net/socket/ssl_client_socket_openssl.cc - Issue 257513008: Populate cert_key_types on OpenSSL.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_openssl.cc

Issue 257513008: Populate cert_key_types on OpenSSL. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Line length (try jobs on #8) Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_openssl.cc

diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc

index d6345f71501d2acc3e20384943045d90ebdfa846..6b14bf27510007175978e5d3902e66acfcb1ae37 100644

--- a/net/socket/ssl_client_socket_openssl.cc

+++ b/net/socket/ssl_client_socket_openssl.cc

@@ -512,6 +512,7 @@ void SSLClientSocketOpenSSL::GetSSLCertRequestInfo(

SSLCertRequestInfo* cert_request_info) {

cert_request_info->host_and_port = host_and_port_;

cert_request_info->cert_authorities = cert_authorities_;

+ cert_request_info->cert_key_types = cert_key_types_;

}

SSLClientSocket::NextProtoStatus SSLClientSocketOpenSSL::GetNextProto(

@@ -616,6 +617,7 @@ void SSLClientSocketOpenSSL::Disconnect() {

completed_handshake_ = false;

cert_authorities_.clear();

+ cert_key_types_.clear();

client_auth_cert_needed_ = false;

}

@@ -1410,7 +1412,6 @@ int SSLClientSocketOpenSSL::ClientCertRequestCallback(SSL* ssl,

DCHECK(ssl == ssl_);

DCHECK(*x509 == NULL);

DCHECK(*pkey == NULL);

-#if defined(USE_OPENSSL_CERTS)

if (!ssl_config_.send_client_cert) {

// First pass: we know that a client certificate is needed, but we do not

// have one at hand.

@@ -1426,11 +1427,21 @@ int SSLClientSocketOpenSSL::ClientCertRequestCallback(SSL* ssl,

OPENSSL_free(str);

}

+ const unsigned char* client_cert_types;

+ size_t num_client_cert_types;

+ SSL_get_client_certificate_types(ssl, &client_cert_types,

+ &num_client_cert_types);

+ for (size_t i = 0; i < num_client_cert_types; i++) {

+ cert_key_types_.push_back(

+ static_cast<SSLClientCertType>(client_cert_types[i]));

+ }

return -1; // Suspends handshake.

}

// Second pass: a client certificate should have been selected.

if (ssl_config_.client_cert.get()) {

+#if defined(USE_OPENSSL_CERTS)

// A note about ownership: FetchClientCertPrivateKey() increments

// the reference count of the EVP_PKEY. Ownership of this reference

// is passed directly to OpenSSL, which will release the reference

@@ -1446,11 +1457,11 @@ int SSLClientSocketOpenSSL::ClientCertRequestCallback(SSL* ssl,

return 1;

}

LOG(WARNING) << "Client cert found without private key";

- }

#else // !defined(USE_OPENSSL_CERTS)

- // OS handling of client certificates is not yet implemented.

- NOTIMPLEMENTED();

+ // OS handling of client certificates is not yet implemented.

+ NOTIMPLEMENTED();

#endif // defined(USE_OPENSSL_CERTS)

+ }

// Send no client certificate.

return 0;

« no previous file with comments | « net/socket/ssl_client_socket_openssl.h ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »