| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/tools/flip_server/spdy_ssl.h" | 5 #include "net/tools/flip_server/spdy_ssl.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "openssl/err.h" | 8 #include "openssl/err.h" |
| 9 #include "openssl/ssl.h" | 9 #include "openssl/ssl.h" |
| 10 | 10 |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 73 | 73 |
| 74 VLOG(1) << "SSL CTX session expiry: " << session_expiration_time | 74 VLOG(1) << "SSL CTX session expiry: " << session_expiration_time |
| 75 << " seconds"; | 75 << " seconds"; |
| 76 SSL_CTX_set_timeout(state->ssl_ctx, session_expiration_time); | 76 SSL_CTX_set_timeout(state->ssl_ctx, session_expiration_time); |
| 77 | 77 |
| 78 #ifdef SSL_MODE_RELEASE_BUFFERS | 78 #ifdef SSL_MODE_RELEASE_BUFFERS |
| 79 VLOG(1) << "SSL CTX: Setting Release Buffers mode."; | 79 VLOG(1) << "SSL CTX: Setting Release Buffers mode."; |
| 80 SSL_CTX_set_mode(state->ssl_ctx, SSL_MODE_RELEASE_BUFFERS); | 80 SSL_CTX_set_mode(state->ssl_ctx, SSL_MODE_RELEASE_BUFFERS); |
| 81 #endif | 81 #endif |
| 82 | 82 |
| 83 #if !defined(OPENSSL_IS_BORINGSSL) |
| 83 // Proper methods to disable compression don't exist until 0.9.9+. For now | 84 // Proper methods to disable compression don't exist until 0.9.9+. For now |
| 84 // we must manipulate the stack of compression methods directly. | 85 // we must manipulate the stack of compression methods directly. |
| 85 if (disable_ssl_compression) { | 86 if (disable_ssl_compression) { |
| 86 STACK_OF(SSL_COMP)* ssl_comp_methods = SSL_COMP_get_compression_methods(); | 87 STACK_OF(SSL_COMP)* ssl_comp_methods = SSL_COMP_get_compression_methods(); |
| 87 int num_methods = sk_SSL_COMP_num(ssl_comp_methods); | 88 int num_methods = sk_SSL_COMP_num(ssl_comp_methods); |
| 88 int i; | 89 int i; |
| 89 for (i = 0; i < num_methods; i++) { | 90 for (i = 0; i < num_methods; i++) { |
| 90 static_cast<void>(sk_SSL_COMP_delete(ssl_comp_methods, i)); | 91 static_cast<void>(sk_SSL_COMP_delete(ssl_comp_methods, i)); |
| 91 } | 92 } |
| 92 } | 93 } |
| 94 #endif |
| 93 } | 95 } |
| 94 | 96 |
| 95 SSL* CreateSSLContext(SSL_CTX* ssl_ctx) { | 97 SSL* CreateSSLContext(SSL_CTX* ssl_ctx) { |
| 96 SSL* ssl = SSL_new(ssl_ctx); | 98 SSL* ssl = SSL_new(ssl_ctx); |
| 97 SSL_set_accept_state(ssl); | 99 SSL_set_accept_state(ssl); |
| 98 PrintSslError(); | 100 PrintSslError(); |
| 99 return ssl; | 101 return ssl; |
| 100 } | 102 } |
| 101 | 103 |
| 102 void PrintSslError() { | 104 void PrintSslError() { |
| 103 char buf[128]; // this buffer must be at least 120 chars long. | 105 char buf[128]; // this buffer must be at least 120 chars long. |
| 104 int error_num = ERR_get_error(); | 106 int error_num = ERR_get_error(); |
| 105 while (error_num != 0) { | 107 while (error_num != 0) { |
| 106 ERR_error_string_n(error_num, buf, sizeof(buf)); | 108 ERR_error_string_n(error_num, buf, sizeof(buf)); |
| 107 LOG(ERROR) << buf; | 109 LOG(ERROR) << buf; |
| 108 error_num = ERR_get_error(); | 110 error_num = ERR_get_error(); |
| 109 } | 111 } |
| 110 } | 112 } |
| 111 | 113 |
| 112 } // namespace net | 114 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
