Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(826)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: runtime/bin/secure_socket_boringssl.cc

Issue 2519133005: Enable SecureSocket on Fuchsia using BoringSSL (Closed)
Patch Set: . Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « runtime/bin/secure_socket.h ('k') | runtime/tests/vm/dart/hello_fuchsia_test.dart » ('j') | runtime/tests/vm/dart/hello_fuchsia_test.dart » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: runtime/bin/secure_socket_boringssl.cc
diff --git a/runtime/bin/secure_socket_boringssl.cc b/runtime/bin/secure_socket_boringssl.cc
index 68d68ee2ee0c71d99becb23c5f60780c82a47e8f..98258494515cf33de3d77d042aa89845dc26a875 100644
--- a/runtime/bin/secure_socket_boringssl.cc
+++ b/runtime/bin/secure_socket_boringssl.cc
@@ -6,7 +6,7 @@
#include "platform/globals.h"
#if defined(TARGET_OS_ANDROID) || defined(TARGET_OS_LINUX) || \
- defined(TARGET_OS_WINDOWS)
+ defined(TARGET_OS_WINDOWS) || defined(TARGET_OS_FUCHSIA)
#include "bin/secure_socket.h"
#include "bin/secure_socket_boringssl.h"
@@ -59,7 +59,7 @@ static const int kSSLFilterNativeFieldIndex = 0;
static const int kSecurityContextNativeFieldIndex = 0;
static const int kX509NativeFieldIndex = 0;
-static const bool SSL_LOG_STATUS = false;
+static const bool SSL_LOG_STATUS = true;
siva 2016/11/23 18:36:04 Something you turned on for debugging and not need
rmacnak 2016/11/23 18:43:02 Flipped back off.
static const bool SSL_LOG_DATA = false;
static const int SSL_ERROR_MESSAGE_BUFFER_SIZE = 1000;
@@ -766,6 +766,9 @@ void FUNCTION_NAME(SecurityContext_AlpnSupported)(Dart_NativeArguments args) {
static void AddCompiledInCerts(SSLContext* context) {
if (root_certificates_pem == NULL) {
+ if (SSL_LOG_STATUS) {
+ Log::Print("Missing compiled-in roots\n");
+ }
return;
}
X509_STORE* store = SSL_CTX_get_cert_store(context->context());
@@ -800,7 +803,7 @@ static void LoadRootCertFile(SSLContext* context, const char* file) {
ThrowIOException(-1, "TlsException", "Failed to find root cert file");
}
int status = SSL_CTX_load_verify_locations(context->context(), file, NULL);
- CheckStatus(status, "TlsException", "Failure trusting builtint roots");
+ CheckStatus(status, "TlsException", "Failure trusting builtin roots");
if (SSL_LOG_STATUS) {
Log::Print("Trusting roots from: %s\n", file);
}
@@ -815,7 +818,7 @@ static void LoadRootCertCache(SSLContext* context, const char* cache) {
ThrowIOException(-1, "TlsException", "Failed to find root cert cache");
}
int status = SSL_CTX_load_verify_locations(context->context(), NULL, cache);
- CheckStatus(status, "TlsException", "Failure trusting builtint roots");
+ CheckStatus(status, "TlsException", "Failure trusting builtin roots");
if (SSL_LOG_STATUS) {
Log::Print("Trusting roots from: %s\n", cache);
}
@@ -869,10 +872,10 @@ void FUNCTION_NAME(SecurityContext_TrustBuiltinRoots)(
// Fall back on the compiled-in certs if the standard locations don't exist,
// or we aren't on Linux.
- AddCompiledInCerts(context);
if (SSL_LOG_STATUS) {
Log::Print("Trusting compiled-in roots\n");
}
+ AddCompiledInCerts(context);
}
« no previous file with comments | « runtime/bin/secure_socket.h ('k') | runtime/tests/vm/dart/hello_fuchsia_test.dart » ('j') | runtime/tests/vm/dart/hello_fuchsia_test.dart » ('J')

Powered by Google App Engine
This is Rietveld 408576698