| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 100 | 100 |
| 101 // serial number | 101 // serial number |
| 102 // temporary reference to serial number inside x509 struct | 102 // temporary reference to serial number inside x509 struct |
| 103 ASN1_INTEGER* asn1_serial_number; | 103 ASN1_INTEGER* asn1_serial_number; |
| 104 if ((serial_number = BN_new()) == NULL || | 104 if ((serial_number = BN_new()) == NULL || |
| 105 !BN_pseudo_rand(serial_number, SERIAL_RAND_BITS, 0, 0) || | 105 !BN_pseudo_rand(serial_number, SERIAL_RAND_BITS, 0, 0) || |
| 106 (asn1_serial_number = X509_get_serialNumber(x509)) == NULL || | 106 (asn1_serial_number = X509_get_serialNumber(x509)) == NULL || |
| 107 !BN_to_ASN1_INTEGER(serial_number, asn1_serial_number)) | 107 !BN_to_ASN1_INTEGER(serial_number, asn1_serial_number)) |
| 108 goto error; | 108 goto error; |
| 109 | 109 |
| 110 if (!X509_set_version(x509, 0L)) // version 1 | 110 if (!X509_set_version(x509, 2L)) // version 3 |
| 111 goto error; | 111 goto error; |
| 112 | 112 |
| 113 // There are a lot of possible components for the name entries. In | 113 // There are a lot of possible components for the name entries. In |
| 114 // our P2P SSL mode however, the certificates are pre-exchanged | 114 // our P2P SSL mode however, the certificates are pre-exchanged |
| 115 // (through the secure XMPP channel), and so the certificate | 115 // (through the secure XMPP channel), and so the certificate |
| 116 // identification is arbitrary. It can't be empty, so we set some | 116 // identification is arbitrary. It can't be empty, so we set some |
| 117 // arbitrary common_name. Note that this certificate goes out in | 117 // arbitrary common_name. Note that this certificate goes out in |
| 118 // clear during SSL negotiation, so there may be a privacy issue in | 118 // clear during SSL negotiation, so there may be a privacy issue in |
| 119 // putting anything recognizable here. | 119 // putting anything recognizable here. |
| 120 if ((name = X509_NAME_new()) == NULL || | 120 if ((name = X509_NAME_new()) == NULL || |
| (...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 461 SSL_CTX_use_PrivateKey(ctx, key_pair_->pkey()) != 1) { | 461 SSL_CTX_use_PrivateKey(ctx, key_pair_->pkey()) != 1) { |
| 462 LogSSLErrors("Configuring key and certificate"); | 462 LogSSLErrors("Configuring key and certificate"); |
| 463 return false; | 463 return false; |
| 464 } | 464 } |
| 465 return true; | 465 return true; |
| 466 } | 466 } |
| 467 | 467 |
| 468 } // namespace rtc | 468 } // namespace rtc |
| 469 | 469 |
| 470 #endif // HAVE_OPENSSL_SSL_H | 470 #endif // HAVE_OPENSSL_SSL_H |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1828433003:
Move to x509 v3 as required by the WebRTC draft. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master