OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include "base/scoped_ptr.h" | 9 #include "base/scoped_ptr.h" |
| 10 #include "net/base/cert_verify_result.h" |
10 #include "net/base/completion_callback.h" | 11 #include "net/base/completion_callback.h" |
11 #include "net/base/io_buffer.h" | 12 #include "net/base/io_buffer.h" |
12 #include "net/base/ssl_config_service.h" | 13 #include "net/base/ssl_config_service.h" |
13 #include "net/socket/ssl_client_socket.h" | 14 #include "net/socket/ssl_client_socket.h" |
14 #include "net/socket/client_socket_handle.h" | 15 #include "net/socket/client_socket_handle.h" |
15 | 16 |
16 typedef struct bio_st BIO; | 17 typedef struct bio_st BIO; |
17 typedef struct ssl_st SSL; | 18 typedef struct ssl_st SSL; |
18 typedef struct x509_store_ctx_st X509_STORE_CTX; | 19 typedef struct x509_store_ctx_st X509_STORE_CTX; |
19 | 20 |
20 namespace net { | 21 namespace net { |
21 | 22 |
| 23 class CertVerifier; |
22 class SSLCertRequestInfo; | 24 class SSLCertRequestInfo; |
23 class SSLConfig; | 25 class SSLConfig; |
24 class SSLInfo; | 26 class SSLInfo; |
25 | 27 |
26 // An SSL client socket implemented with OpenSSL. | 28 // An SSL client socket implemented with OpenSSL. |
27 class SSLClientSocketOpenSSL : public SSLClientSocket { | 29 class SSLClientSocketOpenSSL : public SSLClientSocket { |
28 public: | 30 public: |
29 // Takes ownership of the transport_socket, which may already be connected. | 31 // Takes ownership of the transport_socket, which may already be connected. |
30 // The given hostname will be compared with the name(s) in the server's | 32 // The given hostname will be compared with the name(s) in the server's |
31 // certificate during the SSL handshake. ssl_config specifies the SSL | 33 // certificate during the SSL handshake. ssl_config specifies the SSL |
(...skipping 29 matching lines...) Expand all Loading... |
61 virtual bool SetSendBufferSize(int32 size); | 63 virtual bool SetSendBufferSize(int32 size); |
62 | 64 |
63 private: | 65 private: |
64 bool InitOpenSSL(); | 66 bool InitOpenSSL(); |
65 bool Init(); | 67 bool Init(); |
66 void DoReadCallback(int result); | 68 void DoReadCallback(int result); |
67 void DoWriteCallback(int result); | 69 void DoWriteCallback(int result); |
68 | 70 |
69 bool DoTransportIO(); | 71 bool DoTransportIO(); |
70 int DoHandshake(); | 72 int DoHandshake(); |
| 73 int DoVerifyCert(int result); |
| 74 int DoVerifyCertComplete(int result); |
71 void DoConnectCallback(int result); | 75 void DoConnectCallback(int result); |
| 76 void InvalidateSessionIfBadCertificate(); |
| 77 X509Certificate* UpdateServerCert(); |
72 | 78 |
73 void OnHandshakeIOComplete(int result); | 79 void OnHandshakeIOComplete(int result); |
74 void OnSendComplete(int result); | 80 void OnSendComplete(int result); |
75 void OnRecvComplete(int result); | 81 void OnRecvComplete(int result); |
76 | 82 |
77 int DoHandshakeLoop(int last_io_result); | 83 int DoHandshakeLoop(int last_io_result); |
78 int DoReadLoop(int result); | 84 int DoReadLoop(int result); |
79 int DoWriteLoop(int result); | 85 int DoWriteLoop(int result); |
80 int DoPayloadRead(); | 86 int DoPayloadRead(); |
81 int DoPayloadWrite(); | 87 int DoPayloadWrite(); |
(...skipping 17 matching lines...) Expand all Loading... |
99 CompletionCallback* user_write_callback_; | 105 CompletionCallback* user_write_callback_; |
100 | 106 |
101 // Used by Read function. | 107 // Used by Read function. |
102 scoped_refptr<IOBuffer> user_read_buf_; | 108 scoped_refptr<IOBuffer> user_read_buf_; |
103 int user_read_buf_len_; | 109 int user_read_buf_len_; |
104 | 110 |
105 // Used by Write function. | 111 // Used by Write function. |
106 scoped_refptr<IOBuffer> user_write_buf_; | 112 scoped_refptr<IOBuffer> user_write_buf_; |
107 int user_write_buf_len_; | 113 int user_write_buf_len_; |
108 | 114 |
| 115 // Set when handshake finishes. |
| 116 scoped_refptr<X509Certificate> server_cert_; |
| 117 CertVerifyResult server_cert_verify_result_; |
| 118 |
109 // Stores client authentication information between ClientAuthHandler and | 119 // Stores client authentication information between ClientAuthHandler and |
110 // GetSSLCertRequestInfo calls. | 120 // GetSSLCertRequestInfo calls. |
111 std::vector<scoped_refptr<X509Certificate> > client_certs_; | 121 std::vector<scoped_refptr<X509Certificate> > client_certs_; |
112 bool client_auth_cert_needed_; | 122 bool client_auth_cert_needed_; |
113 | 123 |
| 124 scoped_ptr<CertVerifier> verifier_; |
| 125 CompletionCallbackImpl<SSLClientSocketOpenSSL> handshake_io_callback_; |
| 126 |
114 // OpenSSL stuff | 127 // OpenSSL stuff |
115 SSL* ssl_; | 128 SSL* ssl_; |
116 BIO* transport_bio_; | 129 BIO* transport_bio_; |
117 | 130 |
118 scoped_ptr<ClientSocketHandle> transport_; | 131 scoped_ptr<ClientSocketHandle> transport_; |
119 std::string hostname_; | 132 std::string hostname_; |
120 SSLConfig ssl_config_; | 133 SSLConfig ssl_config_; |
121 | 134 |
122 bool completed_handshake_; | 135 bool completed_handshake_; |
123 | 136 |
124 enum State { | 137 enum State { |
125 STATE_NONE, | 138 STATE_NONE, |
126 STATE_HANDSHAKE, | 139 STATE_HANDSHAKE, |
127 STATE_VERIFY_CERT, | 140 STATE_VERIFY_CERT, |
128 STATE_VERIFY_CERT_COMPLETE, | 141 STATE_VERIFY_CERT_COMPLETE, |
129 }; | 142 }; |
130 State next_handshake_state_; | 143 State next_handshake_state_; |
131 BoundNetLog net_log_; | 144 BoundNetLog net_log_; |
132 }; | 145 }; |
133 | 146 |
134 } // namespace net | 147 } // namespace net |
135 | 148 |
136 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 149 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
137 | 150 |
OLD | NEW |