| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // TODO(ukai): code is similar with http_network_transaction.cc. We should | 5 // TODO(ukai): code is similar with http_network_transaction.cc. We should |
| 6 // think about ways to share code, if possible. | 6 // think about ways to share code, if possible. |
| 7 | 7 |
| 8 #include "net/socket_stream/socket_stream.h" | 8 #include "net/socket_stream/socket_stream.h" |
| 9 | 9 |
| 10 #include <set> | 10 #include <set> |
| (...skipping 1150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1161 return result; | 1161 return result; |
| 1162 | 1162 |
| 1163 scoped_refptr<X509Certificate> client_cert; | 1163 scoped_refptr<X509Certificate> client_cert; |
| 1164 bool found_cached_cert = session->ssl_client_auth_cache()->Lookup( | 1164 bool found_cached_cert = session->ssl_client_auth_cache()->Lookup( |
| 1165 cert_request_info->host_and_port, &client_cert); | 1165 cert_request_info->host_and_port, &client_cert); |
| 1166 if (!found_cached_cert) | 1166 if (!found_cached_cert) |
| 1167 return result; | 1167 return result; |
| 1168 if (!client_cert) | 1168 if (!client_cert) |
| 1169 return result; | 1169 return result; |
| 1170 | 1170 |
| 1171 const std::vector<scoped_refptr<X509Certificate> >& client_certs = | 1171 const std::vector<std::string>& cert_authorities = |
| 1172 cert_request_info->client_certs; | 1172 cert_request_info->cert_authorities; |
| 1173 bool cert_still_valid = false; | 1173 bool cert_still_valid = cert_authorities.empty() || |
| 1174 for (size_t i = 0; i < client_certs.size(); ++i) { | 1174 client_cert->IsIssuedByEncoded(cert_authorities); |
| 1175 if (client_cert->Equals(client_certs[i])) { | |
| 1176 cert_still_valid = true; | |
| 1177 break; | |
| 1178 } | |
| 1179 } | |
| 1180 if (!cert_still_valid) | 1175 if (!cert_still_valid) |
| 1181 return result; | 1176 return result; |
| 1182 | 1177 |
| 1183 ssl_config->send_client_cert = true; | 1178 ssl_config->send_client_cert = true; |
| 1184 ssl_config->client_cert = client_cert; | 1179 ssl_config->client_cert = client_cert; |
| 1185 next_state_ = STATE_TCP_CONNECT; | 1180 next_state_ = STATE_TCP_CONNECT; |
| 1186 return OK; | 1181 return OK; |
| 1187 } | 1182 } |
| 1188 | 1183 |
| 1189 int SocketStream::AllowCertErrorForReconnection(SSLConfig* ssl_config) { | 1184 int SocketStream::AllowCertErrorForReconnection(SSLConfig* ssl_config) { |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1272 | 1267 |
| 1273 SSLConfigService* SocketStream::ssl_config_service() const { | 1268 SSLConfigService* SocketStream::ssl_config_service() const { |
| 1274 return context_->ssl_config_service(); | 1269 return context_->ssl_config_service(); |
| 1275 } | 1270 } |
| 1276 | 1271 |
| 1277 ProxyService* SocketStream::proxy_service() const { | 1272 ProxyService* SocketStream::proxy_service() const { |
| 1278 return context_->proxy_service(); | 1273 return context_->proxy_service(); |
| 1279 } | 1274 } |
| 1280 | 1275 |
| 1281 } // namespace net | 1276 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12035105:
Move client certificates retrieval logic out of the SSL sockets. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master