| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/ssl.h> | 10 #include <openssl/ssl.h> |
| (...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 373 } | 373 } |
| 374 long set_mask; | 374 long set_mask; |
| 375 long clear_mask; | 375 long clear_mask; |
| 376 }; | 376 }; |
| 377 | 377 |
| 378 } // namespace | 378 } // namespace |
| 379 | 379 |
| 380 SSLClientSocketOpenSSL::SSLClientSocketOpenSSL( | 380 SSLClientSocketOpenSSL::SSLClientSocketOpenSSL( |
| 381 ClientSocketHandle* transport_socket, | 381 ClientSocketHandle* transport_socket, |
| 382 const HostPortPair& host_and_port, | 382 const HostPortPair& host_and_port, |
| 383 const SSLConfig& ssl_config) | 383 const SSLConfig& ssl_config, |
| 384 CertVerifier* cert_verifier) |
| 384 : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_( | 385 : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_( |
| 385 this, &SSLClientSocketOpenSSL::BufferSendComplete)), | 386 this, &SSLClientSocketOpenSSL::BufferSendComplete)), |
| 386 ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_( | 387 ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_( |
| 387 this, &SSLClientSocketOpenSSL::BufferRecvComplete)), | 388 this, &SSLClientSocketOpenSSL::BufferRecvComplete)), |
| 388 transport_send_busy_(false), | 389 transport_send_busy_(false), |
| 389 transport_recv_busy_(false), | 390 transport_recv_busy_(false), |
| 390 user_connect_callback_(NULL), | 391 user_connect_callback_(NULL), |
| 391 user_read_callback_(NULL), | 392 user_read_callback_(NULL), |
| 392 user_write_callback_(NULL), | 393 user_write_callback_(NULL), |
| 393 completed_handshake_(false), | 394 completed_handshake_(false), |
| 394 client_auth_cert_needed_(false), | 395 client_auth_cert_needed_(false), |
| 396 cert_verifier_(cert_verifier), |
| 395 ALLOW_THIS_IN_INITIALIZER_LIST(handshake_io_callback_( | 397 ALLOW_THIS_IN_INITIALIZER_LIST(handshake_io_callback_( |
| 396 this, &SSLClientSocketOpenSSL::OnHandshakeIOComplete)), | 398 this, &SSLClientSocketOpenSSL::OnHandshakeIOComplete)), |
| 397 ssl_(NULL), | 399 ssl_(NULL), |
| 398 transport_bio_(NULL), | 400 transport_bio_(NULL), |
| 399 transport_(transport_socket), | 401 transport_(transport_socket), |
| 400 host_and_port_(host_and_port), | 402 host_and_port_(host_and_port), |
| 401 ssl_config_(ssl_config), | 403 ssl_config_(ssl_config), |
| 402 trying_cached_session_(false), | 404 trying_cached_session_(false), |
| 403 npn_status_(kNextProtoUnsupported), | 405 npn_status_(kNextProtoUnsupported), |
| 404 net_log_(transport_socket->socket()->NetLog()) { | 406 net_log_(transport_socket->socket()->NetLog()) { |
| (...skipping 401 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 806 | 808 |
| 807 int SSLClientSocketOpenSSL::DoVerifyCert(int result) { | 809 int SSLClientSocketOpenSSL::DoVerifyCert(int result) { |
| 808 DCHECK(server_cert_); | 810 DCHECK(server_cert_); |
| 809 GotoState(STATE_VERIFY_CERT_COMPLETE); | 811 GotoState(STATE_VERIFY_CERT_COMPLETE); |
| 810 int flags = 0; | 812 int flags = 0; |
| 811 | 813 |
| 812 if (ssl_config_.rev_checking_enabled) | 814 if (ssl_config_.rev_checking_enabled) |
| 813 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; | 815 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; |
| 814 if (ssl_config_.verify_ev_cert) | 816 if (ssl_config_.verify_ev_cert) |
| 815 flags |= X509Certificate::VERIFY_EV_CERT; | 817 flags |= X509Certificate::VERIFY_EV_CERT; |
| 816 verifier_.reset(new CertVerifier); | 818 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); |
| 817 return verifier_->Verify(server_cert_, host_and_port_.host(), flags, | 819 return verifier_->Verify(server_cert_, host_and_port_.host(), flags, |
| 818 &server_cert_verify_result_, | 820 &server_cert_verify_result_, |
| 819 &handshake_io_callback_); | 821 &handshake_io_callback_); |
| 820 } | 822 } |
| 821 | 823 |
| 822 int SSLClientSocketOpenSSL::DoVerifyCertComplete(int result) { | 824 int SSLClientSocketOpenSSL::DoVerifyCertComplete(int result) { |
| 823 verifier_.reset(); | 825 verifier_.reset(); |
| 824 | 826 |
| 825 if (result == OK) { | 827 if (result == OK) { |
| 826 // TODO(joth): Work out if we need to remember the intermediate CA certs | 828 // TODO(joth): Work out if we need to remember the intermediate CA certs |
| (...skipping 354 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1181 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); | 1183 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); |
| 1182 | 1184 |
| 1183 if (rv >= 0) | 1185 if (rv >= 0) |
| 1184 return rv; | 1186 return rv; |
| 1185 | 1187 |
| 1186 int err = SSL_get_error(ssl_, rv); | 1188 int err = SSL_get_error(ssl_, rv); |
| 1187 return MapOpenSSLError(err, err_tracer); | 1189 return MapOpenSSLError(err, err_tracer); |
| 1188 } | 1190 } |
| 1189 | 1191 |
| 1190 } // namespace net | 1192 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5386001:
Cache certificate verification results in memory. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/