Implement SSLClientSocketPool.

net/socket/ssl_client_socket_nss.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
 // from AuthCertificateCallback() in
 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
 
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
@@ skipping 55 matching lines @@
 #include "base/string_util.h"
 #include "net/base/address_list.h"
 #include "net/base/cert_verifier.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_log.h"
 #include "net/base/net_errors.h"
 #include "net/base/ssl_cert_request_info.h"
 #include "net/base/ssl_info.h"
 #include "net/base/sys_addrinfo.h"
 #include "net/ocsp/nss_ocsp.h"
+#include "net/socket/client_socket_handle.h"
 
 static const int kRecvBufferSize = 4096;
 
 namespace net {
 
 // State machines are easier to debug if you log state transitions.
 // Enable these if you want to see what's going on.
 #if 1
 #define EnterFunction(x)
 #define LeaveFunction(x)
@@ skipping 184 matching lines @@
 
 #endif
 
 }  // namespace
 
 #if defined(OS_WIN)
 // static
 HCERTSTORE SSLClientSocketNSS::cert_store_ = NULL;
 #endif
 
-SSLClientSocketNSS::SSLClientSocketNSS(ClientSocket* transport_socket,
+SSLClientSocketNSS::SSLClientSocketNSS(ClientSocketHandle* transport_socket,
                                        const std::string& hostname,
                                        const SSLConfig& ssl_config)
     : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_(
           this, &SSLClientSocketNSS::BufferSendComplete)),
       ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_(
           this, &SSLClientSocketNSS::BufferRecvComplete)),
       transport_send_busy_(false),
       transport_recv_busy_(false),
       ALLOW_THIS_IN_INITIALIZER_LIST(handshake_io_callback_(
           this, &SSLClientSocketNSS::OnHandshakeIOComplete)),
       transport_(transport_socket),
       hostname_(hostname),
       ssl_config_(ssl_config),
       user_connect_callback_(NULL),
       user_read_callback_(NULL),
       user_write_callback_(NULL),
       user_read_buf_len_(0),
       user_write_buf_len_(0),
       server_cert_nss_(NULL),
       client_auth_cert_needed_(false),
       handshake_callback_called_(false),
       completed_handshake_(false),
       next_handshake_state_(STATE_NONE),
       nss_fd_(NULL),
       nss_bufs_(NULL),
-      net_log_(transport_socket->NetLog()) {
+      net_log_(transport_socket->socket()->NetLog()) {
   EnterFunction("");
 }
 
 SSLClientSocketNSS::~SSLClientSocketNSS() {
   EnterFunction("");
   Disconnect();
   LeaveFunction("");
 }
 
 int SSLClientSocketNSS::Init() {
@@ skipping 53 matching lines @@
 int SSLClientSocketNSS::InitializeSSLOptions() {
   // Transport connected, now hook it up to nss
   // TODO(port): specify rx and tx buffer sizes separately
   nss_fd_ = memio_CreateIOLayer(kRecvBufferSize);
   if (nss_fd_ == NULL) {
     return ERR_OUT_OF_MEMORY;  // TODO(port): map NSPR error code.
   }
 
   // Tell NSS who we're connected to
   AddressList peer_address;
-  int err = transport_->GetPeerAddress(&peer_address);
+  int err = transport_->socket()->GetPeerAddress(&peer_address);
   if (err != OK)
     return err;
 
   const struct addrinfo* ai = peer_address.head();
 
   PRNetAddr peername;
   memset(&peername, 0, sizeof(peername));
   DCHECK_LE(ai->ai_addrlen, sizeof(peername));
   size_t len = std::min(static_cast<size_t>(ai->ai_addrlen), sizeof(peername));
   memcpy(&peername, ai->ai_addr, len);
@@ skipping 150 matching lines @@
   // TODO(wtc): Send SSL close_notify alert.
   if (nss_fd_ != NULL) {
     InvalidateSessionIfBadCertificate();
     PR_Close(nss_fd_);
     nss_fd_ = NULL;
   }
 
   // Shut down anything that may call us back (through buffer_send_callback_,
   // buffer_recv_callback, or handshake_io_callback_).
   verifier_.reset();
-  transport_->Disconnect();
+  transport_->socket()->Disconnect();
 
