| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_server_socket_openssl.h" | 5 #include "net/socket/ssl_server_socket_openssl.h" |
| 6 | 6 |
| 7 #include <openssl/err.h> | 7 #include <openssl/err.h> |
| 8 #include <openssl/ssl.h> | 8 #include <openssl/ssl.h> |
| 9 | 9 |
| 10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
| (...skipping 598 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 609 // 0 => use default buffer sizes. | 609 // 0 => use default buffer sizes. |
| 610 if (!BIO_new_bio_pair(&ssl_bio, 0, &transport_bio_, 0)) | 610 if (!BIO_new_bio_pair(&ssl_bio, 0, &transport_bio_, 0)) |
| 611 return ERR_UNEXPECTED; | 611 return ERR_UNEXPECTED; |
| 612 DCHECK(ssl_bio); | 612 DCHECK(ssl_bio); |
| 613 DCHECK(transport_bio_); | 613 DCHECK(transport_bio_); |
| 614 | 614 |
| 615 SSL_set_bio(ssl_, ssl_bio, ssl_bio); | 615 SSL_set_bio(ssl_, ssl_bio, ssl_bio); |
| 616 | 616 |
| 617 // Set certificate and private key. | 617 // Set certificate and private key. |
| 618 DCHECK(cert_->os_cert_handle()); | 618 DCHECK(cert_->os_cert_handle()); |
| 619 #if defined(USE_OPENSSL_CERTS) |
| 619 if (SSL_use_certificate(ssl_, cert_->os_cert_handle()) != 1) { | 620 if (SSL_use_certificate(ssl_, cert_->os_cert_handle()) != 1) { |
| 620 LOG(ERROR) << "Cannot set certificate."; | 621 LOG(ERROR) << "Cannot set certificate."; |
| 621 return ERR_UNEXPECTED; | 622 return ERR_UNEXPECTED; |
| 622 } | 623 } |
| 624 #else |
| 625 // Convert OSCertHandle to X509 structure. |
| 626 std::string der_string; |
| 627 if (!X509Certificate::GetDEREncoded(cert_->os_cert_handle(), &der_string)) |
| 628 return ERR_UNEXPECTED; |
| 629 |
| 630 const unsigned char* der_string_array = |
| 631 reinterpret_cast<const unsigned char*>(der_string.data()); |
| 632 |
| 633 crypto::ScopedOpenSSL<X509, X509_free> |
| 634 x509(d2i_X509(NULL, &der_string_array, der_string.length())); |
| 635 if (!x509.get()) |
| 636 return ERR_UNEXPECTED; |
| 637 |
| 638 // On success, SSL_use_certificate acquires a reference to |x509|. |
| 639 if (SSL_use_certificate(ssl_, x509.get()) != 1) { |
| 640 LOG(ERROR) << "Cannot set certificate."; |
| 641 return ERR_UNEXPECTED; |
| 642 } |
| 643 #endif // USE_OPENSSL_CERTS |
| 623 | 644 |
| 624 DCHECK(key_->key()); | 645 DCHECK(key_->key()); |
| 625 if (SSL_use_PrivateKey(ssl_, key_->key()) != 1) { | 646 if (SSL_use_PrivateKey(ssl_, key_->key()) != 1) { |
| 626 LOG(ERROR) << "Cannot set private key."; | 647 LOG(ERROR) << "Cannot set private key."; |
| 627 return ERR_UNEXPECTED; | 648 return ERR_UNEXPECTED; |
| 628 } | 649 } |
| 629 | 650 |
| 630 // OpenSSL defaults some options to on, others to off. To avoid ambiguity, | 651 // OpenSSL defaults some options to on, others to off. To avoid ambiguity, |
| 631 // set everything we care about to an absolute value. | 652 // set everything we care about to an absolute value. |
| 632 SslSetClearMask options; | 653 SslSetClearMask options; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 655 | 676 |
| 656 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); | 677 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); |
| 657 | 678 |
| 658 SSL_set_mode(ssl_, mode.set_mask); | 679 SSL_set_mode(ssl_, mode.set_mask); |
| 659 SSL_clear_mode(ssl_, mode.clear_mask); | 680 SSL_clear_mode(ssl_, mode.clear_mask); |
| 660 | 681 |
| 661 return OK; | 682 return OK; |
| 662 } | 683 } |
| 663 | 684 |
| 664 } // namespace net | 685 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 329143002:
Compile fix for OpenSSL on Mac and Windows (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master