OLD | NEW |
1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED) | 5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED) |
6 | 6 |
7 #include "bin/security_context.h" | 7 #include "bin/security_context.h" |
8 | 8 |
9 #include <openssl/bio.h> | 9 #include <openssl/bio.h> |
10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
(...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
221 // file, or that the file isn't PEM. In the first case, status will be | 221 // file, or that the file isn't PEM. In the first case, status will be |
222 // non-zero indicating success. In the second case, status will be 0, | 222 // non-zero indicating success. In the second case, status will be 0, |
223 // indicating that we should try to read as PKCS12. If there is some other | 223 // indicating that we should try to read as PKCS12. If there is some other |
224 // error, we return it up to the caller. | 224 // error, we return it up to the caller. |
225 return SecureSocketUtils::NoPEMStartLine() ? status : 0; | 225 return SecureSocketUtils::NoPEMStartLine() ? status : 0; |
226 } | 226 } |
227 | 227 |
228 | 228 |
229 void SSLCertContext::SetTrustedCertificatesBytes(Dart_Handle cert_bytes, | 229 void SSLCertContext::SetTrustedCertificatesBytes(Dart_Handle cert_bytes, |
230 const char* password) { | 230 const char* password) { |
231 ScopedMemBIO bio(cert_bytes); | 231 int status = 0; |
232 int status = SetTrustedCertificatesBytesPEM(context(), bio.bio()); | 232 { |
233 if (status == 0) { | 233 ScopedMemBIO bio(cert_bytes); |
234 if (SecureSocketUtils::NoPEMStartLine()) { | 234 status = SetTrustedCertificatesBytesPEM(context(), bio.bio()); |
| 235 if (status == 0) { |
| 236 if (SecureSocketUtils::NoPEMStartLine()) { |
| 237 ERR_clear_error(); |
| 238 BIO_reset(bio.bio()); |
| 239 status = |
| 240 SetTrustedCertificatesBytesPKCS12(context(), bio.bio(), password); |
| 241 } |
| 242 } else { |
| 243 // The PEM file was successfully parsed. |
235 ERR_clear_error(); | 244 ERR_clear_error(); |
236 BIO_reset(bio.bio()); | |
237 status = | |
238 SetTrustedCertificatesBytesPKCS12(context(), bio.bio(), password); | |
239 } | 245 } |
240 } else { | |
241 // The PEM file was successfully parsed. | |
242 ERR_clear_error(); | |
243 } | 246 } |
244 | |
245 SecureSocketUtils::CheckStatus(status, "TlsException", | 247 SecureSocketUtils::CheckStatus(status, "TlsException", |
246 "Failure trusting builtin roots"); | 248 "Failure trusting builtin roots"); |
247 } | 249 } |
248 | 250 |
249 | 251 |
250 static int SetClientAuthoritiesPKCS12(SSL_CTX* context, | 252 static int SetClientAuthoritiesPKCS12(SSL_CTX* context, |
251 BIO* bio, | 253 BIO* bio, |
252 const char* password) { | 254 const char* password) { |
253 ScopedPKCS12 p12(d2i_PKCS12_bio(bio, NULL)); | 255 ScopedPKCS12 p12(d2i_PKCS12_bio(bio, NULL)); |
254 if (p12.get() == NULL) { | 256 if (p12.get() == NULL) { |
(...skipping 600 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
855 Dart_ThrowException(DartUtils::NewDartArgumentError( | 857 Dart_ThrowException(DartUtils::NewDartArgumentError( |
856 "Non-boolean is_server argument passed to SetAlpnProtocols")); | 858 "Non-boolean is_server argument passed to SetAlpnProtocols")); |
857 } | 859 } |
858 } | 860 } |
859 | 861 |
860 } // namespace bin | 862 } // namespace bin |
861 } // namespace dart | 863 } // namespace dart |
862 | 864 |
863 #endif // !defined(DART_IO_DISABLED) && | 865 #endif // !defined(DART_IO_DISABLED) && |
864 // !defined(DART_IO_SECURE_SOCKET_DISABLED) | 866 // !defined(DART_IO_SECURE_SOCKET_DISABLED) |
OLD | NEW |