net/ssl/client_cert_store_nss.cc - Issue 266243004: Clang format slam.

Side by Side Diff: net/ssl/client_cert_store_nss.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/ssl/client_cert_store_nss.h"	5 #include "net/ssl/client_cert_store_nss.h"

6	6

7 #include <nss.h>	7 #include <nss.h>

8 #include <ssl.h>	8 #include <ssl.h>

9	9

10 #include "base/bind.h"	10 #include "base/bind.h"

11 #include "base/location.h"	11 #include "base/location.h"

12 #include "base/logging.h"	12 #include "base/logging.h"

13 #include "base/memory/scoped_ptr.h"	13 #include "base/memory/scoped_ptr.h"

14 #include "base/strings/string_piece.h"	14 #include "base/strings/string_piece.h"

15 #include "base/threading/worker_pool.h"	15 #include "base/threading/worker_pool.h"

16 #include "crypto/nss_crypto_module_delegate.h"	16 #include "crypto/nss_crypto_module_delegate.h"

17 #include "net/cert/x509_util.h"	17 #include "net/cert/x509_util.h"

18	18

19 namespace net {	19 namespace net {

20	20

21 ClientCertStoreNSS::ClientCertStoreNSS(	21 ClientCertStoreNSS::ClientCertStoreNSS(

22 const PasswordDelegateFactory& password_delegate_factory)	22 const PasswordDelegateFactory& password_delegate_factory)

23 : password_delegate_factory_(password_delegate_factory) {}	23 : password_delegate_factory_(password_delegate_factory) {

	24 }

24	25

25 ClientCertStoreNSS::~ClientCertStoreNSS() {}	26 ClientCertStoreNSS::~ClientCertStoreNSS() {

	27 }

26	28

27 void ClientCertStoreNSS::GetClientCerts(const SSLCertRequestInfo& request,	29 void ClientCertStoreNSS::GetClientCerts(const SSLCertRequestInfo& request,

28 CertificateList* selected_certs,	30 CertificateList* selected_certs,

29 const base::Closure& callback) {	31 const base::Closure& callback) {

30 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> password_delegate;	32 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> password_delegate;

31 if (!password_delegate_factory_.is_null()) {	33 if (!password_delegate_factory_.is_null()) {

32 password_delegate.reset(	34 password_delegate.reset(

33 password_delegate_factory_.Run(request.host_and_port));	35 password_delegate_factory_.Run(request.host_and_port));

34 }	36 }

35 if (base::WorkerPool::PostTaskAndReply(	37 if (base::WorkerPool::PostTaskAndReply(

36 FROM_HERE,	38 FROM_HERE,

37 base::Bind(&ClientCertStoreNSS::GetClientCertsOnWorkerThread,	39 base::Bind(&ClientCertStoreNSS::GetClientCertsOnWorkerThread,

38 // Caller is responsible for keeping the ClientCertStore	40 // Caller is responsible for keeping the ClientCertStore

39 // alive until the callback is run.	41 // alive until the callback is run.

(...skipping 48 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
88 DVLOG(2) << "skipped expired cert: "	90 DVLOG(2) << "skipped expired cert: "

89 << base::StringPiece(node->cert->nickname);	91 << base::StringPiece(node->cert->nickname);

90 continue;	92 continue;

91 }	93 }

92	94

93 scoped_refptr<X509Certificate> cert = X509Certificate::CreateFromHandle(	95 scoped_refptr<X509Certificate> cert = X509Certificate::CreateFromHandle(

94 node->cert, X509Certificate::OSCertHandles());	96 node->cert, X509Certificate::OSCertHandles());

95	97

96 // Check if the certificate issuer is allowed by the server.	98 // Check if the certificate issuer is allowed by the server.

