Fixes the remaining unit tests failures for OpenSSL:

- implements basic client certificate support in ssl socket - adds special-case IP address support to allow SSL connections to the test server (iff there is a trusted certificate in the store with 127.0.0.1 in its name) - enables the test server for loading the temporary cert - implements the DES encryptor (removed TODO about refactoring the file layout as it's already covered by a TODO in the .h file) - disabled KeygenHandler tests, as this is not implemented for openssl - disables the (firefox) importer unittests. BUG=None TEST=net_unittests now run green Review URL: http://codereview.chromium.org/5195001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@67990 0039d316-1c4b-4281-b951-d872f2087c98
author: joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-12-02 10:04:10 +0000
committer: joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-12-02 10:04:10 +0000
commit: 718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5 (patch)
tree: a96e859ea1efeec2bc25ae76bdbf317e631c0d1c /net/base/x509_certificate_openssl.cc
parent: 9c635f24128b5638dac833499fb1fd5ee2be6375 (diff)
download: chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.zip
chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.tar.gz
chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.tar.bz2
1 files changed, 14 insertions, 11 deletions
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc
index d2c7653..abddd97 100644
--- a/net/base/x509_certificate_openssl.cc
+++ b/net/base/x509_certificate_openssl.cc
@@ -425,19 +425,22 @@ int X509Certificate::Verify(const std::string& hostname,
                                cert_handle_, intermediates.get());
   CHECK_EQ(1, rv);
 
-  if (X509_verify_cert(ctx.get()) == 1) {
-    return OK;
+  if (X509_verify_cert(ctx.get()) != 1) {
+    int x509_error = X509_STORE_CTX_get_error(ctx.get());
+    int cert_status = MapCertErrorToCertStatus(x509_error);
+    LOG(ERROR) << "X509 Verification error "
+        << X509_verify_cert_error_string(x509_error)
+        << " : " << x509_error
+        << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
+        << " : " << cert_status;
+    verify_result->cert_status |= cert_status;
+    return MapCertStatusToNetError(verify_result->cert_status);
   }
 
-  int x509_error = X509_STORE_CTX_get_error(ctx.get());
-  int cert_status = MapCertErrorToCertStatus(x509_error);
-  LOG(ERROR) << "X509 Verification error "
-      << X509_verify_cert_error_string(x509_error)
-      << " : " << x509_error
-      << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
-      << " : " << cert_status;
-  verify_result->cert_status |= cert_status;
-  return MapCertStatusToNetError(verify_result->cert_status);
+  if (IsCertStatusError(verify_result->cert_status))
+    return MapCertStatusToNetError(verify_result->cert_status);
+
+  return OK;
 }
 
 // static
author	joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-12-02 10:04:10 +0000
committer	joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-12-02 10:04:10 +0000
commit	718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5 (patch)
tree	a96e859ea1efeec2bc25ae76bdbf317e631c0d1c /net/base/x509_certificate_openssl.cc
parent	9c635f24128b5638dac833499fb1fd5ee2be6375 (diff)
download	chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.zip chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.tar.gz chromium_src-718c967f73fbdc4193e11930e5fe3bb5ff6ab6a5.tar.bz2