| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 1776 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1787 do { | 1787 do { |
| 1788 rv = DoPayloadWrite(); | 1788 rv = DoPayloadWrite(); |
| 1789 network_moved = DoTransportIO(); | 1789 network_moved = DoTransportIO(); |
| 1790 } while (rv == ERR_IO_PENDING && network_moved); | 1790 } while (rv == ERR_IO_PENDING && network_moved); |
| 1791 | 1791 |
| 1792 LeaveFunction(rv); | 1792 LeaveFunction(rv); |
| 1793 return rv; | 1793 return rv; |
| 1794 } | 1794 } |
| 1795 | 1795 |
| 1796 int SSLClientSocketNSS::Core::DoHandshake() { | 1796 int SSLClientSocketNSS::Core::DoHandshake() { |
| 1797 // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed. |
| 1798 tracked_objects::ScopedProfile tracking_profile( |
| 1799 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 1800 "424386 SSLClientSocketNSS::Core::DoHandshake")); |
| 1801 |
| 1797 DCHECK(OnNSSTaskRunner()); | 1802 DCHECK(OnNSSTaskRunner()); |
| 1798 | 1803 |
| 1799 int net_error = OK; | 1804 int net_error = OK; |
| 1800 SECStatus rv = SSL_ForceHandshake(nss_fd_); | 1805 SECStatus rv = SSL_ForceHandshake(nss_fd_); |
| 1801 | 1806 |
| 1802 // Note: this function may be called multiple times during the handshake, so | 1807 // Note: this function may be called multiple times during the handshake, so |
| 1803 // even though channel id and client auth are separate else cases, they can | 1808 // even though channel id and client auth are separate else cases, they can |
| 1804 // both be used during a single SSL handshake. | 1809 // both be used during a single SSL handshake. |
| 1805 if (channel_id_needed_) { | 1810 if (channel_id_needed_) { |
| 1806 GotoState(STATE_GET_DOMAIN_BOUND_CERT_COMPLETE); | 1811 GotoState(STATE_GET_DOMAIN_BOUND_CERT_COMPLETE); |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1838 base::Bind(&AddLogEventWithCallback, weak_net_log_, | 1843 base::Bind(&AddLogEventWithCallback, weak_net_log_, |
| 1839 NetLog::TYPE_SSL_HANDSHAKE_ERROR, | 1844 NetLog::TYPE_SSL_HANDSHAKE_ERROR, |
| 1840 CreateNetLogSSLErrorCallback(net_error, prerr))); | 1845 CreateNetLogSSLErrorCallback(net_error, prerr))); |
| 1841 } | 1846 } |
| 1842 } | 1847 } |
| 1843 | 1848 |
| 1844 return net_error; | 1849 return net_error; |
| 1845 } | 1850 } |
| 1846 | 1851 |
| 1847 int SSLClientSocketNSS::Core::DoGetDBCertComplete(int result) { | 1852 int SSLClientSocketNSS::Core::DoGetDBCertComplete(int result) { |
| 1853 // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed. |
| 1854 tracked_objects::ScopedProfile tracking_profile( |
| 1855 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 1856 "424386 SSLClientSocketNSS::Core::DoGetDBCertComplete")); |
| 1857 |
| 1848 SECStatus rv; | 1858 SECStatus rv; |
| 1849 PostOrRunCallback( | 1859 PostOrRunCallback( |
| 1850 FROM_HERE, | 1860 FROM_HERE, |
| 1851 base::Bind(&BoundNetLog::EndEventWithNetErrorCode, weak_net_log_, | 1861 base::Bind(&BoundNetLog::EndEventWithNetErrorCode, weak_net_log_, |
| 1852 NetLog::TYPE_SSL_GET_DOMAIN_BOUND_CERT, result)); | 1862 NetLog::TYPE_SSL_GET_DOMAIN_BOUND_CERT, result)); |
| 1853 | 1863 |
| 1854 channel_id_needed_ = false; | 1864 channel_id_needed_ = false; |
| 1855 | 1865 |
| 1856 if (result != OK) | 1866 if (result != OK) |
| 1857 return result; | 1867 return result; |
| (...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2022 base::Bind(&AddLogEventWithCallback, weak_net_log_, | 2032 base::Bind(&AddLogEventWithCallback, weak_net_log_, |
| 2023 NetLog::TYPE_SSL_WRITE_ERROR, | 2033 NetLog::TYPE_SSL_WRITE_ERROR, |
| 2024 CreateNetLogSSLErrorCallback(rv, prerr))); | 2034 CreateNetLogSSLErrorCallback(rv, prerr))); |
| 2025 return rv; | 2035 return rv; |
| 2026 } | 2036 } |
| 2027 | 2037 |
| 2028 // Do as much network I/O as possible between the buffer and the | 2038 // Do as much network I/O as possible between the buffer and the |
