diff options
author | Michal Klocek <michal.klocek@qt.io> | 2022-11-09 17:34:06 +0100 |
---|---|---|
committer | Michal Klocek <michal.klocek@qt.io> | 2022-11-22 08:26:09 +0100 |
commit | c52afb2206ccfa46b1a09ef7af2cb0ae210e3b79 (patch) | |
tree | 574dc1ef28e32a05e429037d333e347d90eebb12 /src/core/net/client_cert_override.cpp | |
parent | daaac7adb519e82b21a2f826ef6ae83c4f102a62 (diff) |
Minor. Remove Override from client certificate store
Change 'Override" in favor of 'Qt' so it matches the rest
of the source base.
Pick-to: 6.4
Change-Id: I0ba614ed3017a8d7e0ba5fc703b3f04c28b5ead7
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'src/core/net/client_cert_override.cpp')
-rw-r--r-- | src/core/net/client_cert_override.cpp | 149 |
1 files changed, 0 insertions, 149 deletions
diff --git a/src/core/net/client_cert_override.cpp b/src/core/net/client_cert_override.cpp deleted file mode 100644 index d1946de5d..000000000 --- a/src/core/net/client_cert_override.cpp +++ /dev/null @@ -1,149 +0,0 @@ -// Copyright (C) 2018 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only - -#include "client_cert_override.h" - -#include "base/bind.h" -#include "base/task/post_task.h" -#include "base/callback_forward.h" -#include "content/public/browser/browser_task_traits.h" -#include "crypto/crypto_buildflags.h" -#include "net/ssl/client_cert_store.h" -#include "net/ssl/ssl_cert_request_info.h" -#include "net/ssl/ssl_private_key.h" -#include "net/cert/x509_certificate.h" -#include "third_party/boringssl/src/include/openssl/pem.h" -#include "third_party/boringssl/src/include/openssl/err.h" -#include "third_party/boringssl/src/include/openssl/evp.h" - -#include "client_cert_store_data.h" -#include "profile_io_data_qt.h" - -#include <QtNetwork/qtnetworkglobal.h> - -#if BUILDFLAG(USE_NSS_CERTS) -#include "net/ssl/client_cert_store_nss.h" -#endif - -#if defined(Q_OS_WIN) -#include "net/ssl/client_cert_store_win.h" -#endif - -#if BUILDFLAG(IS_MAC) -#include "net/ssl/client_cert_store_mac.h" -#endif - -namespace { - -class ClientCertIdentityOverride : public net::ClientCertIdentity -{ -public: - ClientCertIdentityOverride(scoped_refptr<net::X509Certificate> cert, scoped_refptr<net::SSLPrivateKey> key) - : net::ClientCertIdentity(std::move(cert)), m_key(std::move(key)) {} - ~ClientCertIdentityOverride() override = default; - - void AcquirePrivateKey(base::OnceCallback<void(scoped_refptr<net::SSLPrivateKey>)> private_key_callback) override - { - std::move(private_key_callback).Run(m_key); - } - -private: - scoped_refptr<net::SSLPrivateKey> m_key; -}; - -} // namespace - -namespace QtWebEngineCore { - -ClientCertOverrideStore::ClientCertOverrideStore(ClientCertificateStoreData *storeData) - : ClientCertStore() - , m_storeData(storeData) - , m_nativeStore(createNativeStore()) -{ -} - -ClientCertOverrideStore::~ClientCertOverrideStore() = default; - -#if QT_CONFIG(ssl) -net::ClientCertIdentityList ClientCertOverrideStore::GetClientCertsOnUIThread(const net::SSLCertRequestInfo &cert_request_info) -{ - DCHECK_CURRENTLY_ON(content::BrowserThread::UI); - const auto &clientCertOverrideData = m_storeData->extraCerts; - - // Look for certificates in memory store - net::ClientCertIdentityList selected_identities; - for (int i = 0; i < clientCertOverrideData.length(); i++) { - scoped_refptr<net::X509Certificate> cert = clientCertOverrideData[i]->certPtr; - if (cert) { - if (cert->HasExpired()) { - qWarning() << "Expired certificate" << clientCertOverrideData[i]; - continue; - } - if (cert_request_info.cert_authorities.empty() - || cert->IsIssuedByEncoded(cert_request_info.cert_authorities)) { - selected_identities.push_back(std::make_unique<ClientCertIdentityOverride>( - cert, clientCertOverrideData[i]->keyPtr)); - } - } - } - return selected_identities; -} - -void ClientCertOverrideStore::GetClientCertsReturn(const net::SSLCertRequestInfo &cert_request_info, - ClientCertListCallback callback, - net::ClientCertIdentityList &&result) -{ - // Continue with native cert store and append them after memory certificates - if (m_nativeStore) { - ClientCertListCallback callback2 = base::BindOnce( - [](ClientCertOverrideStore::ClientCertListCallback callback, - net::ClientCertIdentityList result1, net::ClientCertIdentityList result2) { - while (!result2.empty()) { - result1.push_back(std::move(result2.back())); - result2.pop_back(); - } - std::move(callback).Run(std::move(result1)); - }, - std::move(callback), std::move(result)); - m_nativeStore->GetClientCerts(cert_request_info, std::move(callback2)); - } else { - std::move(callback).Run(std::move(result)); - } -} - -#endif // QT_CONFIG(ssl) - -void ClientCertOverrideStore::GetClientCerts(const net::SSLCertRequestInfo &cert_request_info, - ClientCertListCallback callback) -{ -#if QT_CONFIG(ssl) - // Access the user-provided data from the UI thread, but return on whatever thread this is. - bool ok = base::PostTaskAndReplyWithResult( - FROM_HERE, { content::BrowserThread::UI }, - base::BindOnce(&ClientCertOverrideStore::GetClientCertsOnUIThread, - base::Unretained(this), std::cref(cert_request_info)), - base::BindOnce(&ClientCertOverrideStore::GetClientCertsReturn, - base::Unretained(this), std::cref(cert_request_info), std::move(callback))); - DCHECK(ok); // callback is already moved and we can't really recover here. -#else - if (m_nativeStore) - m_nativeStore->GetClientCerts(cert_request_info, std::move(callback)); - else - std::move(callback).Run(net::ClientCertIdentityList()); -#endif // QT_CONFIG(ssl) -} - -// static -std::unique_ptr<net::ClientCertStore> ClientCertOverrideStore::createNativeStore() -{ -#if BUILDFLAG(USE_NSS_CERTS) - return std::unique_ptr<net::ClientCertStore>(new net::ClientCertStoreNSS(net::ClientCertStoreNSS::PasswordDelegateFactory())); -#elif defined(Q_OS_WIN) - return std::unique_ptr<net::ClientCertStore>(new net::ClientCertStoreWin()); -#elif BUILDFLAG(IS_MAC) - return std::unique_ptr<net::ClientCertStore>(new net::ClientCertStoreMac()); -#else - return nullptr; -#endif -} -} // namespace QtWebEngineCore |