| OLD | NEW |
|---|
| 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
| 4 | 4 |
| 5 #if !defined(DART_IO_SECURE_SOCKET_DISABLED) | 5 #if !defined(DART_IO_SECURE_SOCKET_DISABLED) |
| 6 | 6 |
| 7 #include "platform/globals.h" | 7 #include "platform/globals.h" |
| 8 #if defined(HOST_OS_LINUX) | 8 #if defined(HOST_OS_LINUX) |
| 9 | 9 |
| 10 #include "bin/security_context.h" | 10 #include "bin/security_context.h" |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 44 return; | 44 return; |
| 45 } | 45 } |
| 46 | 46 |
| 47 // On Linux, we use the compiled-in trusted certs as a last resort. First, | 47 // On Linux, we use the compiled-in trusted certs as a last resort. First, |
| 48 // we try to find the trusted certs in various standard locations. A good | 48 // we try to find the trusted certs in various standard locations. A good |
| 49 // discussion of the complexities of this endeavor can be found here: | 49 // discussion of the complexities of this endeavor can be found here: |
| 50 // | 50 // |
| 51 // https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certif
icate-stores-and-platforms/ | 51 // https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certif
icate-stores-and-platforms/ |
| 52 const char* bundle = "/etc/pki/tls/certs/ca-bundle.crt"; | 52 const char* bundle = "/etc/pki/tls/certs/ca-bundle.crt"; |
| 53 const char* cachedir = "/etc/ssl/certs"; | 53 const char* cachedir = "/etc/ssl/certs"; |
| 54 if (File::Exists(bundle)) { | 54 if (File::Exists(NULL, bundle)) { |
| 55 LoadRootCertFile(bundle); | 55 LoadRootCertFile(bundle); |
| 56 return; | 56 return; |
| 57 } | 57 } |
| 58 | 58 |
| 59 if (Directory::Exists(cachedir) == Directory::EXISTS) { | 59 if (Directory::Exists(NULL, cachedir) == Directory::EXISTS) { |
| 60 LoadRootCertCache(cachedir); | 60 LoadRootCertCache(cachedir); |
| 61 return; | 61 return; |
| 62 } | 62 } |
| 63 | 63 |
| 64 // Fall back on the compiled-in certs if the standard locations don't exist, | 64 // Fall back on the compiled-in certs if the standard locations don't exist, |
| 65 // or we aren't on Linux. | 65 // or we aren't on Linux. |
| 66 if (SSL_LOG_STATUS) { | 66 if (SSL_LOG_STATUS) { |
| 67 Log::Print("Trusting compiled-in roots\n"); | 67 Log::Print("Trusting compiled-in roots\n"); |
| 68 } | 68 } |
| 69 AddCompiledInCerts(); | 69 AddCompiledInCerts(); |
| 70 } | 70 } |
| 71 | 71 |
| 72 void SSLCertContext::RegisterCallbacks(SSL* ssl) { | 72 void SSLCertContext::RegisterCallbacks(SSL* ssl) { |
| 73 // No callbacks to register for implementations using BoringSSL's built-in | 73 // No callbacks to register for implementations using BoringSSL's built-in |
| 74 // verification mechanism. | 74 // verification mechanism. |
| 75 } | 75 } |
| 76 | 76 |
| 77 } // namespace bin | 77 } // namespace bin |
| 78 } // namespace dart | 78 } // namespace dart |
| 79 | 79 |
| 80 #endif // defined(HOST_OS_LINUX) | 80 #endif // defined(HOST_OS_LINUX) |
| 81 | 81 |
| 82 #endif // !defined(DART_IO_SECURE_SOCKET_DISABLED) | 82 #endif // !defined(DART_IO_SECURE_SOCKET_DISABLED) |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3001963002:
[dart:io] Namespaces for file IO (Closed)
