diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-11 00:41:48 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-11 00:41:48 +0000 |
| commit | 75404f6f4d32d4e23765e71a3782a235957b14e4 (patch) | |
| tree | 1901d2b3f08fbf1afa0a68e83dd8831a33389586 /net/socket | |
| parent | 3d427fb6d3da1927e9dac29ec6d8b5c46e853d37 (diff) | |
| download | chromium_src-75404f6f4d32d4e23765e71a3782a235957b14e4.zip chromium_src-75404f6f4d32d4e23765e71a3782a235957b14e4.tar.gz chromium_src-75404f6f4d32d4e23765e71a3782a235957b14e4.tar.bz2 | |
Remove vestigal traces of the TLS Cached Info Extension support
Chrome no longer carries the patch to NSS to enable this support; remove the
traces that exist in Chrome to support it.
BUG=none
R=wtc
TBR=brettw
Review URL: https://codereview.chromium.org/122573004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@244285 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket')
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 71 | ||||
| -rw-r--r-- | net/socket/ssl_server_socket_unittest.cc | 1 |
2 files changed, 0 insertions, 72 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 203ea9e..b46ebbd 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -271,11 +271,6 @@ BOOL WINAPI ClientCertFindCallback(PCCERT_CONTEXT cert_context, #endif -void DestroyCertificates(CERTCertificate** certs, size_t len) { - for (size_t i = 0; i < len; i++) - CERT_DestroyCertificate(certs[i]); -} - // Helper functions to make it possible to log events from within the // SSLClientSocketNSS::Core. void AddLogEvent(const base::WeakPtr<BoundNetLog>& net_log, @@ -615,13 +610,6 @@ class SSLClientSocketNSS::Core : public base::RefCountedThreadSafe<Core> { bool Init(PRFileDesc* socket, memio_Private* buffers); // Called on the network task runner. - // Sets the predicted certificate chain that the peer will send, for use - // with the TLS CachedInfo extension. If called, it must not be called - // before Init() or after Connect(). - void SetPredictedCertificates( - const std::vector<std::string>& predicted_certificates); - - // Called on the network task runner. // // Attempts to perform an SSL handshake. If the handshake cannot be // completed synchronously, returns ERR_IO_PENDING, invoking |callback| on @@ -1064,57 +1052,6 @@ bool SSLClientSocketNSS::Core::Init(PRFileDesc* socket, return true; } -void SSLClientSocketNSS::Core::SetPredictedCertificates( - const std::vector<std::string>& predicted_certs) { - if (predicted_certs.empty()) - return; - - if (!OnNSSTaskRunner()) { - DCHECK(!detached_); - nss_task_runner_->PostTask( - FROM_HERE, - base::Bind(&Core::SetPredictedCertificates, this, predicted_certs)); - return; - } - - DCHECK(nss_fd_); - - predicted_certs_ = predicted_certs; - - scoped_ptr<CERTCertificate*[]> certs( - new CERTCertificate*[predicted_certs.size()]); - - for (size_t i = 0; i < predicted_certs.size(); i++) { - SECItem derCert; - derCert.data = const_cast<uint8*>(reinterpret_cast<const uint8*>( - predicted_certs[i].data())); - derCert.len = predicted_certs[i].size(); - certs[i] = CERT_NewTempCertificate( - CERT_GetDefaultCertDB(), &derCert, NULL /* no nickname given */, - PR_FALSE /* not permanent */, PR_TRUE /* copy DER data */); - if (!certs[i]) { - DestroyCertificates(&certs[0], i); - NOTREACHED(); - return; - } - } - - SECStatus rv; -#ifdef SSL_ENABLE_CACHED_INFO - rv = SSL_SetPredictedPeerCertificates(nss_fd_, certs.get(), - predicted_certs.size()); - DCHECK_EQ(SECSuccess, rv); -#else - rv = SECFailure; // Not implemented. -#endif - DestroyCertificates(&certs[0], predicted_certs.size()); - - if (rv != SECSuccess) { - LOG(WARNING) << "SetPredictedCertificates failed: " - << host_and_port_.ToString(); - } -} - int SSLClientSocketNSS::Core::Connect(const CompletionCallback& callback) { if (!OnNSSTaskRunner()) { DCHECK(!detached_); @@ -3268,14 +3205,6 @@ int SSLClientSocketNSS::InitializeSSLOptions() { "SSL_ENABLE_SIGNED_CERT_TIMESTAMPS"); } -// Chromium patch to libssl -#ifdef SSL_ENABLE_CACHED_INFO - rv = SSL_OptionSet(nss_fd_, SSL_ENABLE_CACHED_INFO, - ssl_config_.cached_info_enabled); - if (rv != SECSuccess) - LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_ENABLE_CACHED_INFO"); -#endif - rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE); if (rv != SECSuccess) { LogFailedNSSFunction(net_log_, "SSL_OptionSet", "SSL_HANDSHAKE_AS_CLIENT"); diff --git a/net/socket/ssl_server_socket_unittest.cc b/net/socket/ssl_server_socket_unittest.cc index d5d04b20..79af3c0 100644 --- a/net/socket/ssl_server_socket_unittest.cc +++ b/net/socket/ssl_server_socket_unittest.cc @@ -331,7 +331,6 @@ class SSLServerSocketTest : public PlatformTest { crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); net::SSLConfig ssl_config; - ssl_config.cached_info_enabled = false; ssl_config.false_start_enabled = false; ssl_config.channel_id_enabled = false; |