Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(766)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/openssl_ssl_util.cc

Issue 2729733002: Roll src/third_party/boringssl/src be2ee342d..a58baaf9e (Closed)
Patch Set: roll further Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « DEPS ('k') | net/ssl/ssl_client_session_cache.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/openssl_ssl_util.h" 5 #include "net/ssl/openssl_ssl_util.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
89 case SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE: 89 case SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE:
90 return ERR_SSL_DECOMPRESSION_FAILURE_ALERT; 90 return ERR_SSL_DECOMPRESSION_FAILURE_ALERT;
91 case SSL_R_SSLV3_ALERT_BAD_RECORD_MAC: 91 case SSL_R_SSLV3_ALERT_BAD_RECORD_MAC:
92 return ERR_SSL_BAD_RECORD_MAC_ALERT; 92 return ERR_SSL_BAD_RECORD_MAC_ALERT;
93 case SSL_R_TLSV1_ALERT_DECRYPT_ERROR: 93 case SSL_R_TLSV1_ALERT_DECRYPT_ERROR:
94 return ERR_SSL_DECRYPT_ERROR_ALERT; 94 return ERR_SSL_DECRYPT_ERROR_ALERT;
95 case SSL_R_TLSV1_UNRECOGNIZED_NAME: 95 case SSL_R_TLSV1_UNRECOGNIZED_NAME:
96 return ERR_SSL_UNRECOGNIZED_NAME_ALERT; 96 return ERR_SSL_UNRECOGNIZED_NAME_ALERT;
97 case SSL_R_BAD_DH_P_LENGTH: 97 case SSL_R_BAD_DH_P_LENGTH:
98 return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY; 98 return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY;
99 case SSL_R_SERVER_CERT_CHANGED:
100 return ERR_SSL_SERVER_CERT_CHANGED;
99 case SSL_R_CERTIFICATE_VERIFY_FAILED: 101 case SSL_R_CERTIFICATE_VERIFY_FAILED:
100 // The only way that the certificate verify callback can fail is if 102 // The only way that the certificate verify callback can fail is if
101 // the leaf certificate changed during a renegotiation. 103 // the leaf certificate changed during a renegotiation.
104 //
105 // TODO(davidben): This check has since moved within BoringSSL. Remove the
106 // Chromium-side machinery for it.
102 return ERR_SSL_SERVER_CERT_CHANGED; 107 return ERR_SSL_SERVER_CERT_CHANGED;
103 // SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE may be returned from the server after 108 // SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE may be returned from the server after
104 // receiving ClientHello if there's no common supported cipher. Map that 109 // receiving ClientHello if there's no common supported cipher. Map that
105 // specific case to ERR_SSL_VERSION_OR_CIPHER_MISMATCH to match the NSS 110 // specific case to ERR_SSL_VERSION_OR_CIPHER_MISMATCH to match the NSS
106 // implementation. See https://goo.gl/oMtZW and https://crbug.com/446505. 111 // implementation. See https://goo.gl/oMtZW and https://crbug.com/446505.
107 case SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE: { 112 case SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE: {
108 uint32_t previous = ERR_peek_error(); 113 uint32_t previous = ERR_peek_error();
109 if (previous != 0 && ERR_GET_LIB(previous) == ERR_LIB_SSL && 114 if (previous != 0 && ERR_GET_LIB(previous) == ERR_LIB_SSL &&
110 ERR_GET_REASON(previous) == SSL_R_HANDSHAKE_FAILURE_ON_CLIENT_HELLO) { 115 ERR_GET_REASON(previous) == SSL_R_HANDSHAKE_FAILURE_ON_CLIENT_HELLO) {
111 return ERR_SSL_VERSION_OR_CIPHER_MISMATCH; 116 return ERR_SSL_VERSION_OR_CIPHER_MISMATCH;
(...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after
241 for (size_t i = 0; i < os_handles.size(); i++) { 246 for (size_t i = 0; i < os_handles.size(); i++) {
242 bssl::UniquePtr<X509> x509 = OSCertHandleToOpenSSL(os_handles[i]); 247 bssl::UniquePtr<X509> x509 = OSCertHandleToOpenSSL(os_handles[i]);
243 if (!x509) 248 if (!x509)
244 return nullptr; 249 return nullptr;
245 sk_X509_push(stack.get(), x509.release()); 250 sk_X509_push(stack.get(), x509.release());
246 } 251 }
247 return stack; 252 return stack;
248 } 253 }
249 254
250 } // namespace net 255 } // namespace net
OLDNEW
« no previous file with comments | « DEPS ('k') | net/ssl/ssl_client_session_cache.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698