Chromium Code Reviews Chromium Code Reviews
Issue 418173004:
Enable and fix CRLSet and remoting tests on non-Android OpenSSL. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 926 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 937 flags |= CertVerifier::VERIFY_EV_CERT; | 937 flags |= CertVerifier::VERIFY_EV_CERT; |
| 938 if (ssl_config_.cert_io_enabled) | 938 if (ssl_config_.cert_io_enabled) |
| 939 flags |= CertVerifier::VERIFY_CERT_IO_ENABLED; | 939 flags |= CertVerifier::VERIFY_CERT_IO_ENABLED; |
| 940 if (ssl_config_.rev_checking_required_local_anchors) | 940 if (ssl_config_.rev_checking_required_local_anchors) |
| 941 flags |= CertVerifier::VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS; | 941 flags |= CertVerifier::VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS; |
| 942 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); | 942 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); |
| 943 return verifier_->Verify( | 943 return verifier_->Verify( |
| 944 server_cert_.get(), | 944 server_cert_.get(), |
| 945 host_and_port_.host(), | 945 host_and_port_.host(), |
| 946 flags, | 946 flags, |
| 947 NULL /* no CRL set */, | 947 #if defined(OS_NACL) |
| 948 // NaCl doesn't build the SSLConfigService. | |
| 949 // | |
| 950 // TODO(davidben): Route the CRLSet through SSLConfig so | |
| 951 // SSLClientSocket doesn't depend on SSLConfigService. | |
|
Ryan Sleevi
2014/08/04 23:48:46
File a bug against a TODO like this?
No clue why
davidben
2014/08/06 00:02:27
Filed https://code.google.com/p/chromium/issues/de
| |
| 952 NULL, | |
| 953 #else | |
| 954 SSLConfigService::GetCRLSet().get(), | |
| 955 #endif | |
| 948 &server_cert_verify_result_, | 956 &server_cert_verify_result_, |
| 949 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, | 957 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, |
| 950 base::Unretained(this)), | 958 base::Unretained(this)), |
| 951 net_log_); | 959 net_log_); |
| 952 } | 960 } |
| 953 | 961 |
| 954 int SSLClientSocketOpenSSL::DoVerifyCertComplete(int result) { | 962 int SSLClientSocketOpenSSL::DoVerifyCertComplete(int result) { |
| 955 verifier_.reset(); | 963 verifier_.reset(); |
| 956 | 964 |
| 957 if (result == OK) { | 965 if (result == OK) { |
| (...skipping 550 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1508 return socket->MaybeReplayTransportError( | 1516 return socket->MaybeReplayTransportError( |
| 1509 bio, cmd, argp, argi, argl, retvalue); | 1517 bio, cmd, argp, argi, argl, retvalue); |
| 1510 } | 1518 } |
| 1511 | 1519 |
| 1512 scoped_refptr<X509Certificate> | 1520 scoped_refptr<X509Certificate> |
| 1513 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1521 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1514 return server_cert_; | 1522 return server_cert_; |
| 1515 } | 1523 } |
| 1516 | 1524 |
| 1517 } // namespace net | 1525 } // namespace net |
| OLD | NEW |
