OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket_win.h" | 5 #include "net/socket/ssl_client_socket_win.h" |
6 | 6 |
7 #include <schnlsp.h> | 7 #include <schnlsp.h> |
8 | 8 |
9 #include "base/compiler_specific.h" | 9 #include "base/compiler_specific.h" |
10 #include "base/lock.h" | 10 #include "base/lock.h" |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
64 return OK; | 64 return OK; |
65 default: | 65 default: |
66 LOG(WARNING) << "Unknown error " << err << " mapped to net::ERR_FAILED"; | 66 LOG(WARNING) << "Unknown error " << err << " mapped to net::ERR_FAILED"; |
67 return ERR_FAILED; | 67 return ERR_FAILED; |
68 } | 68 } |
69 } | 69 } |
70 | 70 |
71 //----------------------------------------------------------------------------- | 71 //----------------------------------------------------------------------------- |
72 | 72 |
73 // A bitmask consisting of these bit flags encodes which versions of the SSL | 73 // A bitmask consisting of these bit flags encodes which versions of the SSL |
74 // protocol (SSL 2.0, SSL 3.0, and TLS 1.0) are enabled. | 74 // protocol (SSL 2.0, SSL 3.0, and TLS 1.0) are enabled and whether OTR mode |
75 // is enabled (this permits a separate session id cache for OTR mode). | |
75 enum { | 76 enum { |
76 SSL2 = 1 << 0, | 77 SSL2 = 1 << 0, |
77 SSL3 = 1 << 1, | 78 SSL3 = 1 << 1, |
78 TLS1 = 1 << 2, | 79 TLS1 = 1 << 2, |
79 SSL_VERSION_MASKS = 1 << 3 // The number of SSL version bitmasks. | 80 OTR_MODE = 1 << 3, |
davidben
2010/07/26 21:31:33
OTR_MODE doesn't make much sense as a member of SS
| |
81 SSL_VERSION_MASKS = 1 << 4 // The number of SSL version bitmasks. | |
80 }; | 82 }; |
81 | 83 |
82 // CredHandleClass simply gives a default constructor and a destructor to | 84 // CredHandleClass simply gives a default constructor and a destructor to |
83 // SSPI's CredHandle type (a C struct). | 85 // SSPI's CredHandle type (a C struct). |
84 class CredHandleClass : public CredHandle { | 86 class CredHandleClass : public CredHandle { |
85 public: | 87 public: |
86 CredHandleClass() { | 88 CredHandleClass() { |
87 dwLower = 0; | 89 dwLower = 0; |
88 dwUpper = 0; | 90 dwUpper = 0; |
89 } | 91 } |
(...skipping 367 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
457 } | 459 } |
458 | 460 |
459 int SSLClientSocketWin::InitializeSSLContext() { | 461 int SSLClientSocketWin::InitializeSSLContext() { |
460 int ssl_version_mask = 0; | 462 int ssl_version_mask = 0; |
461 if (ssl_config_.ssl2_enabled) | 463 if (ssl_config_.ssl2_enabled) |
462 ssl_version_mask |= SSL2; | 464 ssl_version_mask |= SSL2; |
463 if (ssl_config_.ssl3_enabled) | 465 if (ssl_config_.ssl3_enabled) |
464 ssl_version_mask |= SSL3; | 466 ssl_version_mask |= SSL3; |
465 if (ssl_config_.tls1_enabled) | 467 if (ssl_config_.tls1_enabled) |
466 ssl_version_mask |= TLS1; | 468 ssl_version_mask |= TLS1; |
469 if (ssl_config_.otr_mode) | |
470 ssl_version_mask |= OTR_MODE; | |
467 // If we pass 0 to GetCredHandle, we will let Schannel select the protocols, | 471 // If we pass 0 to GetCredHandle, we will let Schannel select the protocols, |
468 // rather than enabling no protocols. So we have to fail here. | 472 // rather than enabling no protocols. So we have to fail here. |
469 if (ssl_version_mask == 0) | 473 if (ssl_version_mask == 0) |
470 return ERR_NO_SSL_VERSIONS_ENABLED; | 474 return ERR_NO_SSL_VERSIONS_ENABLED; |
471 PCCERT_CONTEXT cert_context = NULL; | 475 PCCERT_CONTEXT cert_context = NULL; |
472 if (ssl_config_.client_cert) | 476 if (ssl_config_.client_cert) |
473 cert_context = ssl_config_.client_cert->os_cert_handle(); | 477 cert_context = ssl_config_.client_cert->os_cert_handle(); |
474 creds_ = GetCredHandle(cert_context, ssl_version_mask); | 478 creds_ = GetCredHandle(cert_context, ssl_version_mask); |
475 | 479 |
476 memset(&ctxt_, 0, sizeof(ctxt_)); | 480 memset(&ctxt_, 0, sizeof(ctxt_)); |
(...skipping 866 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1343 UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2_CA); | 1347 UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2_CA); |
1344 } | 1348 } |
1345 | 1349 |
1346 void SSLClientSocketWin::FreeSendBuffer() { | 1350 void SSLClientSocketWin::FreeSendBuffer() { |
1347 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); | 1351 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); |
1348 DCHECK(status == SEC_E_OK); | 1352 DCHECK(status == SEC_E_OK); |
1349 memset(&send_buffer_, 0, sizeof(send_buffer_)); | 1353 memset(&send_buffer_, 0, sizeof(send_buffer_)); |
1350 } | 1354 } |
1351 | 1355 |
1352 } // namespace net | 1356 } // namespace net |
OLD | NEW |