Chromium Code Reviews Chromium Code Reviews
Issue 2400183002:
Cleanup: More accurate output parameter type for CTVerifier (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <openssl/bio.h> | 8 #include <openssl/bio.h> |
| 9 #include <openssl/bytestring.h> | 9 #include <openssl/bytestring.h> |
| 10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
| (...skipping 1748 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1759 SSL_get0_signed_cert_timestamp_list(ssl_, &sct_list_raw, &sct_list_len); | 1759 SSL_get0_signed_cert_timestamp_list(ssl_, &sct_list_raw, &sct_list_len); |
| 1760 std::string sct_list; | 1760 std::string sct_list; |
| 1761 if (sct_list_len > 0) | 1761 if (sct_list_len > 0) |
| 1762 sct_list.assign(reinterpret_cast<const char*>(sct_list_raw), sct_list_len); | 1762 sct_list.assign(reinterpret_cast<const char*>(sct_list_raw), sct_list_len); |
| 1763 | 1763 |
| 1764 // Note that this is a completely synchronous operation: The CT Log Verifier | 1764 // Note that this is a completely synchronous operation: The CT Log Verifier |
| 1765 // gets all the data it needs for SCT verification and does not do any | 1765 // gets all the data it needs for SCT verification and does not do any |
| 1766 // external communication. | 1766 // external communication. |
| 1767 cert_transparency_verifier_->Verify( | 1767 cert_transparency_verifier_->Verify( |
| 1768 server_cert_verify_result_.verified_cert.get(), ocsp_response_, sct_list, | 1768 server_cert_verify_result_.verified_cert.get(), ocsp_response_, sct_list, |
| 1769 &ct_verify_result_, net_log_); | 1769 &(ct_verify_result_.scts), net_log_); |
|
Ryan Sleevi
2016/10/07 14:05:29
I don't believe these are necessary?
Eran Messeri
2016/10/10 13:14:09
Done.
| |
| 1770 | 1770 |
| 1771 ct_verify_result_.ct_policies_applied = true; | 1771 ct_verify_result_.ct_policies_applied = true; |
| 1772 ct_verify_result_.ev_policy_compliance = | 1772 ct_verify_result_.ev_policy_compliance = |
| 1773 ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; | 1773 ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
| 1774 | 1774 |
| 1775 SCTList verified_scts = | 1775 SCTList verified_scts = |
| 1776 ct::SCTsMatchingStatus(ct_verify_result_.scts, ct::SCT_STATUS_OK); | 1776 ct::SCTsMatchingStatus(ct_verify_result_.scts, ct::SCT_STATUS_OK); |
| 1777 | 1777 |
| 1778 if (server_cert_verify_result_.cert_status & CERT_STATUS_IS_EV) { | 1778 if (server_cert_verify_result_.cert_status & CERT_STATUS_IS_EV) { |
| 1779 scoped_refptr<ct::EVCertsWhitelist> ev_whitelist = | 1779 scoped_refptr<ct::EVCertsWhitelist> ev_whitelist = |
| (...skipping 510 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2290 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && | 2290 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && |
| 2291 !certificate_requested_) { | 2291 !certificate_requested_) { |
| 2292 net_error = ERR_SSL_PROTOCOL_ERROR; | 2292 net_error = ERR_SSL_PROTOCOL_ERROR; |
| 2293 } | 2293 } |
| 2294 } | 2294 } |
| 2295 | 2295 |
| 2296 return net_error; | 2296 return net_error; |
| 2297 } | 2297 } |
| 2298 | 2298 |
| 2299 } // namespace net | 2299 } // namespace net |
| OLD | NEW |
