Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(469)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: runtime/bin/main.cc

Issue 2346683003: Use OS-provided trusted root certs on Linux (Closed)
Patch Set: Address comments Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « CHANGELOG.md ('k') | runtime/bin/root_certificates_unsupported.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: runtime/bin/main.cc
diff --git a/runtime/bin/main.cc b/runtime/bin/main.cc
index 9f7123843e824452a4c3793fac63b43d830f3b50..277220ef1fcd638aff3677c2b9cf4ad289d217d2 100644
--- a/runtime/bin/main.cc
+++ b/runtime/bin/main.cc
@@ -494,6 +494,43 @@ static bool ProcessShortSocketWriteOption(const char* arg,
}
+#if !defined(TARGET_OS_MACOS)
+extern const char* commandline_root_certs_file;
+extern const char* commandline_root_certs_cache;
+
+static bool ProcessRootCertsFileOption(const char* arg,
+ CommandLineOptions* vm_options) {
+ ASSERT(arg != NULL);
+ if (*arg == '-') {
+ return false;
+ }
+ if (commandline_root_certs_cache != NULL) {
+ Log::PrintErr("Only one of --root-certs-file and --root-certs-cache "
+ "may be specified");
+ return false;
+ }
+ commandline_root_certs_file = arg;
+ return true;
+}
+
+
+static bool ProcessRootCertsCacheOption(const char* arg,
+ CommandLineOptions* vm_options) {
+ ASSERT(arg != NULL);
+ if (*arg == '-') {
+ return false;
+ }
+ if (commandline_root_certs_file != NULL) {
+ Log::PrintErr("Only one of --root-certs-file and --root-certs-cache "
+ "may be specified");
+ return false;
+ }
+ commandline_root_certs_cache = arg;
+ return true;
+}
+#endif // !defined(TARGET_OS_MACOS)
+
+
static struct {
const char* option_name;
bool (*process)(const char* option, CommandLineOptions* vm_options);
@@ -522,6 +559,10 @@ static struct {
{ "--hot-reload-rollback-test-mode", ProcessHotReloadRollbackTestModeOption },
{ "--short_socket_read", ProcessShortSocketReadOption },
{ "--short_socket_write", ProcessShortSocketWriteOption },
+#if !defined(TARGET_OS_MACOS)
+ { "--root-certs-file=", ProcessRootCertsFileOption },
+ { "--root-certs-cache=", ProcessRootCertsCacheOption },
+#endif // !defined(TARGET_OS_MACOS)
{ NULL, NULL }
};
@@ -960,6 +1001,15 @@ static void PrintUsage() {
"--enable-vm-service[=<port>[/<bind-address>]]\n"
" enables the VM service and listens on specified port for connections\n"
" (default port number is 8181, default bind address is 127.0.0.1).\n"
+#if !defined(TARGET_OS_MACOS)
+"\n"
+"--root-certs-file=<path>\n"
+" The path to a file containing the trusted root certificates to use for\n"
+" secure socket connections.\n"
+"--root-certs-cache=<path>\n"
+" The path to a cache directory containing the trusted root certificates to\n"
+" use for secure socket connections.\n"
+#endif // !defined(TARGET_OS_MACOS)
"\n"
"The following options are only used for VM development and may\n"
"be changed in any future version:\n");
« no previous file with comments | « CHANGELOG.md ('k') | runtime/bin/root_certificates_unsupported.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698