diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-23 20:50:19 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-23 20:50:19 +0000 |
| commit | ce0825e1eff8630e5e0bec6d9204f3682982385d (patch) | |
| tree | 5d72b8eebac3848b2878fe6ae1d11a76b55e7695 /net | |
| parent | e70c6a8ce0d7a9e426c7247f5b771bed1b9eae4a (diff) | |
| download | chromium_src-ce0825e1eff8630e5e0bec6d9204f3682982385d.zip chromium_src-ce0825e1eff8630e5e0bec6d9204f3682982385d.tar.gz chromium_src-ce0825e1eff8630e5e0bec6d9204f3682982385d.tar.bz2 | |
Obtain the cipher suite from the Mac Secure Transport and
Windows SChannel.
R=agl
BUG=49699
TEST=Run Chrome with the --use-system-ssl command-line option on
Mac and Windows. Visit an HTTPS site. Click the lock icon on
the left of the location bar. The Security Information dialog
should display the SSL cipher suite info.
Review URL: http://codereview.chromium.org/3042015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53511 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/socket/ssl_client_socket_mac.cc | 6 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_win.cc | 17 |
2 files changed, 22 insertions, 1 deletions
diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc index c3c7d7a..4ee9c23 100644 --- a/net/socket/ssl_client_socket_mac.cc +++ b/net/socket/ssl_client_socket_mac.cc @@ -653,8 +653,12 @@ void SSLClientSocketMac::GetSSLInfo(SSLInfo* ssl_info) { // security info SSLCipherSuite suite; OSStatus status = SSLGetNegotiatedCipher(ssl_context_, &suite); - if (!status) + if (!status) { ssl_info->security_bits = KeySizeOfCipherSuite(suite); + ssl_info->connection_status |= + (suite & SSL_CONNECTION_CIPHERSUITE_MASK) << + SSL_CONNECTION_CIPHERSUITE_SHIFT; + } if (ssl_config_.ssl3_fallback) ssl_info->connection_status |= SSL_CONNECTION_SSL3_FALLBACK; diff --git a/net/socket/ssl_client_socket_win.cc b/net/socket/ssl_client_socket_win.cc index 0484ebd..77a553c 100644 --- a/net/socket/ssl_client_socket_win.cc +++ b/net/socket/ssl_client_socket_win.cc @@ -353,6 +353,23 @@ void SSLClientSocketWin::GetSSLInfo(SSLInfo* ssl_info) { // normalized. ssl_info->security_bits = connection_info.dwCipherStrength; } + // SecPkgContext_CipherInfo comes from CNG and is available on Vista or + // later only. On XP, the next QueryContextAttributes call fails with + // SEC_E_UNSUPPORTED_FUNCTION (0x80090302), so ssl_info->connection_status + // won't contain the cipher suite. If this is a problem, we can build the + // cipher suite from the aiCipher, aiHash, and aiExch fields of + // SecPkgContext_ConnectionInfo based on Appendix C of RFC 5246. + SecPkgContext_CipherInfo cipher_info = { SECPKGCONTEXT_CIPHERINFO_V1 }; + status = QueryContextAttributes( + &ctxt_, SECPKG_ATTR_CIPHER_INFO, &cipher_info); + if (status == SEC_E_OK) { + // TODO(wtc): find out what the cipher_info.dwBaseCipherSuite field is. + ssl_info->connection_status |= + (cipher_info.dwCipherSuite & SSL_CONNECTION_CIPHERSUITE_MASK) << + SSL_CONNECTION_CIPHERSUITE_SHIFT; + // SChannel doesn't support TLS compression, so cipher_info doesn't have + // any field related to the compression method. + } if (ssl_config_.ssl3_fallback) ssl_info->connection_status |= SSL_CONNECTION_SSL3_FALLBACK; |