OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 741 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
752 command.append(name); | 752 command.append(name); |
753 } | 753 } |
754 } | 754 } |
755 int rv = SSL_set_cipher_list(ssl_, command.c_str()); | 755 int rv = SSL_set_cipher_list(ssl_, command.c_str()); |
756 // If this fails (rv = 0) it means there are no ciphers enabled on this SSL. | 756 // If this fails (rv = 0) it means there are no ciphers enabled on this SSL. |
757 // This will almost certainly result in the socket failing to complete the | 757 // This will almost certainly result in the socket failing to complete the |
758 // handshake at which point the appropriate error is bubbled up to the client. | 758 // handshake at which point the appropriate error is bubbled up to the client. |
759 LOG_IF(WARNING, rv != 1) << "SSL_set_cipher_list('" << command << "') " | 759 LOG_IF(WARNING, rv != 1) << "SSL_set_cipher_list('" << command << "') " |
760 "returned " << rv; | 760 "returned " << rv; |
761 | 761 |
| 762 if (ssl_config_.version_fallback) |
| 763 SSL_enable_fallback_scsv(ssl_); |
| 764 |
762 // TLS channel ids. | 765 // TLS channel ids. |
763 if (IsChannelIDEnabled(ssl_config_, channel_id_service_)) { | 766 if (IsChannelIDEnabled(ssl_config_, channel_id_service_)) { |
764 SSL_enable_tls_channel_id(ssl_); | 767 SSL_enable_tls_channel_id(ssl_); |
765 } | 768 } |
766 | 769 |
767 return OK; | 770 return OK; |
768 } | 771 } |
769 | 772 |
770 void SSLClientSocketOpenSSL::DoReadCallback(int rv) { | 773 void SSLClientSocketOpenSSL::DoReadCallback(int rv) { |
771 // Since Run may result in Read being called, clear |user_read_callback_| | 774 // Since Run may result in Read being called, clear |user_read_callback_| |
(...skipping 733 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1505 return socket->MaybeReplayTransportError( | 1508 return socket->MaybeReplayTransportError( |
1506 bio, cmd, argp, argi, argl, retvalue); | 1509 bio, cmd, argp, argi, argl, retvalue); |
1507 } | 1510 } |
1508 | 1511 |
1509 scoped_refptr<X509Certificate> | 1512 scoped_refptr<X509Certificate> |
1510 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1513 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
1511 return server_cert_; | 1514 return server_cert_; |
1512 } | 1515 } |
1513 | 1516 |
1514 } // namespace net | 1517 } // namespace net |
OLD | NEW |