| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
| (...skipping 1336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1347 return -1; // Suspends handshake. | 1347 return -1; // Suspends handshake. |
| 1348 } | 1348 } |
| 1349 | 1349 |
| 1350 // Second pass: a client certificate should have been selected. | 1350 // Second pass: a client certificate should have been selected. |
| 1351 if (ssl_config_.client_cert.get()) { | 1351 if (ssl_config_.client_cert.get()) { |
| 1352 #if defined(USE_OPENSSL_CERTS) | 1352 #if defined(USE_OPENSSL_CERTS) |
| 1353 // A note about ownership: FetchClientCertPrivateKey() increments | 1353 // A note about ownership: FetchClientCertPrivateKey() increments |
| 1354 // the reference count of the EVP_PKEY. Ownership of this reference | 1354 // the reference count of the EVP_PKEY. Ownership of this reference |
| 1355 // is passed directly to OpenSSL, which will release the reference | 1355 // is passed directly to OpenSSL, which will release the reference |
| 1356 // using EVP_PKEY_free() when the SSL object is destroyed. | 1356 // using EVP_PKEY_free() when the SSL object is destroyed. |
| 1357 OpenSSLClientKeyStore::ScopedEVP_PKEY privkey; | 1357 crypto::ScopedEVP_PKEY privkey; |
| 1358 if (OpenSSLClientKeyStore::GetInstance()->FetchClientCertPrivateKey( | 1358 if (OpenSSLClientKeyStore::GetInstance()->FetchClientCertPrivateKey( |
| 1359 ssl_config_.client_cert.get(), &privkey)) { | 1359 ssl_config_.client_cert.get(), &privkey)) { |
| 1360 // TODO(joth): (copied from NSS) We should wait for server certificate | 1360 // TODO(joth): (copied from NSS) We should wait for server certificate |
| 1361 // verification before sending our credentials. See http://crbug.com/13934 | 1361 // verification before sending our credentials. See http://crbug.com/13934 |
| 1362 *x509 = X509Certificate::DupOSCertHandle( | 1362 *x509 = X509Certificate::DupOSCertHandle( |
| 1363 ssl_config_.client_cert->os_cert_handle()); | 1363 ssl_config_.client_cert->os_cert_handle()); |
| 1364 *pkey = privkey.release(); | 1364 *pkey = privkey.release(); |
| 1365 return 1; | 1365 return 1; |
| 1366 } | 1366 } |
| 1367 | 1367 |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1449 DVLOG(2) << "next protocol: '" << npn_proto_ << "' status: " << npn_status_; | 1449 DVLOG(2) << "next protocol: '" << npn_proto_ << "' status: " << npn_status_; |
| 1450 return SSL_TLSEXT_ERR_OK; | 1450 return SSL_TLSEXT_ERR_OK; |
| 1451 } | 1451 } |
| 1452 | 1452 |
| 1453 scoped_refptr<X509Certificate> | 1453 scoped_refptr<X509Certificate> |
| 1454 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1454 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1455 return server_cert_; | 1455 return server_cert_; |
| 1456 } | 1456 } |
| 1457 | 1457 |
| 1458 } // namespace net | 1458 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 388683002:
Switch OpenSSLClientKeyStore::ScopedEVP_PKEY to crypto::ScopedEVP_PKEY. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src