Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(180)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_server_socket_nss.cc

Issue 679473002: Allow two SSL Server Socket parameters to be tuned by the caller (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_server_socket.h ('k') | net/socket/ssl_server_socket_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_server_socket_nss.h" 5 #include "net/socket/ssl_server_socket_nss.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <winsock2.h> 8 #include <winsock2.h>
9 #endif 9 #endif
10 10
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
46 static const int kRecvBufferSize = 17 * 1024; 46 static const int kRecvBufferSize = 17 * 1024;
47 static const int kSendBufferSize = 17 * 1024; 47 static const int kSendBufferSize = 17 * 1024;
48 48
49 #define GotoState(s) next_handshake_state_ = s 49 #define GotoState(s) next_handshake_state_ = s
50 50
51 namespace net { 51 namespace net {
52 52
53 namespace { 53 namespace {
54 54
55 bool g_nss_server_sockets_init = false; 55 bool g_nss_server_sockets_init = false;
56 int g_max_session_id_cache_entries = 1024;
57 int g_ssl_session_id_cache_timeout = 5;
56 58
57 class NSSSSLServerInitSingleton { 59 class NSSSSLServerInitSingleton {
58 public: 60 public:
59 NSSSSLServerInitSingleton() { 61 NSSSSLServerInitSingleton() {
60 EnsureNSSSSLInit(); 62 EnsureNSSSSLInit();
61 63
62 SSL_ConfigServerSessionIDCache(1024, 5, 5, NULL); 64 SSL_ConfigServerSessionIDCache(g_max_session_id_cache_entries,
65 g_ssl_session_id_cache_timeout,
66 g_ssl_session_id_cache_timeout,
67 NULL);
63 g_nss_server_sockets_init = true; 68 g_nss_server_sockets_init = true;
64 } 69 }
65 70
66 ~NSSSSLServerInitSingleton() { 71 ~NSSSSLServerInitSingleton() {
67 SSL_ShutdownServerSessionIDCache(); 72 SSL_ShutdownServerSessionIDCache();
68 g_nss_server_sockets_init = false; 73 g_nss_server_sockets_init = false;
69 } 74 }
70 }; 75 };
71 76
72 static base::LazyInstance<NSSSSLServerInitSingleton> 77 static base::LazyInstance<NSSSSLServerInitSingleton>
73 g_nss_ssl_server_init_singleton = LAZY_INSTANCE_INITIALIZER; 78 g_nss_ssl_server_init_singleton = LAZY_INSTANCE_INITIALIZER;
74 79
75 } // namespace 80 } // namespace
76 81
82 void SetSSLServerSessionCacheParameters(
83 int max_session_id_cache_entries,
84 int ssl_session_id_cache_timeout) {
85 DCHECK(!g_nss_server_sockets_init) << "SetSSLServerSessionCacheParameters"
86 << " cannot be called after"
87 << " EnableSSLServerSockets.";
88 g_max_session_id_cache_entries = max_session_id_cache_entries;
89 g_ssl_session_id_cache_timeout = ssl_session_id_cache_timeout;
90 }
91
77 void EnableSSLServerSockets() { 92 void EnableSSLServerSockets() {
78 g_nss_ssl_server_init_singleton.Get(); 93 g_nss_ssl_server_init_singleton.Get();
79 } 94 }
80 95
81 scoped_ptr<SSLServerSocket> CreateSSLServerSocket( 96 scoped_ptr<SSLServerSocket> CreateSSLServerSocket(
82 scoped_ptr<StreamSocket> socket, 97 scoped_ptr<StreamSocket> socket,
83 X509Certificate* cert, 98 X509Certificate* cert,
84 crypto::RSAPrivateKey* key, 99 crypto::RSAPrivateKey* key,
85 const SSLConfig& ssl_config) { 100 const SSLConfig& ssl_config) {
86 DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been" 101 DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been"
87 << "called yet!"; 102 << " called yet!";
88 103
89 return scoped_ptr<SSLServerSocket>( 104 return scoped_ptr<SSLServerSocket>(
90 new SSLServerSocketNSS(socket.Pass(), cert, key, ssl_config)); 105 new SSLServerSocketNSS(socket.Pass(), cert, key, ssl_config));
91 } 106 }
92 107
93 SSLServerSocketNSS::SSLServerSocketNSS( 108 SSLServerSocketNSS::SSLServerSocketNSS(
94 scoped_ptr<StreamSocket> transport_socket, 109 scoped_ptr<StreamSocket> transport_socket,
95 scoped_refptr<X509Certificate> cert, 110 scoped_refptr<X509Certificate> cert,
96 crypto::RSAPrivateKey* key, 111 crypto::RSAPrivateKey* key,
97 const SSLConfig& ssl_config) 112 const SSLConfig& ssl_config)
(...skipping 732 matching lines...) Expand 10 before | Expand all | Expand 10 after
830 // initializes the NSS base library. 845 // initializes the NSS base library.
831 EnsureNSSSSLInit(); 846 EnsureNSSSSLInit();
832 if (!NSS_IsInitialized()) 847 if (!NSS_IsInitialized())
833 return ERR_UNEXPECTED; 848 return ERR_UNEXPECTED;
834 849
835 EnableSSLServerSockets(); 850 EnableSSLServerSockets();
836 return OK; 851 return OK;
837 } 852 }
838 853
839 } // namespace net 854 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_server_socket.h ('k') | net/socket/ssl_server_socket_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698