OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 3335 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3346 GotoState(STATE_HANDSHAKE_COMPLETE); | 3346 GotoState(STATE_HANDSHAKE_COMPLETE); |
3347 | 3347 |
3348 LeaveFunction(rv); | 3348 LeaveFunction(rv); |
3349 return rv; | 3349 return rv; |
3350 } | 3350 } |
3351 | 3351 |
3352 int SSLClientSocketNSS::DoHandshakeComplete(int result) { | 3352 int SSLClientSocketNSS::DoHandshakeComplete(int result) { |
3353 EnterFunction(result); | 3353 EnterFunction(result); |
3354 | 3354 |
3355 if (result == OK) { | 3355 if (result == OK) { |
| 3356 if (ssl_config_.version_fallback && |
| 3357 ssl_config_.version_max < ssl_config_.version_fallback_min) { |
| 3358 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; |
| 3359 } |
| 3360 |
3356 // SSL handshake is completed. Let's verify the certificate. | 3361 // SSL handshake is completed. Let's verify the certificate. |
3357 GotoState(STATE_VERIFY_CERT); | 3362 GotoState(STATE_VERIFY_CERT); |
3358 // Done! | 3363 // Done! |
3359 } | 3364 } |
3360 set_channel_id_sent(core_->state().channel_id_sent); | 3365 set_channel_id_sent(core_->state().channel_id_sent); |
3361 set_signed_cert_timestamps_received( | 3366 set_signed_cert_timestamps_received( |
3362 !core_->state().sct_list_from_tls_extension.empty()); | 3367 !core_->state().sct_list_from_tls_extension.empty()); |
3363 set_stapled_ocsp_response_received( | 3368 set_stapled_ocsp_response_received( |
3364 !core_->state().stapled_ocsp_response.empty()); | 3369 !core_->state().stapled_ocsp_response.empty()); |
3365 set_negotiation_extension(core_->state().negotiation_extension_); | 3370 set_negotiation_extension(core_->state().negotiation_extension_); |
(...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3563 scoped_refptr<X509Certificate> | 3568 scoped_refptr<X509Certificate> |
3564 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3569 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
3565 return core_->state().server_cert.get(); | 3570 return core_->state().server_cert.get(); |
3566 } | 3571 } |
3567 | 3572 |
3568 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3573 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
3569 return channel_id_service_; | 3574 return channel_id_service_; |
3570 } | 3575 } |
3571 | 3576 |
3572 } // namespace net | 3577 } // namespace net |
OLD | NEW |