Google Git
Sign in
chromium / chromium / src.git / c078770418d4be5f03f8b034629a0565aa835676^! / . / net / socket / ssl_client_socket_openssl.h
commitc078770418d4be5f03f8b034629a0565aa835676[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Tue May 20 21:51:44 2014
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Tue May 20 21:51:44 2014
tree153498003655fdd3a8d939c4953a2fc1d6a4d0b8
parente36de1252da64a0efcfaf0306d8d7206c101065c [diff] [blame]
Populate cert_key_types on OpenSSL.

Add a test to ensure it gets plumbed through correctly.

This also rolls third_party/openssl to r270417:
------------------------------------------------------------------------
r269864 | [email protected] | 2014-05-12 16:21:12 -0400 (Mon, 12 May 2014) | 7 lines

Add SSL_get_client_certificate_types.

Exposes the certificate_types parameter in a CertificateRequest.

BUG=165446

Review URL: https://codereview.chromium.org/254723002
------------------------------------------------------------------------
r270417 | [email protected] | 2014-05-14 12:27:52 -0400 (Wed, 14 May 2014) | 10 lines

Refactor ssl3_send_client_verify.

The original logic was a confusing spaghetti and mixed up initialization for
all the different cases together. Tidy it up in preparation for having to
adjust this logic later to support asynchronous crypto operations.

BUG=none
[email protected]

Review URL: https://codereview.chromium.org//284693002
------------------------------------------------------------------------


BUG=165446

Review URL: https://codereview.chromium.org/257513008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271765 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h
index c5b7556..5d70c052 100644
--- a/net/socket/ssl_client_socket_openssl.h
+++ b/net/socket/ssl_client_socket_openssl.h

@@ -16,6 +16,7 @@
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
 #include "net/ssl/server_bound_cert_service.h"
+#include "net/ssl/ssl_client_cert_type.h"
 #include "net/ssl/ssl_config_service.h"
 
 // Avoid including misc OpenSSL headers, i.e.:
@@ -197,6 +198,9 @@
   // List of DER-encoded X.509 DistinguishedName of certificate authorities
   // allowed by the server.
   std::vector<std::string> cert_authorities_;
+  // List of SSLClientCertType values for client certificates allowed by the
+  // server.
+  std::vector<SSLClientCertType> cert_key_types_;
 
   CertVerifier* const cert_verifier_;
   scoped_ptr<SingleRequestCertVerifier> verifier_;