Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(155)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: runtime/bin/secure_socket_boringssl.cc

Issue 2750843003: Rename TARGET_OS_* to HOST_OS_*. (Closed)
Patch Set: DEPS Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « runtime/bin/secure_socket.h ('k') | runtime/bin/secure_socket_ios.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED) 5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED)
6 6
7 #include "platform/globals.h" 7 #include "platform/globals.h"
8 #if defined(TARGET_OS_ANDROID) || defined(TARGET_OS_LINUX) || \ 8 #if defined(HOST_OS_ANDROID) || defined(HOST_OS_LINUX) || \
9 defined(TARGET_OS_WINDOWS) || defined(TARGET_OS_FUCHSIA) 9 defined(HOST_OS_WINDOWS) || defined(HOST_OS_FUCHSIA)
10 10
11 #include "bin/secure_socket.h" 11 #include "bin/secure_socket.h"
12 #include "bin/secure_socket_boringssl.h" 12 #include "bin/secure_socket_boringssl.h"
13 13
14 #include <errno.h> 14 #include <errno.h>
15 #include <fcntl.h> 15 #include <fcntl.h>
16 #include <stdarg.h> 16 #include <stdarg.h>
17 #include <stdio.h> 17 #include <stdio.h>
18 #include <string.h> 18 #include <string.h>
19 #include <sys/stat.h> 19 #include <sys/stat.h>
(...skipping 845 matching lines...) Expand 10 before | Expand all | Expand 10 after
865 if (commandline_root_certs_file != NULL) { 865 if (commandline_root_certs_file != NULL) {
866 LoadRootCertFile(context, commandline_root_certs_file); 866 LoadRootCertFile(context, commandline_root_certs_file);
867 return; 867 return;
868 } 868 }
869 869
870 if (commandline_root_certs_cache != NULL) { 870 if (commandline_root_certs_cache != NULL) {
871 LoadRootCertCache(context, commandline_root_certs_cache); 871 LoadRootCertCache(context, commandline_root_certs_cache);
872 return; 872 return;
873 } 873 }
874 874
875 #if defined(TARGET_OS_ANDROID) 875 #if defined(HOST_OS_ANDROID)
876 // On Android, we don't compile in the trusted root certificates. Insead, 876 // On Android, we don't compile in the trusted root certificates. Insead,
877 // we use the directory of trusted certificates already present on the device. 877 // we use the directory of trusted certificates already present on the device.
878 // This saves ~240KB from the size of the binary. This has the drawback that 878 // This saves ~240KB from the size of the binary. This has the drawback that
879 // SSL_do_handshake will synchronously hit the filesystem looking for root 879 // SSL_do_handshake will synchronously hit the filesystem looking for root
880 // certs during its trust evaluation. We call SSL_do_handshake directly from 880 // certs during its trust evaluation. We call SSL_do_handshake directly from
881 // the Dart thread so that Dart code can be invoked from the "bad certificate" 881 // the Dart thread so that Dart code can be invoked from the "bad certificate"
882 // callback called by SSL_do_handshake. 882 // callback called by SSL_do_handshake.
883 const char* android_cacerts = "/system/etc/security/cacerts"; 883 const char* android_cacerts = "/system/etc/security/cacerts";
884 LoadRootCertCache(context, android_cacerts); 884 LoadRootCertCache(context, android_cacerts);
885 return; 885 return;
886 #elif defined(TARGET_OS_LINUX) 886 #elif defined(HOST_OS_LINUX)
887 // On Linux, we use the compiled-in trusted certs as a last resort. First, 887 // On Linux, we use the compiled-in trusted certs as a last resort. First,
888 // we try to find the trusted certs in various standard locations. A good 888 // we try to find the trusted certs in various standard locations. A good
889 // discussion of the complexities of this endeavor can be found here: 889 // discussion of the complexities of this endeavor can be found here:
890 // 890 //
891 // https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certif icate-stores-and-platforms/ 891 // https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certif icate-stores-and-platforms/
892 const char* bundle = "/etc/pki/tls/certs/ca-bundle.crt"; 892 const char* bundle = "/etc/pki/tls/certs/ca-bundle.crt";
893 const char* cachedir = "/etc/ssl/certs"; 893 const char* cachedir = "/etc/ssl/certs";
894 if (File::Exists(bundle)) { 894 if (File::Exists(bundle)) {
895 LoadRootCertFile(context, bundle); 895 LoadRootCertFile(context, bundle);
896 return; 896 return;
897 } 897 }
898 898
899 if (Directory::Exists(cachedir) == Directory::EXISTS) { 899 if (Directory::Exists(cachedir) == Directory::EXISTS) {
900 LoadRootCertCache(context, cachedir); 900 LoadRootCertCache(context, cachedir);
901 return; 901 return;
902 } 902 }
903 #endif // defined(TARGET_OS_ANDROID) 903 #endif // defined(HOST_OS_ANDROID)
904 904
905 // Fall back on the compiled-in certs if the standard locations don't exist, 905 // Fall back on the compiled-in certs if the standard locations don't exist,
906 // or we aren't on Linux. 906 // or we aren't on Linux.
907 if (SSL_LOG_STATUS) { 907 if (SSL_LOG_STATUS) {
908 Log::Print("Trusting compiled-in roots\n"); 908 Log::Print("Trusting compiled-in roots\n");
909 } 909 }
910 AddCompiledInCerts(context); 910 AddCompiledInCerts(context);
911 } 911 }
912 912
913 913
(...skipping 878 matching lines...) Expand 10 before | Expand all | Expand 10 after
1792 Log::Print("WriteEncrypted BIO_read wrote %d bytes\n", 1792 Log::Print("WriteEncrypted BIO_read wrote %d bytes\n",
1793 bytes_processed); 1793 bytes_processed);
1794 } 1794 }
1795 } 1795 }
1796 return bytes_processed; 1796 return bytes_processed;
1797 } 1797 }
1798 1798
1799 } // namespace bin 1799 } // namespace bin
1800 } // namespace dart 1800 } // namespace dart
1801 1801
1802 #endif // defined(TARGET_OS_LINUX) 1802 #endif // defined(HOST_OS_LINUX)
1803 1803
1804 #endif // !defined(DART_IO_DISABLED) && 1804 #endif // !defined(DART_IO_DISABLED) &&
1805 // !defined(DART_IO_SECURE_SOCKET_DISABLED) 1805 // !defined(DART_IO_SECURE_SOCKET_DISABLED)
OLDNEW
« no previous file with comments | « runtime/bin/secure_socket.h ('k') | runtime/bin/secure_socket_ios.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698