| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 741 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 752 command.append(name); | 752 command.append(name); |
| 753 } | 753 } |
| 754 } | 754 } |
| 755 int rv = SSL_set_cipher_list(ssl_, command.c_str()); | 755 int rv = SSL_set_cipher_list(ssl_, command.c_str()); |
| 756 // If this fails (rv = 0) it means there are no ciphers enabled on this SSL. | 756 // If this fails (rv = 0) it means there are no ciphers enabled on this SSL. |
| 757 // This will almost certainly result in the socket failing to complete the | 757 // This will almost certainly result in the socket failing to complete the |
| 758 // handshake at which point the appropriate error is bubbled up to the client. | 758 // handshake at which point the appropriate error is bubbled up to the client. |
| 759 LOG_IF(WARNING, rv != 1) << "SSL_set_cipher_list('" << command << "') " | 759 LOG_IF(WARNING, rv != 1) << "SSL_set_cipher_list('" << command << "') " |
| 760 "returned " << rv; | 760 "returned " << rv; |
| 761 | 761 |
| 762 if (ssl_config_.version_fallback) |
| 763 SSL_enable_fallback_scsv(ssl_); |
| 764 |
| 762 // TLS channel ids. | 765 // TLS channel ids. |
| 763 if (IsChannelIDEnabled(ssl_config_, channel_id_service_)) { | 766 if (IsChannelIDEnabled(ssl_config_, channel_id_service_)) { |
| 764 SSL_enable_tls_channel_id(ssl_); | 767 SSL_enable_tls_channel_id(ssl_); |
| 765 } | 768 } |
| 766 | 769 |
| 767 return OK; | 770 return OK; |
| 768 } | 771 } |
| 769 | 772 |
| 770 void SSLClientSocketOpenSSL::DoReadCallback(int rv) { | 773 void SSLClientSocketOpenSSL::DoReadCallback(int rv) { |
| 771 // Since Run may result in Read being called, clear |user_read_callback_| | 774 // Since Run may result in Read being called, clear |user_read_callback_| |
| (...skipping 733 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1505 return socket->MaybeReplayTransportError( | 1508 return socket->MaybeReplayTransportError( |
| 1506 bio, cmd, argp, argi, argl, retvalue); | 1509 bio, cmd, argp, argi, argl, retvalue); |
| 1507 } | 1510 } |
| 1508 | 1511 |
| 1509 scoped_refptr<X509Certificate> | 1512 scoped_refptr<X509Certificate> |
| 1510 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1513 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1511 return server_cert_; | 1514 return server_cert_; |
| 1512 } | 1515 } |
| 1513 | 1516 |
| 1514 } // namespace net | 1517 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 418553003:
Implement TLS_FALLBACK_SCSV for SSLClientSocketOpenSSL. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src