OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 477 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
488 | 488 |
489 if (identity_.get()) { | 489 if (identity_.get()) { |
490 identity = static_cast<NSSIdentity *>(identity_.get()); | 490 identity = static_cast<NSSIdentity *>(identity_.get()); |
491 } else { | 491 } else { |
492 LOG(LS_ERROR) << "Can't be an SSL server without an identity"; | 492 LOG(LS_ERROR) << "Can't be an SSL server without an identity"; |
493 Error("BeginSSL", -1, false); | 493 Error("BeginSSL", -1, false); |
494 return -1; | 494 return -1; |
495 } | 495 } |
496 rv = SSL_ConfigSecureServer(ssl_fd_, identity->certificate().certificate(), | 496 rv = SSL_ConfigSecureServer(ssl_fd_, identity->certificate().certificate(), |
497 identity->keypair()->privkey(), | 497 identity->keypair()->privkey(), |
498 kt_rsa); | 498 identity->keypair()->ssl_kea_type()); |
499 if (rv != SECSuccess) { | 499 if (rv != SECSuccess) { |
500 Error("BeginSSL", -1, false); | 500 Error("BeginSSL", -1, false); |
501 return -1; | 501 return -1; |
502 } | 502 } |
503 | 503 |
504 // Insist on a certificate from the client | 504 // Insist on a certificate from the client |
505 rv = SSL_OptionSet(ssl_fd_, SSL_REQUEST_CERTIFICATE, PR_TRUE); | 505 rv = SSL_OptionSet(ssl_fd_, SSL_REQUEST_CERTIFICATE, PR_TRUE); |
506 if (rv != SECSuccess) { | 506 if (rv != SECSuccess) { |
507 Error("BeginSSL", -1, false); | 507 Error("BeginSSL", -1, false); |
508 return -1; | 508 return -1; |
(...skipping 591 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1100 return kDefaultSslCipher10; | 1100 return kDefaultSslCipher10; |
1101 case SSL_PROTOCOL_TLS_12: | 1101 case SSL_PROTOCOL_TLS_12: |
1102 default: | 1102 default: |
1103 return kDefaultSslCipher12; | 1103 return kDefaultSslCipher12; |
1104 } | 1104 } |
1105 } | 1105 } |
1106 | 1106 |
1107 } // namespace rtc | 1107 } // namespace rtc |
1108 | 1108 |
1109 #endif // HAVE_NSS_SSL_H | 1109 #endif // HAVE_NSS_SSL_H |
OLD | NEW |