| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 1509 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1520 int SSLClientSocketOpenSSL::CertVerifyCallback(X509_STORE_CTX* store_ctx) { | 1520 int SSLClientSocketOpenSSL::CertVerifyCallback(X509_STORE_CTX* store_ctx) { |
| 1521 if (!completed_connect_) { | 1521 if (!completed_connect_) { |
| 1522 // If the first handshake hasn't completed then we accept any certificates | 1522 // If the first handshake hasn't completed then we accept any certificates |
| 1523 // because we verify after the handshake. | 1523 // because we verify after the handshake. |
| 1524 return 1; | 1524 return 1; |
| 1525 } | 1525 } |
| 1526 | 1526 |
| 1527 CHECK(server_cert_.get()); | 1527 CHECK(server_cert_.get()); |
| 1528 | 1528 |
| 1529 PeerCertificateChain chain(store_ctx->untrusted); | 1529 PeerCertificateChain chain(store_ctx->untrusted); |
| 1530 if (chain.IsValid() && server_cert_->Equals(chain.AsOSChain())) | 1530 if (chain.IsValid() && server_cert_->Equals(chain.AsOSChain().get())) |
| 1531 return 1; | 1531 return 1; |
| 1532 | 1532 |
| 1533 if (!chain.IsValid()) | 1533 if (!chain.IsValid()) |
| 1534 LOG(ERROR) << "Received invalid certificate chain between handshakes"; | 1534 LOG(ERROR) << "Received invalid certificate chain between handshakes"; |
| 1535 else | 1535 else |
| 1536 LOG(ERROR) << "Server certificate changed between handshakes"; | 1536 LOG(ERROR) << "Server certificate changed between handshakes"; |
| 1537 return 0; | 1537 return 0; |
| 1538 } | 1538 } |
| 1539 | 1539 |
| 1540 // SelectNextProtoCallback is called by OpenSSL during the handshake. If the | 1540 // SelectNextProtoCallback is called by OpenSSL during the handshake. If the |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1656 if (handshake_succeeded_ && marked_session_as_good_) | 1656 if (handshake_succeeded_ && marked_session_as_good_) |
| 1657 OnHandshakeCompletion(); | 1657 OnHandshakeCompletion(); |
| 1658 } | 1658 } |
| 1659 | 1659 |
| 1660 scoped_refptr<X509Certificate> | 1660 scoped_refptr<X509Certificate> |
| 1661 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1661 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1662 return server_cert_; | 1662 return server_cert_; |
| 1663 } | 1663 } |
| 1664 | 1664 |
| 1665 } // namespace net | 1665 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 511163002:
Net-related fixups for scoped_refptr conversion operator cleanup. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master