| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "crypto/secure_util.h" | 9 #include "crypto/secure_util.h" |
| 10 #include "net/base/cert_verifier.h" | 10 #include "net/base/cert_verifier.h" |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 } | 79 } |
| 80 | 80 |
| 81 net::SSLConfig ssl_config; | 81 net::SSLConfig ssl_config; |
| 82 net::SSLServerSocket* server_socket = net::CreateSSLServerSocket( | 82 net::SSLServerSocket* server_socket = net::CreateSSLServerSocket( |
| 83 socket.release(), cert, local_private_key_, ssl_config); | 83 socket.release(), cert, local_private_key_, ssl_config); |
| 84 socket_.reset(server_socket); | 84 socket_.reset(server_socket); |
| 85 | 85 |
| 86 result = server_socket->Handshake(base::Bind( | 86 result = server_socket->Handshake(base::Bind( |
| 87 &SslHmacChannelAuthenticator::OnConnected, base::Unretained(this))); | 87 &SslHmacChannelAuthenticator::OnConnected, base::Unretained(this))); |
| 88 } else { | 88 } else { |
| 89 cert_verifier_.reset(new net::CertVerifier()); | 89 cert_verifier_.reset(net::CertVerifier::CreateDefault()); |
| 90 | 90 |
| 91 net::SSLConfig::CertAndStatus cert_and_status; | 91 net::SSLConfig::CertAndStatus cert_and_status; |
| 92 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; | 92 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; |
| 93 cert_and_status.der_cert = remote_cert_; | 93 cert_and_status.der_cert = remote_cert_; |
| 94 | 94 |
| 95 net::SSLConfig ssl_config; | 95 net::SSLConfig ssl_config; |
| 96 // Certificate verification and revocation checking are not needed | 96 // Certificate verification and revocation checking are not needed |
| 97 // because we use self-signed certs. Disable it so that the SSL | 97 // because we use self-signed certs. Disable it so that the SSL |
| 98 // layer doesn't try to initialize OCSP (OCSP works only on the IO | 98 // layer doesn't try to initialize OCSP (OCSP works only on the IO |
| 99 // thread). | 99 // thread). |
| (...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 269 } | 269 } |
| 270 } | 270 } |
| 271 | 271 |
| 272 void SslHmacChannelAuthenticator::NotifyError(int error) { | 272 void SslHmacChannelAuthenticator::NotifyError(int error) { |
| 273 done_callback_.Run(static_cast<net::Error>(error), | 273 done_callback_.Run(static_cast<net::Error>(error), |
| 274 scoped_ptr<net::StreamSocket>(NULL)); | 274 scoped_ptr<net::StreamSocket>(NULL)); |
| 275 } | 275 } |
| 276 | 276 |
| 277 } // namespace protocol | 277 } // namespace protocol |
| 278 } // namespace remoting | 278 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9476035:
Make CertVerifier a pure virtual interface. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src