net/socket/ssl_server_socket_openssl.h - Issue 994743003: Support for client certs in ssl_server_socket.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_server_socket_openssl.h

Issue 994743003: Support for client certs in ssl_server_socket. Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_server_socket_openssl.h

diff --git a/net/socket/ssl_server_socket_openssl.h b/net/socket/ssl_server_socket_openssl.h

index c58bd5693521921e20c986d44af3f025c7171283..a95930afd01f5aed805e8fe536174d83bac53d5e 100644

--- a/net/socket/ssl_server_socket_openssl.h

+++ b/net/socket/ssl_server_socket_openssl.h

@@ -17,6 +17,7 @@

typedef struct bio_st BIO;

// <openssl/ssl.h>

typedef struct ssl_st SSL;

+typedef struct x509_store_ctx_st X509_STORE_CTX;

namespace net {

@@ -34,6 +35,9 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {

// SSLServerSocket interface.

int Handshake(const CompletionCallback& callback) override;

+ void SetAllowClientCert(bool allow_client_cert) override;

+ void SetClientCertCAList(const CertificateList& client_cert_ca_list) override;

+ void SetClientCertVerifier(CertVerifier* client_cert_verifier) override;

// SSLSocket interface.

int ExportKeyingMaterial(const base::StringPiece& label,

@@ -98,6 +102,8 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {

void DoWriteCallback(int result);

int Init();

+ void ExtractClientCert();

+ static int CertVerifyCallback(X509_STORE_CTX* store_ctx, void* arg);

// Members used to send and receive buffer.

bool transport_send_busy_;

@@ -141,9 +147,18 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {

// Private key used by the server.

scoped_ptr<crypto::RSAPrivateKey> key_;

+ // Certificate for the client.

+ scoped_refptr<X509Certificate> client_cert_;

State next_handshake_state_;

bool completed_handshake_;

+ // Information to be used in CertificateRequest message.

+ CertificateList client_cert_ca_list_;

+ // Used to provide callback for client certificate verification.

+ CertVerifier* client_cert_verifier_;

DISALLOW_COPY_AND_ASSIGN(SSLServerSocketOpenSSL);

};

« net/socket/ssl_server_socket_nss.cc ('K') | « net/socket/ssl_server_socket_nss.cc ('k') | net/socket/ssl_server_socket_openssl.cc » ('j') | net/socket/ssl_server_socket_openssl.cc » ('J')