OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
184 | 184 |
185 SSLContext() { | 185 SSLContext() { |
186 crypto::EnsureOpenSSLInit(); | 186 crypto::EnsureOpenSSLInit(); |
187 ssl_socket_data_index_ = SSL_get_ex_new_index(0, 0, 0, 0, 0); | 187 ssl_socket_data_index_ = SSL_get_ex_new_index(0, 0, 0, 0, 0); |
188 DCHECK_NE(ssl_socket_data_index_, -1); | 188 DCHECK_NE(ssl_socket_data_index_, -1); |
189 ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method())); | 189 ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method())); |
190 session_cache_.Reset(ssl_ctx_.get(), kDefaultSessionCacheConfig); | 190 session_cache_.Reset(ssl_ctx_.get(), kDefaultSessionCacheConfig); |
191 SSL_CTX_set_cert_verify_callback(ssl_ctx_.get(), CertVerifyCallback, NULL); | 191 SSL_CTX_set_cert_verify_callback(ssl_ctx_.get(), CertVerifyCallback, NULL); |
192 SSL_CTX_set_cert_cb(ssl_ctx_.get(), ClientCertRequestCallback, NULL); | 192 SSL_CTX_set_cert_cb(ssl_ctx_.get(), ClientCertRequestCallback, NULL); |
193 SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER, NULL); | 193 SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER, NULL); |
| 194 // This stops |SSL_shutdown| from generating the close_notify message, which |
| 195 // is currently not sent on the network. |
| 196 // TODO(haavardm): Remove setting quiet shutdown once 118366 is fixed. |
| 197 SSL_CTX_set_quiet_shutdown(ssl_ctx_.get(), 1); |
194 // TODO(kristianm): Only select this if ssl_config_.next_proto is not empty. | 198 // TODO(kristianm): Only select this if ssl_config_.next_proto is not empty. |
195 // It would be better if the callback were not a global setting, | 199 // It would be better if the callback were not a global setting, |
196 // but that is an OpenSSL issue. | 200 // but that is an OpenSSL issue. |
197 SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback, | 201 SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback, |
198 NULL); | 202 NULL); |
199 ssl_ctx_->tlsext_channel_id_enabled_new = 1; | 203 ssl_ctx_->tlsext_channel_id_enabled_new = 1; |
200 | 204 |
201 scoped_ptr<base::Environment> env(base::Environment::Create()); | 205 scoped_ptr<base::Environment> env(base::Environment::Create()); |
202 std::string ssl_keylog_file; | 206 std::string ssl_keylog_file; |
203 if (env->GetVar("SSLKEYLOGFILE", &ssl_keylog_file) && | 207 if (env->GetVar("SSLKEYLOGFILE", &ssl_keylog_file) && |
(...skipping 1811 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2015 ct::SCT_STATUS_LOG_UNKNOWN)); | 2019 ct::SCT_STATUS_LOG_UNKNOWN)); |
2016 } | 2020 } |
2017 } | 2021 } |
2018 | 2022 |
2019 scoped_refptr<X509Certificate> | 2023 scoped_refptr<X509Certificate> |
2020 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 2024 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
2021 return server_cert_; | 2025 return server_cert_; |
2022 } | 2026 } |
2023 | 2027 |
2024 } // namespace net | 2028 } // namespace net |
OLD | NEW |