| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <errno.h> | 10 #include <errno.h> |
| 11 #include <openssl/bio.h> | 11 #include <openssl/bio.h> |
| 12 #include <openssl/err.h> | 12 #include <openssl/err.h> |
| 13 #include <openssl/ssl.h> | 13 #include <openssl/ssl.h> |
| 14 | 14 |
| 15 #include "base/bind.h" | 15 #include "base/bind.h" |
| 16 #include "base/callback_helpers.h" | 16 #include "base/callback_helpers.h" |
| 17 #include "base/environment.h" | 17 #include "base/environment.h" |
| 18 #include "base/memory/singleton.h" | 18 #include "base/memory/singleton.h" |
| 19 #include "base/metrics/histogram.h" | 19 #include "base/metrics/histogram.h" |
| 20 #include "base/profiler/scoped_tracker.h" | 20 #include "base/profiler/scoped_tracker.h" |
| 21 #include "base/strings/string_piece.h" | 21 #include "base/strings/string_piece.h" |
| 22 #include "base/synchronization/lock.h" | 22 #include "base/synchronization/lock.h" |
| 23 #include "base/threading/thread_local.h" |
| 23 #include "crypto/ec_private_key.h" | 24 #include "crypto/ec_private_key.h" |
| 24 #include "crypto/openssl_util.h" | 25 #include "crypto/openssl_util.h" |
| 25 #include "crypto/scoped_openssl_types.h" | 26 #include "crypto/scoped_openssl_types.h" |
| 26 #include "net/base/net_errors.h" | 27 #include "net/base/net_errors.h" |
| 27 #include "net/cert/cert_policy_enforcer.h" | 28 #include "net/cert/cert_policy_enforcer.h" |
| 28 #include "net/cert/cert_verifier.h" | 29 #include "net/cert/cert_verifier.h" |
| 29 #include "net/cert/ct_ev_whitelist.h" | 30 #include "net/cert/ct_ev_whitelist.h" |
| 30 #include "net/cert/ct_verifier.h" | 31 #include "net/cert/ct_verifier.h" |
| 31 #include "net/cert/single_request_cert_verifier.h" | 32 #include "net/cert/single_request_cert_verifier.h" |
| 32 #include "net/cert/x509_certificate_net_log_param.h" | 33 #include "net/cert/x509_certificate_net_log_param.h" |
| (...skipping 890 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 923 do { | 924 do { |
| 924 rv = BufferSend(); | 925 rv = BufferSend(); |
| 925 if (rv != ERR_IO_PENDING && rv != 0) | 926 if (rv != ERR_IO_PENDING && rv != 0) |
| 926 network_moved = true; | 927 network_moved = true; |
| 927 } while (rv > 0); | 928 } while (rv > 0); |
| 928 if (transport_read_error_ == OK && BufferRecv() != ERR_IO_PENDING) | 929 if (transport_read_error_ == OK && BufferRecv() != ERR_IO_PENDING) |
| 929 network_moved = true; | 930 network_moved = true; |
| 930 return network_moved; | 931 return network_moved; |
| 931 } | 932 } |
| 932 | 933 |
| 934 // TODO(vadimt): Remove including "base/threading/thread_local.h" and |
| 935 // g_first_run_completed once crbug.com/424386 is fixed. |
| 936 base::LazyInstance<base::ThreadLocalBoolean>::Leaky g_first_run_completed = |
| 937 LAZY_INSTANCE_INITIALIZER; |
| 938 |
| 933 int SSLClientSocketOpenSSL::DoHandshake() { | 939 int SSLClientSocketOpenSSL::DoHandshake() { |
| 934 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 940 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 935 int net_error = OK; | 941 int net_error = OK; |
| 936 | 942 |
| 937 int rv; | 943 int rv; |
| 938 | 944 |
| 939 // TODO(vadimt): Leave only 1 call to SSL_do_handshake once crbug.com/424386 | 945 // TODO(vadimt): Leave only 1 call to SSL_do_handshake once crbug.com/424386 |
| 940 // is fixed. | 946 // is fixed. |
| 941 if (ssl_config_.send_client_cert && ssl_config_.client_cert.get()) { | 947 if (ssl_config_.send_client_cert && ssl_config_.client_cert.get()) { |
| 942 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed. | 948 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed. |
| 943 tracked_objects::ScopedTracker tracking_profile1( | 949 tracked_objects::ScopedTracker tracking_profile1( |
| 944 FROM_HERE_WITH_EXPLICIT_FUNCTION("424386 DoHandshake_WithCert")); | 950 FROM_HERE_WITH_EXPLICIT_FUNCTION("424386 DoHandshake_WithCert")); |
| 945 | 951 |
| 946 rv = SSL_do_handshake(ssl_); | 952 rv = SSL_do_handshake(ssl_); |
| 947 } else { | 953 } else { |
| 948 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed. | 954 if (g_first_run_completed.Get().Get()) { |
| 949 tracked_objects::ScopedTracker tracking_profile1( | 955 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is |
| 950 FROM_HERE_WITH_EXPLICIT_FUNCTION("424386 DoHandshake_WithoutCert")); | 956 // fixed. |
| 957 tracked_objects::ScopedTracker tracking_profile1( |
| 958 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 959 "424386 DoHandshake_WithoutCert Not First")); |
| 951 | 960 |
| 952 rv = SSL_do_handshake(ssl_); | 961 rv = SSL_do_handshake(ssl_); |
| 962 } else { |
| 963 g_first_run_completed.Get().Set(true); |
| 964 |
| 965 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is |
| 966 // fixed. |
| 967 tracked_objects::ScopedTracker tracking_profile1( |
| 968 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 969 "424386 DoHandshake_WithoutCert First")); |
| 970 |
| 971 rv = SSL_do_handshake(ssl_); |
| 972 } |
| 953 } | 973 } |
| 954 | 974 |
| 955 if (client_auth_cert_needed_) { | 975 if (client_auth_cert_needed_) { |
| 956 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed. | 976 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed. |
| 957 tracked_objects::ScopedTracker tracking_profile2( | 977 tracked_objects::ScopedTracker tracking_profile2( |
| 958 FROM_HERE_WITH_EXPLICIT_FUNCTION( | 978 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 959 "424386 SSLClientSocketOpenSSL::DoHandshake2")); | 979 "424386 SSLClientSocketOpenSSL::DoHandshake2")); |
| 960 | 980 |
| 961 net_error = ERR_SSL_CLIENT_AUTH_CERT_NEEDED; | 981 net_error = ERR_SSL_CLIENT_AUTH_CERT_NEEDED; |
| 962 // If the handshake already succeeded (because the server requests but | 982 // If the handshake already succeeded (because the server requests but |
| (...skipping 1030 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1993 ct::SCT_STATUS_LOG_UNKNOWN)); | 2013 ct::SCT_STATUS_LOG_UNKNOWN)); |
| 1994 } | 2014 } |
| 1995 } | 2015 } |
| 1996 | 2016 |
| 1997 scoped_refptr<X509Certificate> | 2017 scoped_refptr<X509Certificate> |
| 1998 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 2018 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1999 return server_cert_; | 2019 return server_cert_; |
| 2000 } | 2020 } |
| 2001 | 2021 |
| 2002 } // namespace net | 2022 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
