runtime/bin/security_context_fuchsia.cc - Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: runtime/bin/security_context_fuchsia.cc

Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX (Closed)

Patch Set: Addressed nits, confirmed change works on Windows Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: runtime/bin/security_context_fuchsia.cc

diff --git a/runtime/bin/security_context_fuchsia.cc b/runtime/bin/security_context_fuchsia.cc

new file mode 100644

index 0000000000000000000000000000000000000000..c49476bd6c59ef02db551d8735a33c66c840ba67

--- /dev/null

+++ b/runtime/bin/security_context_fuchsia.cc

@@ -0,0 +1,67 @@

+// BSD-style license that can be found in the LICENSE file.

+#if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED)

+#include "platform/globals.h"

+#if defined(HOST_OS_FUCHSIA)

+#include "bin/security_context.h"

+#include <openssl/bio.h>

+#include <openssl/ssl.h>

+#include <openssl/x509.h>

+#include "bin/directory.h"

+#include "bin/file.h"

+#include "bin/log.h"

+#include "bin/secure_socket_filter.h"

+#include "bin/secure_socket_utils.h"

+namespace dart {

+namespace bin {

+// The security context won't necessarily use the compiled-in root certificates,

+// but since there is no way to update the size of the allocation after creating

+// the weak persistent handle, we assume that it will. Note that when the

+// root certs aren't compiled in, |root_certificates_pem_length| is 0.

+const intptr_t SSLCertContext::kApproximateSize =

+ sizeof(SSLCertContext) + root_certificates_pem_length;

+const char* commandline_root_certs_file = NULL;

+const char* commandline_root_certs_cache = NULL;

+void SSLCertContext::TrustBuiltinRoots() {

+ // First, try to use locations specified on the command line.

+ if (commandline_root_certs_file != NULL) {

+ LoadRootCertFile(commandline_root_certs_file);

+ return;

+ }

+ if (commandline_root_certs_cache != NULL) {

+ LoadRootCertCache(commandline_root_certs_cache);

+ return;

+ }

+ // Fall back on the compiled-in certs if the standard locations don't exist,

+ // or we aren't on Linux.

+ if (SSL_LOG_STATUS) {

+ Log::Print("Trusting compiled-in roots\n");

+ }

+ AddCompiledInCerts();

+void SSLCertContext::RegisterCallbacks(SSL* ssl) {

+ // No callbacks to register for implementations using BoringSSL's built-in

+ // verification mechanism.

+} // namespace bin

+} // namespace dart

+#endif // defined(HOST_OS_FUCHSIA)

+#endif // !defined(DART_IO_DISABLED) &&

+ // !defined(DART_IO_SECURE_SOCKET_DISABLED)

« no previous file with comments | « runtime/bin/security_context_android.cc ('k') | runtime/bin/security_context_linux.cc » ('j') | no next file with comments »