OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/cert_verify_proc_openssl.h" | 5 #include "net/base/cert_verify_proc_openssl.h" |
6 | 6 |
7 #include <openssl/x509v3.h> | 7 #include <openssl/x509v3.h> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/sha1.h" | 10 #include "base/sha1.h" |
(...skipping 211 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
222 CertVerifyResult* verify_result) { | 222 CertVerifyResult* verify_result) { |
223 crypto::EnsureOpenSSLInit(); | 223 crypto::EnsureOpenSSLInit(); |
224 | 224 |
225 if (!cert->VerifyNameMatch(hostname)) | 225 if (!cert->VerifyNameMatch(hostname)) |
226 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; | 226 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; |
227 | 227 |
228 bool verify_attempted = false; | 228 bool verify_attempted = false; |
229 | 229 |
230 #if defined(OS_ANDROID) | 230 #if defined(OS_ANDROID) |
231 std::vector<std::string> cert_bytes; | 231 std::vector<std::string> cert_bytes; |
232 GetChainDEREncodedBytes(&cert_bytes); | 232 GetChainDEREncodedBytes(cert, &cert_bytes); |
wtc
2012/03/22 17:43:13
Should this be
cert->GetChainDEREncodedBytes(&
| |
233 | 233 |
234 verify_attempted = VerifyFromAndroidTrustManager(cert_bytes, verify_result); | 234 verify_attempted = VerifyFromAndroidTrustManager(cert_bytes, verify_result); |
235 #endif | 235 #endif |
236 | 236 |
237 if (verify_attempted) { | 237 if (verify_attempted) { |
238 if (IsCertStatusError(verify_result->cert_status)) | 238 if (IsCertStatusError(verify_result->cert_status)) |
239 return MapCertStatusToNetError(verify_result->cert_status); | 239 return MapCertStatusToNetError(verify_result->cert_status); |
240 } else { | 240 } else { |
241 crypto::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( | 241 crypto::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( |
242 X509_STORE_CTX_new()); | 242 X509_STORE_CTX_new()); |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
279 // TODO(joth): if the motivations described in | 279 // TODO(joth): if the motivations described in |
280 // http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 become an | 280 // http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 become an |
281 // issue on OpenSSL builds, we will need to embed a hardcoded list of well | 281 // issue on OpenSSL builds, we will need to embed a hardcoded list of well |
282 // known root CAs, as per the _mac and _win versions. | 282 // known root CAs, as per the _mac and _win versions. |
283 verify_result->is_issued_by_known_root = true; | 283 verify_result->is_issued_by_known_root = true; |
284 | 284 |
285 return OK; | 285 return OK; |
286 } | 286 } |
287 | 287 |
288 } // namespace net | 288 } // namespace net |
OLD | NEW |