OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 3296 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3307 GotoState(STATE_HANDSHAKE_COMPLETE); | 3307 GotoState(STATE_HANDSHAKE_COMPLETE); |
3308 | 3308 |
3309 LeaveFunction(rv); | 3309 LeaveFunction(rv); |
3310 return rv; | 3310 return rv; |
3311 } | 3311 } |
3312 | 3312 |
3313 int SSLClientSocketNSS::DoHandshakeComplete(int result) { | 3313 int SSLClientSocketNSS::DoHandshakeComplete(int result) { |
3314 EnterFunction(result); | 3314 EnterFunction(result); |
3315 | 3315 |
3316 if (result == OK) { | 3316 if (result == OK) { |
3317 if (ssl_config_.version_fallback && | |
3318 ssl_config_.version_max < ssl_config_.version_fallback_min) { | |
3319 return ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION; | |
davidben
2014/10/07 22:06:30
I believe we're fine, but I want to point this out
agl
2014/10/07 23:59:54
A very good point, thanks! Please see added unit t
| |
3320 } | |
3321 | |
3317 // SSL handshake is completed. Let's verify the certificate. | 3322 // SSL handshake is completed. Let's verify the certificate. |
3318 GotoState(STATE_VERIFY_CERT); | 3323 GotoState(STATE_VERIFY_CERT); |
3319 // Done! | 3324 // Done! |
3320 } | 3325 } |
3321 set_channel_id_sent(core_->state().channel_id_sent); | 3326 set_channel_id_sent(core_->state().channel_id_sent); |
3322 set_signed_cert_timestamps_received( | 3327 set_signed_cert_timestamps_received( |
3323 !core_->state().sct_list_from_tls_extension.empty()); | 3328 !core_->state().sct_list_from_tls_extension.empty()); |
3324 set_stapled_ocsp_response_received( | 3329 set_stapled_ocsp_response_received( |
3325 !core_->state().stapled_ocsp_response.empty()); | 3330 !core_->state().stapled_ocsp_response.empty()); |
3326 | 3331 |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3523 scoped_refptr<X509Certificate> | 3528 scoped_refptr<X509Certificate> |
3524 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3529 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
3525 return core_->state().server_cert.get(); | 3530 return core_->state().server_cert.get(); |
3526 } | 3531 } |
3527 | 3532 |
3528 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3533 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
3529 return channel_id_service_; | 3534 return channel_id_service_; |
3530 } | 3535 } |
3531 | 3536 |
3532 } // namespace net | 3537 } // namespace net |
OLD | NEW |