| 2029 // transport socket. Return true if some I/O performed, false | 2039 // transport socket. Return true if some I/O performed, false |
| 2030 // otherwise (error or ERR_IO_PENDING). | 2040 // otherwise (error or ERR_IO_PENDING). |
| 2031 bool SSLClientSocketNSS::Core::DoTransportIO() { | 2041 bool SSLClientSocketNSS::Core::DoTransportIO() { |
| 2042 // TODO(vadimt): Remove ScopedProfile below once crbug.com/424386 is fixed. |
| 2043 tracked_objects::ScopedProfile tracking_profile( |
| 2044 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 2045 "424386 SSLClientSocketNSS::Core::DoTransportIO")); |
| 2046 |
| 2032 DCHECK(OnNSSTaskRunner()); | 2047 DCHECK(OnNSSTaskRunner()); |
| 2033 | 2048 |
| 2034 bool network_moved = false; | 2049 bool network_moved = false; |
| 2035 if (nss_bufs_ != NULL) { | 2050 if (nss_bufs_ != NULL) { |
| 2036 int rv; | 2051 int rv; |
| 2037 // Read and write as much data as we can. The loop is neccessary | 2052 // Read and write as much data as we can. The loop is neccessary |
| 2038 // because Write() may return synchronously. | 2053 // because Write() may return synchronously. |
| 2039 do { | 2054 do { |
| 2040 rv = BufferSend(); | 2055 rv = BufferSend(); |
| 2041 if (rv != ERR_IO_PENDING && rv != 0) | 2056 if (rv != ERR_IO_PENDING && rv != 0) |
| (...skipping 389 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2431 | 2446 |
| 2432 cache_ocsp_response( | 2447 cache_ocsp_response( |
| 2433 CERT_GetDefaultCertDB(), | 2448 CERT_GetDefaultCertDB(), |
| 2434 nss_handshake_state_.server_cert_chain[0], PR_Now(), | 2449 nss_handshake_state_.server_cert_chain[0], PR_Now(), |
| 2435 &ocsp_responses->items[0], NULL); | 2450 &ocsp_responses->items[0], NULL); |
| 2436 #endif | 2451 #endif |
| 2437 } // IsOCSPStaplingSupported() | 2452 } // IsOCSPStaplingSupported() |
| 2438 } | 2453 } |
| 2439 | 2454 |
| 2440 void SSLClientSocketNSS::Core::UpdateConnectionStatus() { | 2455 void SSLClientSocketNSS::Core::UpdateConnectionStatus() { |
| 2456 // Note: This function may be called multiple times for a single connection |
| 2457 // if renegotiations occur. |
| 2458 nss_handshake_state_.ssl_connection_status = 0; |
| 2459 |
| 2441 SSLChannelInfo channel_info; | 2460 SSLChannelInfo channel_info; |
| 2442 SECStatus ok = SSL_GetChannelInfo(nss_fd_, | 2461 SECStatus ok = SSL_GetChannelInfo(nss_fd_, |
| 2443 &channel_info, sizeof(channel_info)); | 2462 &channel_info, sizeof(channel_info)); |
| 2444 if (ok == SECSuccess && | 2463 if (ok == SECSuccess && |
| 2445 channel_info.length == sizeof(channel_info) && | 2464 channel_info.length == sizeof(channel_info) && |
| 2446 channel_info.cipherSuite) { | 2465 channel_info.cipherSuite) { |
| 2447 nss_handshake_state_.ssl_connection_status |= | 2466 nss_handshake_state_.ssl_connection_status |= |
| 2448 (static_cast<int>(channel_info.cipherSuite) & | 2467 (static_cast<int>(channel_info.cipherSuite) & |
| 2449 SSL_CONNECTION_CIPHERSUITE_MASK) << | 2468 SSL_CONNECTION_CIPHERSUITE_MASK) << |
| 2450 SSL_CONNECTION_CIPHERSUITE_SHIFT; | 2469 SSL_CONNECTION_CIPHERSUITE_SHIFT; |
| (...skipping 1137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3588 scoped_refptr<X509Certificate> | 3607 scoped_refptr<X509Certificate> |
| 3589 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3608 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3590 return core_->state().server_cert.get(); | 3609 return core_->state().server_cert.get(); |
| 3591 } | 3610 } |
| 3592 | 3611 |
| 3593 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { | 3612 ChannelIDService* SSLClientSocketNSS::GetChannelIDService() const { |
| 3594 return channel_id_service_; | 3613 return channel_id_service_; |
| 3595 } | 3614 } |
| 3596 | 3615 |
| 3597 } // namespace net | 3616 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 681713002:
Update from chromium https://crrev.com/301315 (Closed)
Base URL: https://github.com/domokit/mojo.git@master