97 if (request.cert_authorities.empty() \|\|	99 if (request.cert_authorities.empty() \|\|

98 (!query_nssdb &&	100 (!query_nssdb && cert->IsIssuedByEncoded(request.cert_authorities)) \|\|

99 cert->IsIssuedByEncoded(request.cert_authorities)) \|\|

100 (query_nssdb &&	101 (query_nssdb &&

101 NSS_CmpCertChainWCANames(node->cert, &ca_names) == SECSuccess)) {	102 NSS_CmpCertChainWCANames(node->cert, &ca_names) == SECSuccess)) {

102 DVLOG(2) << "matched cert: " << base::StringPiece(node->cert->nickname);	103 DVLOG(2) << "matched cert: " << base::StringPiece(node->cert->nickname);

103 selected_certs->push_back(cert);	104 selected_certs->push_back(cert);

104 }	105 } else

105 else

106 DVLOG(2) << "skipped non-matching cert: "	106 DVLOG(2) << "skipped non-matching cert: "

107 << base::StringPiece(node->cert->nickname);	107 << base::StringPiece(node->cert->nickname);

108 }	108 }

109 DVLOG(2) << "num_raw:" << num_raw	109 DVLOG(2) << "num_raw:" << num_raw

110 << " num_selected:" << selected_certs->size();	110 << " num_selected:" << selected_certs->size();

111	111

112 std::sort(selected_certs->begin(), selected_certs->end(),	112 std::sort(selected_certs->begin(),

	113 selected_certs->end(),

113 x509_util::ClientCertSorter());	114 x509_util::ClientCertSorter());

114 }	115 }

115	116

116 void ClientCertStoreNSS::GetClientCertsOnWorkerThread(	117 void ClientCertStoreNSS::GetClientCertsOnWorkerThread(

117 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> password_delegate,	118 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> password_delegate,

118 const SSLCertRequestInfo* request,	119 const SSLCertRequestInfo* request,

119 CertificateList* selected_certs) {	120 CertificateList* selected_certs) {

120 CERTCertList* client_certs = CERT_FindUserCertsByUsage(	121 CERTCertList* client_certs =

121 CERT_GetDefaultCertDB(),	122 CERT_FindUserCertsByUsage(CERT_GetDefaultCertDB(),

122 certUsageSSLClient,	123 certUsageSSLClient,

123 PR_FALSE,	124 PR_FALSE,

124 PR_FALSE,	125 PR_FALSE,

125 password_delegate.get());	126 password_delegate.get());

126 // It is ok for a user not to have any client certs.	127 // It is ok for a user not to have any client certs.

127 if (!client_certs) {	128 if (!client_certs) {

128 DVLOG(2) << "No client certs found.";	129 DVLOG(2) << "No client certs found.";

129 selected_certs->clear();	130 selected_certs->clear();

130 return;	131 return;

131 }	132 }

132	133

133 GetClientCertsImpl(client_certs, *request, true, selected_certs);	134 GetClientCertsImpl(client_certs, *request, true, selected_certs);

134 CERT_DestroyCertList(client_certs);	135 CERT_DestroyCertList(client_certs);

135 }	136 }

136	137

137 bool ClientCertStoreNSS::SelectClientCertsForTesting(	138 bool ClientCertStoreNSS::SelectClientCertsForTesting(

138 const CertificateList& input_certs,	139 const CertificateList& input_certs,

139 const SSLCertRequestInfo& request,	140 const SSLCertRequestInfo& request,

140 CertificateList* selected_certs) {	141 CertificateList* selected_certs) {

141 CERTCertList* cert_list = CERT_NewCertList();	142 CERTCertList* cert_list = CERT_NewCertList();

142 if (!cert_list)	143 if (!cert_list)

143 return false;	144 return false;

144 for (size_t i = 0; i < input_certs.size(); ++i) {	145 for (size_t i = 0; i < input_certs.size(); ++i) {

145 CERT_AddCertToListTail(	146 CERT_AddCertToListTail(

146 cert_list, CERT_DupCertificate(input_certs[i]->os_cert_handle()));	147 cert_list, CERT_DupCertificate(input_certs[i]->os_cert_handle()));

147 }	148 }

148	149

149 GetClientCertsImpl(cert_list, request, false, selected_certs);	150 GetClientCertsImpl(cert_list, request, false, selected_certs);

150 CERT_DestroyCertList(cert_list);	151 CERT_DestroyCertList(cert_list);

151 return true;	152 return true;

152 }	153 }

153	154

154 } // namespace net	155 } // namespace net

OLD	NEW

« net/base/mime_util_unittest.cc ('K') | « net/ssl/client_cert_store_mac_unittest.cc ('k') | net/ssl/client_cert_store_unittest-inl.h » ('j') | no next file with comments »