OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
7 | 7 |
8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 | 8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 |
9 // until NSS 3.12.2 comes out and we update to it. | 9 // until NSS 3.12.2 comes out and we update to it. |
10 #define Lock FOO_NSS_Lock | 10 #define Lock FOO_NSS_Lock |
11 #include <certt.h> | 11 #include <certt.h> |
12 #undef Lock | 12 #undef Lock |
| 13 #include <keyt.h> |
13 #include <nspr.h> | 14 #include <nspr.h> |
14 #include <nss.h> | 15 #include <nss.h> |
| 16 |
15 #include <string> | 17 #include <string> |
| 18 #include <vector> |
16 | 19 |
17 #include "base/scoped_ptr.h" | 20 #include "base/scoped_ptr.h" |
18 #include "net/base/cert_verify_result.h" | 21 #include "net/base/cert_verify_result.h" |
19 #include "net/base/completion_callback.h" | 22 #include "net/base/completion_callback.h" |
20 #include "net/base/nss_memio.h" | 23 #include "net/base/nss_memio.h" |
21 #include "net/base/ssl_config_service.h" | 24 #include "net/base/ssl_config_service.h" |
22 #include "net/socket/ssl_client_socket.h" | 25 #include "net/socket/ssl_client_socket.h" |
23 | 26 |
24 namespace net { | 27 namespace net { |
25 | 28 |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 int Init(); | 73 int Init(); |
71 int BufferSend(void); | 74 int BufferSend(void); |
72 int BufferRecv(void); | 75 int BufferRecv(void); |
73 void BufferSendComplete(int result); | 76 void BufferSendComplete(int result); |
74 void BufferRecvComplete(int result); | 77 void BufferRecvComplete(int result); |
75 | 78 |
76 // NSS calls this when checking certificates. We pass 'this' as the first | 79 // NSS calls this when checking certificates. We pass 'this' as the first |
77 // argument. | 80 // argument. |
78 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, | 81 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, |
79 PRBool checksig, PRBool is_server); | 82 PRBool checksig, PRBool is_server); |
| 83 // NSS calls this when client authentication is requested. |
| 84 static SECStatus ClientAuthHandler(void* arg, |
| 85 PRFileDesc* socket, |
| 86 CERTDistNames* ca_names, |
| 87 CERTCertificate** result_certificate, |
| 88 SECKEYPrivateKey** result_private_key); |
80 // NSS calls this when handshake is completed. We pass 'this' as the second | 89 // NSS calls this when handshake is completed. We pass 'this' as the second |
81 // argument. | 90 // argument. |
82 static void HandshakeCallback(PRFileDesc* socket, void* arg); | 91 static void HandshakeCallback(PRFileDesc* socket, void* arg); |
83 | 92 |
84 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; | 93 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; |
85 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; | 94 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; |
86 bool transport_send_busy_; | 95 bool transport_send_busy_; |
87 bool transport_recv_busy_; | 96 bool transport_recv_busy_; |
88 scoped_refptr<IOBuffer> recv_buffer_; | 97 scoped_refptr<IOBuffer> recv_buffer_; |
89 | 98 |
90 CompletionCallbackImpl<SSLClientSocketNSS> io_callback_; | 99 CompletionCallbackImpl<SSLClientSocketNSS> io_callback_; |
91 scoped_ptr<ClientSocket> transport_; | 100 scoped_ptr<ClientSocket> transport_; |
92 std::string hostname_; | 101 std::string hostname_; |
93 SSLConfig ssl_config_; | 102 SSLConfig ssl_config_; |
94 | 103 |
95 CompletionCallback* user_connect_callback_; | 104 CompletionCallback* user_connect_callback_; |
96 CompletionCallback* user_callback_; | 105 CompletionCallback* user_callback_; |
97 | 106 |
98 // Used by both Read and Write functions. | 107 // Used by both Read and Write functions. |
99 scoped_refptr<IOBuffer> user_buf_; | 108 scoped_refptr<IOBuffer> user_buf_; |
100 int user_buf_len_; | 109 int user_buf_len_; |
101 | 110 |
102 // Set when handshake finishes. | 111 // Set when handshake finishes. |
103 scoped_refptr<X509Certificate> server_cert_; | 112 scoped_refptr<X509Certificate> server_cert_; |
104 CertVerifyResult server_cert_verify_result_; | 113 CertVerifyResult server_cert_verify_result_; |
105 | 114 |
| 115 // Stores client authentication information between ClientAuthHandler calls |
| 116 CERTDistNames* client_auth_ca_names_; |
| 117 bool client_auth_cert_needed_; |
| 118 |
106 scoped_ptr<CertVerifier> verifier_; | 119 scoped_ptr<CertVerifier> verifier_; |
107 | 120 |
108 bool completed_handshake_; | 121 bool completed_handshake_; |
109 | 122 |
110 enum State { | 123 enum State { |
111 STATE_NONE, | 124 STATE_NONE, |
112 STATE_HANDSHAKE_READ, | 125 STATE_HANDSHAKE_READ, |
113 STATE_VERIFY_CERT, | 126 STATE_VERIFY_CERT, |
114 STATE_VERIFY_CERT_COMPLETE, | 127 STATE_VERIFY_CERT_COMPLETE, |
115 STATE_PAYLOAD_WRITE, | 128 STATE_PAYLOAD_WRITE, |
116 STATE_PAYLOAD_READ, | 129 STATE_PAYLOAD_READ, |
117 }; | 130 }; |
118 State next_state_; | 131 State next_state_; |
119 | 132 |
120 // The NSS SSL state machine | 133 // The NSS SSL state machine |
121 PRFileDesc* nss_fd_; | 134 PRFileDesc* nss_fd_; |
122 | 135 |
123 // Buffers for the network end of the SSL state machine | 136 // Buffers for the network end of the SSL state machine |
124 memio_Private* nss_bufs_; | 137 memio_Private* nss_bufs_; |
125 | 138 |
126 static bool nss_options_initialized_; | 139 static bool nss_options_initialized_; |
127 }; | 140 }; |
128 | 141 |
129 } // namespace net | 142 } // namespace net |
130 | 143 |
131 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 144 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
OLD | NEW |