OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include <utility> | 10 #include <utility> |
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method())); | 260 ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method())); |
261 SSL_CTX_set_cert_verify_callback(ssl_ctx_.get(), CertVerifyCallback, NULL); | 261 SSL_CTX_set_cert_verify_callback(ssl_ctx_.get(), CertVerifyCallback, NULL); |
262 SSL_CTX_set_cert_cb(ssl_ctx_.get(), ClientCertRequestCallback, NULL); | 262 SSL_CTX_set_cert_cb(ssl_ctx_.get(), ClientCertRequestCallback, NULL); |
263 SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER, NULL); | 263 SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER, NULL); |
264 | 264 |
265 // Disable the internal session cache. Session caching is handled | 265 // Disable the internal session cache. Session caching is handled |
266 // externally (i.e. by SSLClientSessionCache). | 266 // externally (i.e. by SSLClientSessionCache). |
267 SSL_CTX_set_session_cache_mode( | 267 SSL_CTX_set_session_cache_mode( |
268 ssl_ctx_.get(), SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL); | 268 ssl_ctx_.get(), SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL); |
269 SSL_CTX_sess_set_new_cb(ssl_ctx_.get(), NewSessionCallback); | 269 SSL_CTX_sess_set_new_cb(ssl_ctx_.get(), NewSessionCallback); |
| 270 SSL_CTX_set_timeout(ssl_ctx_.get(), 1 * 60 * 60 /* one hour */); |
270 | 271 |
271 SSL_CTX_set_grease_enabled(ssl_ctx_.get(), 1); | 272 SSL_CTX_set_grease_enabled(ssl_ctx_.get(), 1); |
272 | 273 |
273 if (!SSL_CTX_add_client_custom_ext(ssl_ctx_.get(), kTbExtNum, | 274 if (!SSL_CTX_add_client_custom_ext(ssl_ctx_.get(), kTbExtNum, |
274 &TokenBindingAddCallback, | 275 &TokenBindingAddCallback, |
275 &TokenBindingFreeCallback, nullptr, | 276 &TokenBindingFreeCallback, nullptr, |
276 &TokenBindingParseCallback, nullptr)) { | 277 &TokenBindingParseCallback, nullptr)) { |
277 NOTREACHED(); | 278 NOTREACHED(); |
278 } | 279 } |
279 } | 280 } |
(...skipping 1717 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1997 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && | 1998 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && |
1998 !certificate_requested_) { | 1999 !certificate_requested_) { |
1999 net_error = ERR_SSL_PROTOCOL_ERROR; | 2000 net_error = ERR_SSL_PROTOCOL_ERROR; |
2000 } | 2001 } |
2001 } | 2002 } |
2002 | 2003 |
2003 return net_error; | 2004 return net_error; |
2004 } | 2005 } |
2005 | 2006 |
2006 } // namespace net | 2007 } // namespace net |
OLD | NEW |