Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(192)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 657953003: Use version macros for SSL versions. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 2470 matching lines...) Expand 10 before | Expand all | Expand 10 after
2481 nss_handshake_state_.ssl_connection_status |= 2481 nss_handshake_state_.ssl_connection_status |=
2482 (static_cast<int>(channel_info.cipherSuite) & 2482 (static_cast<int>(channel_info.cipherSuite) &
2483 SSL_CONNECTION_CIPHERSUITE_MASK) << 2483 SSL_CONNECTION_CIPHERSUITE_MASK) <<
2484 SSL_CONNECTION_CIPHERSUITE_SHIFT; 2484 SSL_CONNECTION_CIPHERSUITE_SHIFT;
2485 2485
2486 nss_handshake_state_.ssl_connection_status |= 2486 nss_handshake_state_.ssl_connection_status |=
2487 (static_cast<int>(channel_info.compressionMethod) & 2487 (static_cast<int>(channel_info.compressionMethod) &
2488 SSL_CONNECTION_COMPRESSION_MASK) << 2488 SSL_CONNECTION_COMPRESSION_MASK) <<
2489 SSL_CONNECTION_COMPRESSION_SHIFT; 2489 SSL_CONNECTION_COMPRESSION_SHIFT;
2490 2490
2491 // NSS 3.14.x doesn't have a version macro for TLS 1.2 (because NSS didn't
2492 // support it yet), so use 0x0303 directly.
2493 int version = SSL_CONNECTION_VERSION_UNKNOWN; 2491 int version = SSL_CONNECTION_VERSION_UNKNOWN;
2494 if (channel_info.protocolVersion < SSL_LIBRARY_VERSION_3_0) { 2492 if (channel_info.protocolVersion < SSL_LIBRARY_VERSION_3_0) {
2495 // All versions less than SSL_LIBRARY_VERSION_3_0 are treated as SSL 2493 // All versions less than SSL_LIBRARY_VERSION_3_0 are treated as SSL
2496 // version 2. 2494 // version 2.
2497 version = SSL_CONNECTION_VERSION_SSL2; 2495 version = SSL_CONNECTION_VERSION_SSL2;
2498 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_0) { 2496 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_0) {
2499 version = SSL_CONNECTION_VERSION_SSL3; 2497 version = SSL_CONNECTION_VERSION_SSL3;
2500 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_1_TLS) { 2498 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_0) {
2501 version = SSL_CONNECTION_VERSION_TLS1; 2499 version = SSL_CONNECTION_VERSION_TLS1;
2502 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_1) { 2500 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_1) {
2503 version = SSL_CONNECTION_VERSION_TLS1_1; 2501 version = SSL_CONNECTION_VERSION_TLS1_1;
2504 } else if (channel_info.protocolVersion == 0x0303) { 2502 } else if (channel_info.protocolVersion == SSL_LIBRARY_VERSION_TLS_1_2) {
2505 version = SSL_CONNECTION_VERSION_TLS1_2; 2503 version = SSL_CONNECTION_VERSION_TLS1_2;
2506 } 2504 }
2507 nss_handshake_state_.ssl_connection_status |= 2505 nss_handshake_state_.ssl_connection_status |=
2508 (version & SSL_CONNECTION_VERSION_MASK) << 2506 (version & SSL_CONNECTION_VERSION_MASK) <<
2509 SSL_CONNECTION_VERSION_SHIFT; 2507 SSL_CONNECTION_VERSION_SHIFT;
2510 } 2508 }
2511 2509
2512 PRBool peer_supports_renego_ext; 2510 PRBool peer_supports_renego_ext;
2513 ok = SSL_HandshakeNegotiatedExtension(nss_fd_, ssl_renegotiation_info_xtn, 2511 ok = SSL_HandshakeNegotiatedExtension(nss_fd_, ssl_renegotiation_info_xtn,
2514 &peer_supports_renego_ext); 2512 &peer_supports_renego_ext);
(...skipping 1122 matching lines...) Expand 10 before | Expand all | Expand 10 after
3637 scoped_refptr<X509Certificate> 3635 scoped_refptr<X509Certificate>
3638 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { 3636 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
3639 return core_->state().server_cert.get(); 3637 return core_->state().server_cert.get();
3640 } 3638 }
3641 3639
3642 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { 3640 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const {
3643 return channel_id_service_; 3641 return channel_id_service_;
3644 } 3642 }
3645 3643
3646 } // namespace net 3644 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698