net/socket/ssl_client_socket_mac.cc - Issue 11739004: Add server certificate request parameters to be stored in SSLCertRequestInfo.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_mac.cc

Issue 11739004: Add server certificate request parameters to be stored in SSLCertRequestInfo. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: Address Ryan's remark ( ASSERT_TRUE(ptr) ) Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_mac.cc

diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc

index 3efea4847a229aabfcdd00fca11ed17955f4c0bb..69ef093cfdfba9c0f66e266d16804015a45668f1 100644

--- a/net/socket/ssl_client_socket_mac.cc

+++ b/net/socket/ssl_client_socket_mac.cc

@@ -748,8 +748,15 @@ bool SSLClientSocketMac::GetSSLInfo(SSLInfo* ssl_info) {

void SSLClientSocketMac::GetSSLCertRequestInfo(

SSLCertRequestInfo* cert_request_info) {

- // I'm being asked for available client certs (identities).

- // First, get the cert issuer names allowed by the server.

+ cert_request_info->host_and_port = host_and_port_.ToString();

+ cert_request_info->cert_authorities.clear();

+ cert_request_info->cert_key_types.clear();

+ cert_request_info->client_certs.clear();

+ // Retrieve the cert issuers accepted by the server. This information is

+ // currently (temporarily) being saved both in |valid_issuers| and

+ // |cert_authorities|, the latter being the target solution. The refactoring

+ // effort is being tracked in http://crbug.com/166642.

std::vector<CertPrincipal> valid_issuers;

CFArrayRef valid_issuer_names = NULL;

if (SSLCopyDistinguishedNames(ssl_context_, &valid_issuer_names) == noErr &&

@@ -758,9 +765,14 @@ void SSLClientSocketMac::GetSSLCertRequestInfo(

<< " valid issuer names";

int n = CFArrayGetCount(valid_issuer_names);

for (int i = 0; i < n; i++) {

- // Parse each name into a CertPrincipal object.

CFDataRef issuer = reinterpret_cast<CFDataRef>(

CFArrayGetValueAtIndex(valid_issuer_names, i));

+ // Add the DER-encoded issuer DistinguishedName to |cert_authorities|.

+ cert_request_info->cert_authorities.push_back(std::string(

+ reinterpret_cast<const char*>(CFDataGetBytePtr(issuer)),

+ static_cast<size_t>(CFDataGetLength(issuer))));

+ // Add the CertPrincipal object representing the issuer to

+ // |valid_issuers|.

CertPrincipal p;

if (p.ParseDistinguishedName(CFDataGetBytePtr(issuer),

CFDataGetLength(issuer))) {

@@ -771,8 +783,6 @@ void SSLClientSocketMac::GetSSLCertRequestInfo(

}

// Now get the available client certs whose issuers are allowed by the server.

- cert_request_info->host_and_port = host_and_port_.ToString();

- cert_request_info->client_certs.clear();

// TODO(rch): we should consider passing a host-port pair as the first

// argument to X509Certificate::GetSSLClientCertificates.

X509Certificate::GetSSLClientCertificates(host_and_port_.host(),

« no previous file with comments | « net/base/test_data_directory.cc ('k') | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »