net/socket/ssl_client_socket_nss.cc - Issue 25107004: Change SSL_PeerCertificateChain to return a CERTCertList.

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 25107004: Change SSL_PeerCertificateChain to return a CERTCertList. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Sync Created 7 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived	5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived

6 // from AuthCertificateCallback() in	6 // from AuthCertificateCallback() in

7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.	7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.

8	8

9 /* *** BEGIN LICENSE BLOCK ***	9 /* *** BEGIN LICENSE BLOCK ***

10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

(...skipping 362 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
373 }	373 }

374	374

375 void PeerCertificateChain::Reset(PRFileDesc* nss_fd) {	375 void PeerCertificateChain::Reset(PRFileDesc* nss_fd) {

376 for (size_t i = 0; i < certs_.size(); ++i)	376 for (size_t i = 0; i < certs_.size(); ++i)

377 CERT_DestroyCertificate(certs_[i]);	377 CERT_DestroyCertificate(certs_[i]);

378 certs_.clear();	378 certs_.clear();

379	379

380 if (nss_fd == NULL)	380 if (nss_fd == NULL)

381 return;	381 return;

382	382

383 unsigned int num_certs = 0;	383 CERTCertList* list = SSL_PeerCertificateChain(nss_fd);

384 SECStatus rv = SSL_PeerCertificateChain(nss_fd, NULL, &num_certs, 0);

385 DCHECK_EQ(SECSuccess, rv);

386

387 // The handshake on \|nss_fd\| may not have completed.	384 // The handshake on \|nss_fd\| may not have completed.

388 if (num_certs == 0)	385 if (list == NULL)

389 return;	386 return;

390	387

391 certs_.resize(num_certs);	388 for (CERTCertListNode* node = CERT_LIST_HEAD(list);

392 const unsigned int expected_num_certs = num_certs;	389 !CERT_LIST_END(node, list); node = CERT_LIST_NEXT(node)) {

393 rv = SSL_PeerCertificateChain(nss_fd, vector_as_array(&certs_),	390 certs_.push_back(CERT_DupCertificate(node->cert));

394 &num_certs, expected_num_certs);	391 }

395 DCHECK_EQ(SECSuccess, rv);	392 CERT_DestroyCertList(list);

396 DCHECK_EQ(expected_num_certs, num_certs);

397 }	393 }

398	394

399 std::vector<base::StringPiece>	395 std::vector<base::StringPiece>

400 PeerCertificateChain::AsStringPieceVector() const {	396 PeerCertificateChain::AsStringPieceVector() const {

401 std::vector<base::StringPiece> v(certs_.size());	397 std::vector<base::StringPiece> v(certs_.size());

402 for (unsigned i = 0; i < certs_.size(); i++) {	398 for (unsigned i = 0; i < certs_.size(); i++) {

403 v[i] = base::StringPiece(	399 v[i] = base::StringPiece(

404 reinterpret_cast<const char*>(certs_[i]->derCert.data),	400 reinterpret_cast<const char*>(certs_[i]->derCert.data),

405 certs_[i]->derCert.len);	401 certs_[i]->derCert.len);

406 }	402 }

(...skipping 3087 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
3494 EnsureThreadIdAssigned();	3490 EnsureThreadIdAssigned();

3495 base::AutoLock auto_lock(lock_);	3491 base::AutoLock auto_lock(lock_);

3496 return valid_thread_id_ == base::PlatformThread::CurrentId();	3492 return valid_thread_id_ == base::PlatformThread::CurrentId();

3497 }	3493 }

3498	3494

3499 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {	3495 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {

3500 return server_bound_cert_service_;	3496 return server_bound_cert_service_;

3501 }	3497 }

3502	3498

3503 } // namespace net	3499 } // namespace net

OLD	NEW

« no previous file with comments | « no previous file | net/third_party/nss/README.chromium » ('j') | no next file with comments »