| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <certt.h> | 9 #include <certt.h> |
| 10 #include <keyt.h> | 10 #include <keyt.h> |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 #include "net/base/nss_memio.h" | 23 #include "net/base/nss_memio.h" |
| 24 #include "net/base/ssl_config_service.h" | 24 #include "net/base/ssl_config_service.h" |
| 25 #include "net/base/x509_certificate.h" | 25 #include "net/base/x509_certificate.h" |
| 26 #include "net/socket/ssl_client_socket.h" | 26 #include "net/socket/ssl_client_socket.h" |
| 27 | 27 |
| 28 namespace net { | 28 namespace net { |
| 29 | 29 |
| 30 class BoundNetLog; | 30 class BoundNetLog; |
| 31 class CertVerifier; | 31 class CertVerifier; |
| 32 class ClientSocketHandle; | 32 class ClientSocketHandle; |
| 33 class SSLHostInfo; |
| 33 class X509Certificate; | 34 class X509Certificate; |
| 34 | 35 |
| 35 // An SSL client socket implemented with Mozilla NSS. | 36 // An SSL client socket implemented with Mozilla NSS. |
| 36 class SSLClientSocketNSS : public SSLClientSocket { | 37 class SSLClientSocketNSS : public SSLClientSocket { |
| 37 public: | 38 public: |
| 38 // Takes ownership of the |transport_socket|, which must already be connected. | 39 // Takes ownership of the |transport_socket|, which must already be connected. |
| 39 // The given hostname will be compared with the name(s) in the server's | 40 // The given hostname will be compared with the name(s) in the server's |
| 40 // certificate during the SSL handshake. ssl_config specifies the SSL | 41 // certificate during the SSL handshake. ssl_config specifies the SSL |
| 41 // settings. | 42 // settings. |
| 42 SSLClientSocketNSS(ClientSocketHandle* transport_socket, | 43 SSLClientSocketNSS(ClientSocketHandle* transport_socket, |
| 43 const std::string& hostname, | 44 const std::string& hostname, |
| 44 const SSLConfig& ssl_config); | 45 const SSLConfig& ssl_config, |
| 46 SSLHostInfo* ssl_host_info); |
| 45 ~SSLClientSocketNSS(); | 47 ~SSLClientSocketNSS(); |
| 46 | 48 |
| 47 // SSLClientSocket methods: | 49 // SSLClientSocket methods: |
| 48 virtual void GetSSLInfo(SSLInfo* ssl_info); | 50 virtual void GetSSLInfo(SSLInfo* ssl_info); |
| 49 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); | 51 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); |
| 50 virtual NextProtoStatus GetNextProto(std::string* proto); | 52 virtual NextProtoStatus GetNextProto(std::string* proto); |
| 51 virtual void UseDNSSEC(DNSSECProvider*); | 53 virtual void UseDNSSEC(DNSSECProvider*); |
| 52 | 54 |
| 53 // ClientSocket methods: | 55 // ClientSocket methods: |
| 54 virtual int Connect(CompletionCallback* callback); | 56 virtual int Connect(CompletionCallback* callback); |
| (...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 206 // The NSS SSL state machine | 208 // The NSS SSL state machine |
| 207 PRFileDesc* nss_fd_; | 209 PRFileDesc* nss_fd_; |
| 208 | 210 |
| 209 // Buffers for the network end of the SSL state machine | 211 // Buffers for the network end of the SSL state machine |
| 210 memio_Private* nss_bufs_; | 212 memio_Private* nss_bufs_; |
| 211 | 213 |
| 212 BoundNetLog net_log_; | 214 BoundNetLog net_log_; |
| 213 | 215 |
| 214 // When performing Snap Start we need to predict the NPN protocol which the | 216 // When performing Snap Start we need to predict the NPN protocol which the |
| 215 // server is going to speak before we actually perform the handshake. Thus | 217 // server is going to speak before we actually perform the handshake. Thus |
| 216 // the last NPN protocol used is serialised in |ssl_config.ssl_host_info| | 218 // the last NPN protocol used is serialised in |ssl_host_info_| |
| 217 // and kept in these fields: | 219 // and kept in these fields: |
| 218 SSLClientSocket::NextProtoStatus predicted_npn_status_; | 220 SSLClientSocket::NextProtoStatus predicted_npn_status_; |
| 219 std::string predicted_npn_proto_; | 221 std::string predicted_npn_proto_; |
| 220 bool predicted_npn_proto_used_; | 222 bool predicted_npn_proto_used_; |
| 221 | 223 |
| 224 scoped_ptr<SSLHostInfo> ssl_host_info_; |
| 225 |
| 222 #if defined(OS_WIN) | 226 #if defined(OS_WIN) |
| 223 // A CryptoAPI in-memory certificate store. We use it for two purposes: | 227 // A CryptoAPI in-memory certificate store. We use it for two purposes: |
| 224 // 1. Import server certificates into this store so that we can verify and | 228 // 1. Import server certificates into this store so that we can verify and |
| 225 // display the certificates using CryptoAPI. | 229 // display the certificates using CryptoAPI. |
| 226 // 2. Copy client certificates from the "MY" system certificate store into | 230 // 2. Copy client certificates from the "MY" system certificate store into |
| 227 // this store so that we can close the system store when we finish | 231 // this store so that we can close the system store when we finish |
| 228 // searching for client certificates. | 232 // searching for client certificates. |
| 229 static HCERTSTORE cert_store_; | 233 static HCERTSTORE cert_store_; |
| 230 #endif | 234 #endif |
| 231 }; | 235 }; |
| 232 | 236 |
| 233 } // namespace net | 237 } // namespace net |
| 234 | 238 |
| 235 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 239 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3747003:
net: clean up SSLHostInfo construction. (Closed)
