-
Notifications
You must be signed in to change notification settings - Fork 15k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
session: api to allow handling certificate verification
- Loading branch information
1 parent
9236adf
commit 40acae6
Showing
14 changed files
with
228 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
// Copyright (c) 2015 GitHub, Inc. | ||
// Use of this source code is governed by the MIT license that can be | ||
// found in the LICENSE file. | ||
|
||
#include "atom/browser/atom_cert_verifier.h" | ||
|
||
#include "atom/browser/browser.h" | ||
#include "atom/common/native_mate_converters/net_converter.h" | ||
#include "content/public/browser/browser_thread.h" | ||
#include "net/base/net_errors.h" | ||
#include "net/cert/x509_certificate.h" | ||
|
||
using content::BrowserThread; | ||
|
||
namespace atom { | ||
|
||
namespace { | ||
|
||
void RunResult(const net::CompletionCallback& callback, bool success) { | ||
DCHECK_CURRENTLY_ON(BrowserThread::UI); | ||
|
||
int result = net::OK; | ||
if (!success) | ||
result = net::ERR_FAILED; | ||
|
||
BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, | ||
base::Bind(callback, result)); | ||
} | ||
|
||
} // namespace | ||
|
||
AtomCertVerifier::AtomCertVerifier() { | ||
Browser::Get()->AddObserver(this); | ||
default_cert_verifier_.reset(net::CertVerifier::CreateDefault()); | ||
} | ||
|
||
AtomCertVerifier::~AtomCertVerifier() { | ||
Browser::Get()->RemoveObserver(this); | ||
} | ||
|
||
int AtomCertVerifier::Verify( | ||
net::X509Certificate* cert, | ||
const std::string& hostname, | ||
const std::string& ocsp_response, | ||
int flags, | ||
net::CRLSet* crl_set, | ||
net::CertVerifyResult* verify_result, | ||
const net::CompletionCallback& callback, | ||
scoped_ptr<Request>* out_req, | ||
const net::BoundNetLog& net_log) { | ||
DCHECK_CURRENTLY_ON(BrowserThread::IO); | ||
|
||
if (!handler_.is_null()) { | ||
BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, | ||
base::Bind(handler_, hostname, | ||
make_scoped_refptr(cert), | ||
base::Bind(&RunResult, callback))); | ||
return net::ERR_IO_PENDING; | ||
} | ||
|
||
return default_cert_verifier_->Verify(cert, hostname, ocsp_response, | ||
flags, crl_set, verify_result, | ||
callback, out_req, net_log); | ||
} | ||
|
||
bool AtomCertVerifier::SupportsOCSPStapling() { | ||
if (handler_.is_null()) | ||
return default_cert_verifier_->SupportsOCSPStapling(); | ||
return false; | ||
} | ||
|
||
void AtomCertVerifier::OnSetCertificateVerifier( | ||
const CertificateVerifier& handler) { | ||
handler_ = handler; | ||
} | ||
|
||
void AtomCertVerifier::OnRemoveCertificateVerifier() { | ||
handler_.Reset(); | ||
} | ||
|
||
} // namespace atom |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
// Copyright (c) 2015 GitHub, Inc. | ||
// Use of this source code is governed by the MIT license that can be | ||
// found in the LICENSE file. | ||
|
||
#ifndef ATOM_BROWSER_ATOM_CERT_VERIFIER_H_ | ||
#define ATOM_BROWSER_ATOM_CERT_VERIFIER_H_ | ||
|
||
#include <string> | ||
|
||
#include "atom/browser/browser_observer.h" | ||
#include "net/cert/cert_verifier.h" | ||
|
||
namespace atom { | ||
|
||
class AtomCertVerifier : public net::CertVerifier, | ||
public BrowserObserver { | ||
public: | ||
AtomCertVerifier(); | ||
~AtomCertVerifier() override; | ||
|
||
// net::CertVerifier: | ||
int Verify(net::X509Certificate* cert, | ||
const std::string& hostname, | ||
const std::string& ocsp_response, | ||
int flags, | ||
net::CRLSet* crl_set, | ||
net::CertVerifyResult* verify_result, | ||
const net::CompletionCallback& callback, | ||
scoped_ptr<Request>* out_req, | ||
const net::BoundNetLog& net_log) override; | ||
bool SupportsOCSPStapling() override; | ||
|
||
protected: | ||
void OnSetCertificateVerifier(const CertificateVerifier& handler) override; | ||
void OnRemoveCertificateVerifier() override; | ||
|
||
private: | ||
scoped_ptr<net::CertVerifier> default_cert_verifier_; | ||
|
||
CertificateVerifier handler_; | ||
|
||
DISALLOW_COPY_AND_ASSIGN(AtomCertVerifier); | ||
}; | ||
|
||
} // namespace atom | ||
|
||
#endif // ATOM_BROWSER_ATOM_CERT_VERIFIER_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters