| OLD | NEW |
|---|
| 1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_mac.h" | 5 #include "net/socket/ssl_client_socket_mac.h" |
| 6 | 6 |
| 7 #include <CoreServices/CoreServices.h> | 7 #include <CoreServices/CoreServices.h> |
| 8 | 8 |
| 9 #include "base/scoped_cftyperef.h" | 9 #include "base/scoped_cftyperef.h" |
| 10 #include "base/singleton.h" | 10 #include "base/singleton.h" |
| (...skipping 708 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 719 // the server certificate and then re-enter that handshake (assuming the | 719 // the server certificate and then re-enter that handshake (assuming the |
| 720 // certificate successfully validated). | 720 // certificate successfully validated). |
| 721 // | 721 // |
| 722 // If SSLSetSessionOption() is not present, we do not enable session | 722 // If SSLSetSessionOption() is not present, we do not enable session |
| 723 // resumption, because in that case we are verifying the server's certificate | 723 // resumption, because in that case we are verifying the server's certificate |
| 724 // after the handshake completes (but before any application data is | 724 // after the handshake completes (but before any application data is |
| 725 // exchanged). If we were to enable session resumption in this situation, | 725 // exchanged). If we were to enable session resumption in this situation, |
| 726 // the session would be cached before we verified the certificate, leaving | 726 // the session would be cached before we verified the certificate, leaving |
| 727 // the potential for a session in which the certificate failed to validate | 727 // the potential for a session in which the certificate failed to validate |
| 728 // to still be able to be resumed. | 728 // to still be able to be resumed. |
| 729 SSLSetSessionOptionFuncPtr ssl_set_session_options = | 729 static SSLSetSessionOptionFuncPtr ssl_set_session_options = |
| 730 LookupFunction<SSLSetSessionOptionFuncPtr>(CFSTR("com.apple.security"), | 730 LookupFunction<SSLSetSessionOptionFuncPtr>(CFSTR("com.apple.security"), |
| 731 CFSTR("SSLSetSessionOption")); | 731 CFSTR("SSLSetSessionOption")); |
| 732 if (ssl_set_session_options) { | 732 if (ssl_set_session_options) { |
| 733 status = ssl_set_session_options(ssl_context_, | 733 status = ssl_set_session_options(ssl_context_, |
| 734 kSSLSessionOptionBreakOnServerAuth, | 734 kSSLSessionOptionBreakOnServerAuth, |
| 735 true); | 735 true); |
| 736 if (!status) | 736 if (!status) |
| 737 status = ssl_set_session_options(ssl_context_, | 737 status = ssl_set_session_options(ssl_context_, |
| 738 kSSLSessionOptionBreakOnCertRequested, | 738 kSSLSessionOptionBreakOnCertRequested, |
| 739 true); | 739 true); |
| (...skipping 424 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1164 if (rv < 0 && rv != ERR_IO_PENDING) { | 1164 if (rv < 0 && rv != ERR_IO_PENDING) { |
| 1165 us->write_io_buf_ = NULL; | 1165 us->write_io_buf_ = NULL; |
| 1166 return OSStatusFromNetError(rv); | 1166 return OSStatusFromNetError(rv); |
| 1167 } | 1167 } |
| 1168 | 1168 |
| 1169 // always lie to our caller | 1169 // always lie to our caller |
| 1170 return noErr; | 1170 return noErr; |
| 1171 } | 1171 } |
| 1172 | 1172 |
| 1173 } // namespace net | 1173 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 651055:
Make dynamic access to SSLSetSessionOption static (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/