please don't negate in this 'cast'. Hard to read.
Bill Hesse
2013/07/11 15:25:42
Done.
|
+ status = SSL_ReHandshake(filter_, flush_cache); |
+ if (status != SECSuccess) { |
+ if (is_server_) { |
+ ThrowPRException("HandshakeException", |
+ "Failure in (Raw)SecureSocket.renegotiate in server"); |
+ } else { |
+ ThrowPRException("HandshakeException", |
+ "Failure in (Raw)SecureSocket.renegotiate in client"); |
+ } |
+ } |
+} |
+ |
+ |
void SSLFilter::Destroy() { |
for (int i = 0; i < kNumBuffers; ++i) { |
Dart_DeletePersistentHandle(dart_buffer_objects_[i]); |