OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket_impl.h" | 5 #include "net/socket/ssl_client_socket_impl.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <openssl/bio.h> | 8 #include <openssl/bio.h> |
9 #include <openssl/bytestring.h> | 9 #include <openssl/bytestring.h> |
10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
(...skipping 1783 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1794 server_cert_verify_result_.cert_status &= ~CERT_STATUS_IS_EV; | 1794 server_cert_verify_result_.cert_status &= ~CERT_STATUS_IS_EV; |
1795 } | 1795 } |
1796 } | 1796 } |
1797 ct_verify_result_.cert_policy_compliance = | 1797 ct_verify_result_.cert_policy_compliance = |
1798 policy_enforcer_->DoesConformToCertPolicy( | 1798 policy_enforcer_->DoesConformToCertPolicy( |
1799 server_cert_verify_result_.verified_cert.get(), verified_scts, | 1799 server_cert_verify_result_.verified_cert.get(), verified_scts, |
1800 net_log_); | 1800 net_log_); |
1801 | 1801 |
1802 if (ct_verify_result_.cert_policy_compliance != | 1802 if (ct_verify_result_.cert_policy_compliance != |
1803 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS && | 1803 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS && |
| 1804 ct_verify_result_.cert_policy_compliance != |
| 1805 ct::CertPolicyCompliance::CERT_POLICY_BUILD_NOT_TIMELY && |
1804 transport_security_state_->ShouldRequireCT( | 1806 transport_security_state_->ShouldRequireCT( |
1805 host_and_port_.host(), server_cert_verify_result_.verified_cert.get(), | 1807 host_and_port_.host(), server_cert_verify_result_.verified_cert.get(), |
1806 server_cert_verify_result_.public_key_hashes)) { | 1808 server_cert_verify_result_.public_key_hashes)) { |
1807 server_cert_verify_result_.cert_status |= | 1809 server_cert_verify_result_.cert_status |= |
1808 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED; | 1810 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED; |
1809 return ERR_CERTIFICATE_TRANSPARENCY_REQUIRED; | 1811 return ERR_CERTIFICATE_TRANSPARENCY_REQUIRED; |
1810 } | 1812 } |
1811 | 1813 |
1812 return OK; | 1814 return OK; |
1813 } | 1815 } |
(...skipping 476 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2290 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && | 2292 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && |
2291 !certificate_requested_) { | 2293 !certificate_requested_) { |
2292 net_error = ERR_SSL_PROTOCOL_ERROR; | 2294 net_error = ERR_SSL_PROTOCOL_ERROR; |
2293 } | 2295 } |
2294 } | 2296 } |
2295 | 2297 |
2296 return net_error; | 2298 return net_error; |
2297 } | 2299 } |
2298 | 2300 |
2299 } // namespace net | 2301 } // namespace net |
OLD | NEW |