   // Reset object state
   transport_send_busy_   = false;
   transport_recv_busy_   = false;
   user_connect_callback_ = NULL;
   user_read_callback_    = NULL;
   user_write_callback_   = NULL;
   user_read_buf_         = NULL;
   user_read_buf_len_     = 0;
   user_write_buf_        = NULL;
@@ skipping 13 matching lines @@
 }
 
 bool SSLClientSocketNSS::IsConnected() const {
   // Ideally, we should also check if we have received the close_notify alert
   // message from the server, and return false in that case.  We're not doing
   // that, so this function may return a false positive.  Since the upper
   // layer (HttpNetworkTransaction) needs to handle a persistent connection
   // closed by the server when we send a request anyway, a false positive in
   // exchange for simpler code is a good trade-off.
   EnterFunction("");
-  bool ret = completed_handshake_ && transport_->IsConnected();
+  bool ret = completed_handshake_ && transport_->socket()->IsConnected();
   LeaveFunction("");
   return ret;
 }
 
 bool SSLClientSocketNSS::IsConnectedAndIdle() const {
   // Unlike IsConnected, this method doesn't return a false positive.
   //
   // Strictly speaking, we should check if we have received the close_notify
   // alert message from the server, and return false in that case.  Although
   // the close_notify alert message means EOF in the SSL layer, it is just
-  // bytes to the transport layer below, so transport_->IsConnectedAndIdle()
-  // returns the desired false when we receive close_notify.
+  // bytes to the transport layer below, so
+  // transport_->socket()->IsConnectedAndIdle() returns the desired false
+  // when we receive close_notify.
   EnterFunction("");
-  bool ret = completed_handshake_ && transport_->IsConnectedAndIdle();
+  bool ret = completed_handshake_ && transport_->socket()->IsConnectedAndIdle();
   LeaveFunction("");
   return ret;
 }
 
 int SSLClientSocketNSS::GetPeerAddress(AddressList* address) const {
-  return transport_->GetPeerAddress(address);
+  return transport_->socket()->GetPeerAddress(address);
 }
 
 int SSLClientSocketNSS::Read(IOBuffer* buf, int buf_len,
                              CompletionCallback* callback) {
   EnterFunction(buf_len);
   DCHECK(completed_handshake_);
   DCHECK(next_handshake_state_ == STATE_NONE);
   DCHECK(!user_read_callback_);
   DCHECK(!user_connect_callback_);
   DCHECK(!user_read_buf_);
@@ skipping 33 matching lines @@
     user_write_callback_ = callback;
   } else {
     user_write_buf_ = NULL;
     user_write_buf_len_ = 0;
   }
   LeaveFunction(rv);
   return rv;
 }
 
 bool SSLClientSocketNSS::SetReceiveBufferSize(int32 size) {
-  return transport_->SetReceiveBufferSize(size);
+  return transport_->socket()->SetReceiveBufferSize(size);
 }
 
 bool SSLClientSocketNSS::SetSendBufferSize(int32 size) {
-  return transport_->SetSendBufferSize(size);
+  return transport_->socket()->SetSendBufferSize(size);
 }
 
 #if defined(OS_WIN)
 // static
 X509Certificate::OSCertHandle SSLClientSocketNSS::CreateOSCert(
     const SECItem& der_cert) {
   // TODO(wtc): close cert_store_ at shutdown.
   if (!cert_store_)
     cert_store_ = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL, 0, NULL);
 
@@ skipping 336 matching lines @@
   // nss_bufs_ is a circular buffer.  It may have two contiguous parts
   // (before and after the wrap).  So this for loop needs two iterations.
   for (int i = 0; i < 2; ++i) {
     const char* buf;
     int nb = memio_GetWriteParams(nss_bufs_, &buf);
     if (!nb)
       break;
 
     scoped_refptr<IOBuffer> send_buffer = new IOBuffer(nb);
     memcpy(send_buffer->data(), buf, nb);
-    int rv = transport_->Write(send_buffer, nb, &buffer_send_callback_);
+    int rv = transport_->socket()->Write(send_buffer, nb,
+                                         &buffer_send_callback_);
     if (rv == ERR_IO_PENDING) {
       transport_send_busy_ = true;
       break;
     } else {
       memio_PutWriteResult(nss_bufs_, MapErrorToNSS(rv));
       if (rv < 0) {
         // Return the error even if the previous Write succeeded.
         nsent = rv;
         break;
       }
@@ skipping 19 matching lines @@
 
   char *buf;
   int nb = memio_GetReadParams(nss_bufs_, &buf);
   EnterFunction(nb);
   int rv;
   if (!nb) {
     // buffer too full to read into, so no I/O possible at moment
     rv = ERR_IO_PENDING;
   } else {
     recv_buffer_ = new IOBuffer(nb);
-    rv = transport_->Read(recv_buffer_, nb, &buffer_recv_callback_);
+    rv = transport_->socket()->Read(recv_buffer_, nb, &buffer_recv_callback_);
     if (rv == ERR_IO_PENDING) {
       transport_recv_busy_ = true;
     } else {
       if (rv > 0)
         memcpy(buf, recv_buffer_->data(), rv);
       memio_PutReadResult(nss_bufs_, MapErrorToNSS(rv));
       recv_buffer_ = NULL;
     }
   }
   LeaveFunction(rv);
@@ skipping 481 matching lines @@
   PRErrorCode prerr = PR_GetError();
   if (prerr == PR_WOULD_BLOCK_ERROR) {
     LeaveFunction("");
     return ERR_IO_PENDING;
   }
   LeaveFunction("");
   return MapNSPRError(prerr);
 }
 
 }  // namespace net