Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(209)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 441823002: Support intermediate certificates for OpenSSL client auth. (Closed)

Created:
6 years, 4 months ago by davidben
Modified:
6 years, 4 months ago
Reviewers:
agl, Ryan Sleevi
CC:
chromium-reviews, cbentzel+watch_chromium.org
Project:
chromium
Visibility:
Public.

Description

Support intermediate certificates for OpenSSL client auth. Change the client auth callback to the 'cert_cb' callback which leaves the callback in charge of installing the certificate, private key, etc. This lets us attach a certificate chain. BUG=393323 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=289834

Patch Set 1 #

Patch Set 2 : Use cert_cb #

Total comments: 6

Patch Set 3 : sleevi comments #

Total comments: 2

Patch Set 4 : agl comment #

Unified diffs Side-by-side diffs Delta from patch set Stats (+42 lines, -23 lines) Patch
M net/socket/ssl_client_socket_openssl.h View 1 2 1 chunk +1 line, -1 line 0 comments Download
M net/socket/ssl_client_socket_openssl.cc View 1 2 3 10 chunks +41 lines, -22 lines 0 comments Download

Messages

Total messages: 9 (0 generated)
davidben
Turns out I was wrong and our Mac code actually does support intermediates, so we ...
6 years, 4 months ago (2014-08-13 23:20:05 UTC) #1
davidben
Tested manually with certificates generated from net/data/ssl/scripts/generate-client-certificates.sh. (Did client_[12].pk2 never get checked in? I couldn't ...
6 years, 4 months ago (2014-08-13 23:21:50 UTC) #2
Ryan Sleevi
Gonna defer to Adam on this one. Looks right to me, but he's more familiar ...
6 years, 4 months ago (2014-08-14 01:27:18 UTC) #3
davidben
https://codereview.chromium.org/441823002/diff/20001/net/socket/ssl_client_socket_openssl.cc File net/socket/ssl_client_socket_openssl.cc (right): https://codereview.chromium.org/441823002/diff/20001/net/socket/ssl_client_socket_openssl.cc#newcode60 net/socket/ssl_client_socket_openssl.cc:60: void FreeX509Stack(STACK_OF(X509) * ptr) { On 2014/08/14 01:27:17, Ryan ...
6 years, 4 months ago (2014-08-14 16:50:16 UTC) #4
agl
lgtm https://codereview.chromium.org/441823002/diff/40001/net/socket/ssl_client_socket_openssl.cc File net/socket/ssl_client_socket_openssl.cc (right): https://codereview.chromium.org/441823002/diff/40001/net/socket/ssl_client_socket_openssl.cc#newcode179 net/socket/ssl_client_socket_openssl.cc:179: CHECK(socket); could probably be a DCHECK.
6 years, 4 months ago (2014-08-14 17:06:46 UTC) #5
davidben
https://codereview.chromium.org/441823002/diff/40001/net/socket/ssl_client_socket_openssl.cc File net/socket/ssl_client_socket_openssl.cc (right): https://codereview.chromium.org/441823002/diff/40001/net/socket/ssl_client_socket_openssl.cc#newcode179 net/socket/ssl_client_socket_openssl.cc:179: CHECK(socket); On 2014/08/14 17:06:46, agl wrote: > could probably ...
6 years, 4 months ago (2014-08-14 17:50:07 UTC) #6
davidben
The CQ bit was checked by davidben@chromium.org
6 years, 4 months ago (2014-08-14 17:50:15 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/davidben@chromium.org/441823002/60001
6 years, 4 months ago (2014-08-14 17:52:54 UTC) #8
commit-bot: I haz the power
6 years, 4 months ago (2014-08-15 09:38:32 UTC) #9
Message was sent while issue was closed. 
Committed patchset #4 (60001) as 289834

Powered by Google App Engine
This is Rietveld 408576698