OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
8 | 8 |
9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
101 #include "net/socket/ssl_error_params.h" | 101 #include "net/socket/ssl_error_params.h" |
102 #include "net/socket/ssl_host_info.h" | 102 #include "net/socket/ssl_host_info.h" |
103 | 103 |
104 #if defined(OS_WIN) | 104 #if defined(OS_WIN) |
105 #include <windows.h> | 105 #include <windows.h> |
106 #include <wincrypt.h> | 106 #include <wincrypt.h> |
107 #elif defined(OS_MACOSX) | 107 #elif defined(OS_MACOSX) |
108 #include <Security/SecBase.h> | 108 #include <Security/SecBase.h> |
109 #include <Security/SecCertificate.h> | 109 #include <Security/SecCertificate.h> |
110 #include <Security/SecIdentity.h> | 110 #include <Security/SecIdentity.h> |
| 111 #include "base/mac/mac_logging.h" |
111 #elif defined(USE_NSS) | 112 #elif defined(USE_NSS) |
112 #include <dlfcn.h> | 113 #include <dlfcn.h> |
113 #endif | 114 #endif |
114 | 115 |
115 static const int kRecvBufferSize = 4096; | 116 static const int kRecvBufferSize = 4096; |
116 | 117 |
117 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a | 118 // kCorkTimeoutMs is the number of milliseconds for which we'll wait for a |
118 // Write to an SSL socket which we're False Starting. Since corking stops the | 119 // Write to an SSL socket which we're False Starting. Since corking stops the |
119 // Finished message from being sent, the server sees an incomplete handshake | 120 // Finished message from being sent, the server sees an incomplete handshake |
120 // and some will time out such sockets quite aggressively. | 121 // and some will time out such sockets quite aggressively. |
(...skipping 2378 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2499 int cert_count = 0; | 2500 int cert_count = 0; |
2500 if (chain) { | 2501 if (chain) { |
2501 cert_count = CFArrayGetCount(chain); | 2502 cert_count = CFArrayGetCount(chain); |
2502 CFRelease(chain); | 2503 CFRelease(chain); |
2503 } | 2504 } |
2504 that->net_log_.AddEvent(NetLog::TYPE_SSL_CLIENT_CERT_PROVIDED, | 2505 that->net_log_.AddEvent(NetLog::TYPE_SSL_CLIENT_CERT_PROVIDED, |
2505 make_scoped_refptr(new NetLogIntegerParameter("cert_count", | 2506 make_scoped_refptr(new NetLogIntegerParameter("cert_count", |
2506 cert_count))); | 2507 cert_count))); |
2507 return SECSuccess; | 2508 return SECSuccess; |
2508 } | 2509 } |
2509 LOG(WARNING) << "Client cert found, but could not be used: " | 2510 OSSTATUS_LOG(WARNING, os_error) |
2510 << os_error; | 2511 << "Client cert found, but could not be used"; |
2511 if (*result_certs) { | 2512 if (*result_certs) { |
2512 CERT_DestroyCertList(*result_certs); | 2513 CERT_DestroyCertList(*result_certs); |
2513 *result_certs = NULL; | 2514 *result_certs = NULL; |
2514 } | 2515 } |
2515 if (*result_private_key) | 2516 if (*result_private_key) |
2516 *result_private_key = NULL; | 2517 *result_private_key = NULL; |
2517 if (private_key) | 2518 if (private_key) |
2518 CFRelease(private_key); | 2519 CFRelease(private_key); |
2519 if (chain) | 2520 if (chain) |
2520 CFRelease(chain); | 2521 CFRelease(chain); |
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2714 valid_thread_id_ = base::PlatformThread::CurrentId(); | 2715 valid_thread_id_ = base::PlatformThread::CurrentId(); |
2715 } | 2716 } |
2716 | 2717 |
2717 bool SSLClientSocketNSS::CalledOnValidThread() const { | 2718 bool SSLClientSocketNSS::CalledOnValidThread() const { |
2718 EnsureThreadIdAssigned(); | 2719 EnsureThreadIdAssigned(); |
2719 base::AutoLock auto_lock(lock_); | 2720 base::AutoLock auto_lock(lock_); |
2720 return valid_thread_id_ == base::PlatformThread::CurrentId(); | 2721 return valid_thread_id_ == base::PlatformThread::CurrentId(); |
2721 } | 2722 } |
2722 | 2723 |
2723 } // namespace net | 2724 } // namespace net |
OLD | NEW |