Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(65)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_impl.cc

Issue 2682413003: Add a CRYPTO_BUFFER_POOL to SSLClientSocketImpl. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_util_openssl.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket_impl.h" 5 #include "net/socket/ssl_client_socket_impl.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
(...skipping 274 matching lines...) Expand 10 before | Expand all | Expand 10 after
285 285
286 // Disable the internal session cache. Session caching is handled 286 // Disable the internal session cache. Session caching is handled
287 // externally (i.e. by SSLClientSessionCache). 287 // externally (i.e. by SSLClientSessionCache).
288 SSL_CTX_set_session_cache_mode( 288 SSL_CTX_set_session_cache_mode(
289 ssl_ctx_.get(), SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL); 289 ssl_ctx_.get(), SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL);
290 SSL_CTX_sess_set_new_cb(ssl_ctx_.get(), NewSessionCallback); 290 SSL_CTX_sess_set_new_cb(ssl_ctx_.get(), NewSessionCallback);
291 SSL_CTX_set_timeout(ssl_ctx_.get(), 1 * 60 * 60 /* one hour */); 291 SSL_CTX_set_timeout(ssl_ctx_.get(), 1 * 60 * 60 /* one hour */);
292 292
293 SSL_CTX_set_grease_enabled(ssl_ctx_.get(), 1); 293 SSL_CTX_set_grease_enabled(ssl_ctx_.get(), 1);
294 294
295 // Deduplicate all certificates minted from the SSL_CTX in memory.
296 SSL_CTX_set0_buffer_pool(ssl_ctx_.get(), x509_util::GetBufferPool());
297
295 if (base::FeatureList::IsEnabled(kShortRecordHeaderFeature)) { 298 if (base::FeatureList::IsEnabled(kShortRecordHeaderFeature)) {
296 SSL_CTX_set_short_header_enabled(ssl_ctx_.get(), 1); 299 SSL_CTX_set_short_header_enabled(ssl_ctx_.get(), 1);
297 } 300 }
298 301
299 if (!SSL_CTX_add_client_custom_ext(ssl_ctx_.get(), kTbExtNum, 302 if (!SSL_CTX_add_client_custom_ext(ssl_ctx_.get(), kTbExtNum,
300 &TokenBindingAddCallback, 303 &TokenBindingAddCallback,
301 &TokenBindingFreeCallback, nullptr, 304 &TokenBindingFreeCallback, nullptr,
302 &TokenBindingParseCallback, nullptr)) { 305 &TokenBindingParseCallback, nullptr)) {
303 NOTREACHED(); 306 NOTREACHED();
304 } 307 }
(...skipping 1735 matching lines...) Expand 10 before | Expand all | Expand 10 after
2040 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED && 2043 if (ERR_GET_REASON(info->error_code) == SSL_R_TLSV1_ALERT_ACCESS_DENIED &&
2041 !certificate_requested_) { 2044 !certificate_requested_) {
2042 net_error = ERR_SSL_PROTOCOL_ERROR; 2045 net_error = ERR_SSL_PROTOCOL_ERROR;
2043 } 2046 }
2044 } 2047 }
2045 2048
2046 return net_error; 2049 return net_error;
2047 } 2050 }
2048 2051
2049 } // namespace net 2052 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_util_openssl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698