OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_verify_proc_openssl.h" | 5 #include "net/cert/cert_verify_proc_openssl.h" |
6 | 6 |
7 #include <openssl/x509v3.h> | 7 #include <openssl/x509v3.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
165 | 165 |
166 int CertVerifyProcOpenSSL::VerifyInternal( | 166 int CertVerifyProcOpenSSL::VerifyInternal( |
167 X509Certificate* cert, | 167 X509Certificate* cert, |
168 const std::string& hostname, | 168 const std::string& hostname, |
169 int flags, | 169 int flags, |
170 CRLSet* crl_set, | 170 CRLSet* crl_set, |
171 const CertificateList& additional_trust_anchors, | 171 const CertificateList& additional_trust_anchors, |
172 CertVerifyResult* verify_result) { | 172 CertVerifyResult* verify_result) { |
173 crypto::EnsureOpenSSLInit(); | 173 crypto::EnsureOpenSSLInit(); |
174 | 174 |
175 if (!cert->VerifyNameMatch(hostname)) | 175 if (!cert->VerifyNameMatch(hostname, |
| 176 &verify_result->common_name_fallback_used)) { |
176 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; | 177 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; |
| 178 } |
177 | 179 |
178 crypto::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( | 180 crypto::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( |
179 X509_STORE_CTX_new()); | 181 X509_STORE_CTX_new()); |
180 | 182 |
181 crypto::ScopedOpenSSL<STACK_OF(X509), sk_X509_free_fn> intermediates( | 183 crypto::ScopedOpenSSL<STACK_OF(X509), sk_X509_free_fn> intermediates( |
182 sk_X509_new_null()); | 184 sk_X509_new_null()); |
183 if (!intermediates.get()) | 185 if (!intermediates.get()) |
184 return ERR_OUT_OF_MEMORY; | 186 return ERR_OUT_OF_MEMORY; |
185 | 187 |
186 const X509Certificate::OSCertHandles& os_intermediates = | 188 const X509Certificate::OSCertHandles& os_intermediates = |
(...skipping 30 matching lines...) Expand all Loading... |
217 // TODO(joth): if the motivations described in | 219 // TODO(joth): if the motivations described in |
218 // http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 become an | 220 // http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 become an |
219 // issue on OpenSSL builds, we will need to embed a hardcoded list of well | 221 // issue on OpenSSL builds, we will need to embed a hardcoded list of well |
220 // known root CAs, as per the _mac and _win versions. | 222 // known root CAs, as per the _mac and _win versions. |
221 verify_result->is_issued_by_known_root = true; | 223 verify_result->is_issued_by_known_root = true; |
222 | 224 |
223 return OK; | 225 return OK; |
224 } | 226 } |
225 | 227 |
226 } // namespace net | 228 } // namespace net |
OLD | NEW |