net/third_party/nss/ssl/sslauth.c - Issue 2828002: Support for using OS-native certificates for SSL client auth....

Side by Side Diff: net/third_party/nss/ssl/sslauth.c

Issue 2828002: Support for using OS-native certificates for SSL client auth.... (Closed) Base URL: http://src.chromium.org/svn/trunk/src/

Patch Set: Add a short-circuit when the CSP reports the container is not removable Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /* *** BEGIN LICENSE BLOCK ***	1 /* *** BEGIN LICENSE BLOCK ***

2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

3 *	3 *

4 * The contents of this file are subject to the Mozilla Public License Version	4 * The contents of this file are subject to the Mozilla Public License Version

5 * 1.1 (the "License"); you may not use this file except in compliance with	5 * 1.1 (the "License"); you may not use this file except in compliance with

6 * the License. You may obtain a copy of the License at	6 * the License. You may obtain a copy of the License at

7 * http://www.mozilla.org/MPL/	7 * http://www.mozilla.org/MPL/

8 *	8 *

9 * Software distributed under the License is distributed on an "AS IS" basis,	9 * Software distributed under the License is distributed on an "AS IS" basis,

10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License	10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License

(...skipping 234 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
245 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",	245 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",

246 SSL_GETPID(), s));	246 SSL_GETPID(), s));

247 return SECFailure;	247 return SECFailure;

248 }	248 }

249	249

250 ss->getClientAuthData = func;	250 ss->getClientAuthData = func;

251 ss->getClientAuthDataArg = arg;	251 ss->getClientAuthDataArg = arg;

252 return SECSuccess;	252 return SECSuccess;

253 }	253 }

254	254

	255 #ifdef NSS_PLATFORM_CLIENT_AUTH

	256 /* NEED LOCKS IN HERE. */

	257 SECStatus

	258 SSL_GetPlatformClientAuthDataHook(PRFileDesc *s,

	259 SSLGetPlatformClientAuthData func,

	260 void *arg)

	261 {

	262 sslSocket *ss;

	263

	264 ss = ssl_FindSocket(s);

	265 if (!ss) {

	266 SSL_DBG(("%d: SSL[%d]: bad socket in GetPlatformClientAuthDataHook",

	267 SSL_GETPID(), s));

	268 return SECFailure;

	269 }

	270

	271 ss->getPlatformClientAuthData = func;

	272 ss->getPlatformClientAuthDataArg = arg;

	273 return SECSuccess;

	274 }

	275 #endif /* NSS_PLATFORM_CLIENT_AUTH */

	276

255 /* NEED LOCKS IN HERE. */	277 /* NEED LOCKS IN HERE. */

256 SECStatus	278 SECStatus

257 SSL_SetPKCS11PinArg(PRFileDesc s, void arg)	279 SSL_SetPKCS11PinArg(PRFileDesc s, void arg)

258 {	280 {

259 sslSocket *ss;	281 sslSocket *ss;

260	282

261 ss = ssl_FindSocket(s);	283 ss = ssl_FindSocket(s);

262 if (!ss) {	284 if (!ss) {

263 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",	285 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",

264 SSL_GETPID(), s));	286 SSL_GETPID(), s));

(...skipping 42 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
307 hostname = ss->url;	329 hostname = ss->url;

308 if (hostname && hostname[0])	330 if (hostname && hostname[0])

309 rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);	331 rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);

310 else	332 else

311 rv = SECFailure;	333 rv = SECFailure;

312 if (rv != SECSuccess)	334 if (rv != SECSuccess)

313 PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);	335 PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);

314	336

315 return rv;	337 return rv;

316 }	338 }

OLD	NEW

« no previous file with comments | « net/third_party/nss/ssl/ssl3ext.c ('k') | net/third_party/nss/ssl/sslimpl.h » ('j') | no next file with comments »