OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <openssl/ssl.h> | 10 #include <openssl/ssl.h> |
(...skipping 808 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
819 | 819 |
820 int SSLClientSocketOpenSSL::DoVerifyCert(int result) { | 820 int SSLClientSocketOpenSSL::DoVerifyCert(int result) { |
821 DCHECK(server_cert_); | 821 DCHECK(server_cert_); |
822 GotoState(STATE_VERIFY_CERT_COMPLETE); | 822 GotoState(STATE_VERIFY_CERT_COMPLETE); |
823 | 823 |
824 int cert_status; | 824 int cert_status; |
825 if (ssl_config_.IsAllowedBadCert(server_cert_, &cert_status)) { | 825 if (ssl_config_.IsAllowedBadCert(server_cert_, &cert_status)) { |
826 VLOG(1) << "Received an expected bad cert with status: " << cert_status; | 826 VLOG(1) << "Received an expected bad cert with status: " << cert_status; |
827 server_cert_verify_result_.Reset(); | 827 server_cert_verify_result_.Reset(); |
828 server_cert_verify_result_.cert_status = cert_status; | 828 server_cert_verify_result_.cert_status = cert_status; |
| 829 server_cert_verify_result_.verified_cert = server_cert_; |
829 return OK; | 830 return OK; |
830 } | 831 } |
831 | 832 |
832 int flags = 0; | 833 int flags = 0; |
833 if (ssl_config_.rev_checking_enabled) | 834 if (ssl_config_.rev_checking_enabled) |
834 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; | 835 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; |
835 if (ssl_config_.verify_ev_cert) | 836 if (ssl_config_.verify_ev_cert) |
836 flags |= X509Certificate::VERIFY_EV_CERT; | 837 flags |= X509Certificate::VERIFY_EV_CERT; |
837 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); | 838 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_)); |
838 return verifier_->Verify(server_cert_, host_and_port_.host(), flags, | 839 return verifier_->Verify(server_cert_, host_and_port_.host(), flags, |
(...skipping 376 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1215 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, | 1216 net_log_.AddByteTransferEvent(NetLog::TYPE_SSL_SOCKET_BYTES_SENT, rv, |
1216 user_write_buf_->data()); | 1217 user_write_buf_->data()); |
1217 return rv; | 1218 return rv; |
1218 } | 1219 } |
1219 | 1220 |
1220 int err = SSL_get_error(ssl_, rv); | 1221 int err = SSL_get_error(ssl_, rv); |
1221 return MapOpenSSLError(err, err_tracer); | 1222 return MapOpenSSLError(err, err_tracer); |
1222 } | 1223 } |
1223 | 1224 |
1224 } // namespace net | 1225 } // namespace net |
OLD | NEW |