OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 3126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3137 } | 3137 } |
3138 | 3138 |
3139 for (std::vector<uint16>::const_iterator it = | 3139 for (std::vector<uint16>::const_iterator it = |
3140 ssl_config_.disabled_cipher_suites.begin(); | 3140 ssl_config_.disabled_cipher_suites.begin(); |
3141 it != ssl_config_.disabled_cipher_suites.end(); ++it) { | 3141 it != ssl_config_.disabled_cipher_suites.end(); ++it) { |
3142 // This will fail if the specified cipher is not implemented by NSS, but | 3142 // This will fail if the specified cipher is not implemented by NSS, but |
3143 // the failure is harmless. | 3143 // the failure is harmless. |
3144 SSL_CipherPrefSet(nss_fd_, *it, PR_FALSE); | 3144 SSL_CipherPrefSet(nss_fd_, *it, PR_FALSE); |
3145 } | 3145 } |
3146 | 3146 |
| 3147 size_t cipher_order_len; |
| 3148 const uint16* cipher_order = GetNSSCipherOrder(&cipher_order_len); |
| 3149 if (cipher_order) { |
| 3150 rv = SSL_CipherOrderSet(nss_fd_, cipher_order, cipher_order_len); |
| 3151 if (rv != SECSuccess) { |
| 3152 LogFailedNSSFunction(net_log_, "SSL_CipherOrderSet", ""); |
| 3153 } |
| 3154 } |
| 3155 |
3147 // Support RFC 5077 | 3156 // Support RFC 5077 |
3148 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); | 3157 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); |
3149 if (rv != SECSuccess) { | 3158 if (rv != SECSuccess) { |
3150 LogFailedNSSFunction( | 3159 LogFailedNSSFunction( |
3151 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); | 3160 net_log_, "SSL_OptionSet", "SSL_ENABLE_SESSION_TICKETS"); |
3152 } | 3161 } |
3153 | 3162 |
3154 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, | 3163 rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_FALSE_START, |
3155 ssl_config_.false_start_enabled); | 3164 ssl_config_.false_start_enabled); |
3156 if (rv != SECSuccess) | 3165 if (rv != SECSuccess) |
(...skipping 348 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3505 EnsureThreadIdAssigned(); | 3514 EnsureThreadIdAssigned(); |
3506 base::AutoLock auto_lock(lock_); | 3515 base::AutoLock auto_lock(lock_); |
3507 return valid_thread_id_ == base::PlatformThread::CurrentId(); | 3516 return valid_thread_id_ == base::PlatformThread::CurrentId(); |
3508 } | 3517 } |
3509 | 3518 |
3510 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { | 3519 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { |
3511 return server_bound_cert_service_; | 3520 return server_bound_cert_service_; |
3512 } | 3521 } |
3513 | 3522 |
3514 } // namespace net | 3523 } // namespace net |
OLD | NEW |