OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <openssl/bio.h> | 8 #include <openssl/bio.h> |
9 #include <openssl/bytestring.h> | 9 #include <openssl/bytestring.h> |
10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
(...skipping 377 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
388 // | 388 // |
389 // TODO(davidben): Sessions should be invalidated on fatal | 389 // TODO(davidben): Sessions should be invalidated on fatal |
390 // alerts. https://crbug.com/466352 | 390 // alerts. https://crbug.com/466352 |
391 SSLClientSessionCache session_cache_; | 391 SSLClientSessionCache session_cache_; |
392 }; | 392 }; |
393 | 393 |
394 const SSL_PRIVATE_KEY_METHOD | 394 const SSL_PRIVATE_KEY_METHOD |
395 SSLClientSocketImpl::SSLContext::kPrivateKeyMethod = { | 395 SSLClientSocketImpl::SSLContext::kPrivateKeyMethod = { |
396 &SSLClientSocketImpl::SSLContext::PrivateKeyTypeCallback, | 396 &SSLClientSocketImpl::SSLContext::PrivateKeyTypeCallback, |
397 &SSLClientSocketImpl::SSLContext::PrivateKeyMaxSignatureLenCallback, | 397 &SSLClientSocketImpl::SSLContext::PrivateKeyMaxSignatureLenCallback, |
398 NULL, | |
398 &SSLClientSocketImpl::SSLContext::PrivateKeySignCallback, | 399 &SSLClientSocketImpl::SSLContext::PrivateKeySignCallback, |
400 NULL, | |
davidben
2016/07/18 09:46:40
[We'll want to wait for the roll which will includ
svaldez
2016/07/18 10:04:01
Done.
| |
399 &SSLClientSocketImpl::SSLContext::PrivateKeySignCompleteCallback, | 401 &SSLClientSocketImpl::SSLContext::PrivateKeySignCompleteCallback, |
400 }; | 402 }; |
401 | 403 |
402 // PeerCertificateChain is a helper object which extracts the certificate | 404 // PeerCertificateChain is a helper object which extracts the certificate |
403 // chain, as given by the server, from an OpenSSL socket and performs the needed | 405 // chain, as given by the server, from an OpenSSL socket and performs the needed |
404 // resource management. The first element of the chain is the leaf certificate | 406 // resource management. The first element of the chain is the leaf certificate |
405 // and the other elements are in the order given by the server. | 407 // and the other elements are in the order given by the server. |
406 class SSLClientSocketImpl::PeerCertificateChain { | 408 class SSLClientSocketImpl::PeerCertificateChain { |
407 public: | 409 public: |
408 explicit PeerCertificateChain(STACK_OF(X509) * chain) { Reset(chain); } | 410 explicit PeerCertificateChain(STACK_OF(X509) * chain) { Reset(chain); } |
(...skipping 1696 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2105 switch (ssl_config_.version_max) { | 2107 switch (ssl_config_.version_max) { |
2106 case SSL_PROTOCOL_VERSION_TLS1: | 2108 case SSL_PROTOCOL_VERSION_TLS1: |
2107 result.append("tls1"); | 2109 result.append("tls1"); |
2108 break; | 2110 break; |
2109 case SSL_PROTOCOL_VERSION_TLS1_1: | 2111 case SSL_PROTOCOL_VERSION_TLS1_1: |
2110 result.append("tls1.1"); | 2112 result.append("tls1.1"); |
2111 break; | 2113 break; |
2112 case SSL_PROTOCOL_VERSION_TLS1_2: | 2114 case SSL_PROTOCOL_VERSION_TLS1_2: |
2113 result.append("tls1.2"); | 2115 result.append("tls1.2"); |
2114 break; | 2116 break; |
2117 case SSL_PROTOCOL_VERSION_TLS1_3: | |
2118 result.append("tls1.3"); | |
2119 break; | |
2115 default: | 2120 default: |
2116 NOTREACHED(); | 2121 NOTREACHED(); |
2117 } | 2122 } |
2118 | 2123 |
2119 result.append("/"); | 2124 result.append("/"); |
2120 if (ssl_config_.deprecated_cipher_suites_enabled) | 2125 if (ssl_config_.deprecated_cipher_suites_enabled) |
2121 result.append("deprecated"); | 2126 result.append("deprecated"); |
2122 | 2127 |
2123 result.append("/"); | 2128 result.append("/"); |
2124 if (ssl_config_.channel_id_enabled) | 2129 if (ssl_config_.channel_id_enabled) |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2317 if (rv != OK) { | 2322 if (rv != OK) { |
2318 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); | 2323 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_CONNECT, rv); |
2319 return; | 2324 return; |
2320 } | 2325 } |
2321 | 2326 |
2322 net_log_.EndEvent(NetLog::TYPE_SSL_CONNECT, | 2327 net_log_.EndEvent(NetLog::TYPE_SSL_CONNECT, |
2323 base::Bind(&NetLogSSLInfoCallback, base::Unretained(this))); | 2328 base::Bind(&NetLogSSLInfoCallback, base::Unretained(this))); |
2324 } | 2329 } |
2325 | 2330 |
2326 } // namespace net | 2331 } // namespace net |
OLD | NEW |