Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(39)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/sslauth.c

Issue 6804032: Add TLS-SRP (RFC 5054) support Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: remove "httpsv" scheme, minor NSS/OpenSSL changes Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/ssl/ssl3prot.h ('k') | net/third_party/nss/ssl/sslenum.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* ***** BEGIN LICENSE BLOCK ***** 1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 * 3 *
4 * The contents of this file are subject to the Mozilla Public License Version 4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with 5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at 6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/ 7 * http://www.mozilla.org/MPL/
8 * 8 *
9 * Software distributed under the License is distributed on an "AS IS" basis, 9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
(...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after
284 if (!ss) { 284 if (!ss) {
285 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook", 285 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
286 SSL_GETPID(), s)); 286 SSL_GETPID(), s));
287 return SECFailure; 287 return SECFailure;
288 } 288 }
289 289
290 ss->pkcs11PinArg = arg; 290 ss->pkcs11PinArg = arg;
291 return SECSuccess; 291 return SECSuccess;
292 } 292 }
293 293
294 /* register callback function to provide the user password */
295 SECStatus
296 SSL_UserPasswdHook(PRFileDesc *s, SSLUserPasswdCB func, void *arg)
297 {
298 sslSocket *ss;
299
300 ss = ssl_FindSocket(s);
301 if (!ss) {
302 SSL_DBG(("%d: SSL[%d]: bad socket in UserPasswdHook",
303 SSL_GETPID(), s));
304 return SECFailure;
305 }
306
307 ss->getUserPasswd = func;
308 ss->getUserPasswdArg = arg;
309 return SECSuccess;
310 }
311
312 /* used by client to provide user credentials non-interactively */
313 SECStatus
314 SSL_SetUserLogin(PRFileDesc *s, const char *user, const char *passwd)
315 {
316 sslSocket *ss = NULL;
317 int len;
318
319 ss = ssl_FindSocket(s);
320 if (!ss) {
321 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
322 SSL_GETPID(), s));
323 return SECFailure;
324 }
325
326 if (user) {
327 len = PORT_Strlen(user);
328 if (len > MAX_SRP_USERNAME_LENGTH)
329 len = MAX_SRP_USERNAME_LENGTH;
330 ss->sec.userName = SECITEM_AllocItem(NULL, NULL, len);
331 if (!ss->sec.userName) {
332 PORT_SetError(SEC_ERROR_NO_MEMORY);
333 return SECFailure;
334 }
335 PORT_Memcpy(ss->sec.userName->data, user, ss->sec.userName->len);
336 }
337
338 if (passwd) {
339 len = PORT_Strlen(passwd);
340 ss->sec.userPasswd = SECITEM_AllocItem(NULL, NULL, len);
341 if (!ss->sec.userPasswd) {
342 PORT_SetError(SEC_ERROR_NO_MEMORY);
343 return SECFailure;
344 }
345 PORT_Memcpy(ss->sec.userPasswd->data, passwd, ss->sec.userPasswd->len);
346 }
347
348 return SECSuccess;
349 }
350
351 /* register callback function to provide SRP user authentication params */
352 SECStatus
353 SSL_GetSRPParamsHook(PRFileDesc *s, SSLGetSRPParamsCB func, void *arg)
354 {
355 sslSocket *ss;
356
357 ss = ssl_FindSocket(s);
358 if (!ss) {
359 SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
360 SSL_GETPID(), s));
361 return SECFailure;
362 }
363
364 ss->getSRPParams = func;
365 ss->getSRPParamsArg = arg;
366 return SECSuccess;
367 }
294 368
295 /* This is the "default" authCert callback function. It is called when a 369 /* This is the "default" authCert callback function. It is called when a
296 * certificate message is received from the peer and the local application 370 * certificate message is received from the peer and the local application
297 * has not registered an authCert callback function. 371 * has not registered an authCert callback function.
298 */ 372 */
299 SECStatus 373 SECStatus
300 SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer) 374 SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
301 { 375 {
302 SECStatus rv; 376 SECStatus rv;
303 CERTCertDBHandle * handle; 377 CERTCertDBHandle * handle;
(...skipping 25 matching lines...) Expand all
329 hostname = ss->url; 403 hostname = ss->url;
330 if (hostname && hostname[0]) 404 if (hostname && hostname[0])
331 rv = CERT_VerifyCertName(ss->sec.peerCert, hostname); 405 rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);
332 else 406 else
333 rv = SECFailure; 407 rv = SECFailure;
334 if (rv != SECSuccess) 408 if (rv != SECSuccess)
335 PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN); 409 PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
336 410
337 return rv; 411 return rv;
338 } 412 }
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/ssl3prot.h ('k') | net/third_party/nss/ssl/sslenum.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698