| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 3335 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3346 GotoState(STATE_HANDSHAKE_COMPLETE); | 3346 GotoState(STATE_HANDSHAKE_COMPLETE); |
| 3347 | 3347 |
| 3348 LeaveFunction(rv); | 3348 LeaveFunction(rv); |
| 3349 return rv; | 3349 return rv; |
| 3350 } | 3350 } |
| 3351 | 3351 |
| 3352 int SSLClientSocketNSS::DoHandshakeComplete(int result) { | 3352 int SSLClientSocketNSS::DoHandshakeComplete(int result) { |
| 3353 EnterFunction(result); | 3353 EnterFunction(result); |
| 3354 | 3354 |
| 3355 if (result == OK) { | 3355 if (result == OK) { |
| 3356 if (ssl_config_.version_fallback && |
| 3357 ssl_config_.version_max < ssl_config_.version_fallback_min) { |
| 3358 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; |
| 3359 } |
| 3360 |
| 3356 // SSL handshake is completed. Let's verify the certificate. | 3361 // SSL handshake is completed. Let's verify the certificate. |
| 3357 GotoState(STATE_VERIFY_CERT); | 3362 GotoState(STATE_VERIFY_CERT); |
| 3358 // Done! | 3363 // Done! |
| 3359 } | 3364 } |
| 3360 set_channel_id_sent(core_->state().channel_id_sent); | 3365 set_channel_id_sent(core_->state().channel_id_sent); |
| 3361 set_signed_cert_timestamps_received( | 3366 set_signed_cert_timestamps_received( |
| 3362 !core_->state().sct_list_from_tls_extension.empty()); | 3367 !core_->state().sct_list_from_tls_extension.empty()); |
| 3363 set_stapled_ocsp_response_received( | 3368 set_stapled_ocsp_response_received( |
| 3364 !core_->state().stapled_ocsp_response.empty()); | 3369 !core_->state().stapled_ocsp_response.empty()); |
| 3365 set_negotiation_extension(core_->state().negotiation_extension_); | 3370 set_negotiation_extension(core_->state().negotiation_extension_); |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3563 scoped_refptr<X509Certificate> | 3568 scoped_refptr<X509Certificate> |
| 3564 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3569 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3565 return core_->state().server_cert.get(); | 3570 return core_->state().server_cert.get(); |
| 3566 } | 3571 } |
| 3567 | 3572 |
| 3568 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3573 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
| 3569 return channel_id_service_; | 3574 return channel_id_service_; |
| 3570 } | 3575 } |
| 3571 | 3576 |
| 3572 } // namespace net | 3577 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 619463002:
net: disable SSLv3 fallback. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master