Update SSLServerSocket to provide the net::StreamSocket interface.

net/socket/ssl_server_socket.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_SOCKET_SSL_SERVER_SOCKET_H_
 #define NET_SOCKET_SSL_SERVER_SOCKET_H_
 
 #include "base/basictypes.h"
 #include "net/base/completion_callback.h"
 #include "net/base/net_api.h"
-#include "net/socket/socket.h"
+#include "net/socket/stream_socket.h"
 
 namespace crypto {
 class RSAPrivateKey;
 }  // namespace base
 
 namespace net {
 
 class IOBuffer;
 struct SSLConfig;
 class X509Certificate;
 
-// SSLServerSocket takes an already connected socket and performs SSL on top of
-// it.
-//
-// This class is designed to work in a peer-to-peer connection and is not
-// intended to be used as a standalone SSL server.
-class SSLServerSocket : public Socket {
- public:
-  virtual ~SSLServerSocket() {}
-
-  // Performs an SSL server handshake on the existing socket. The given socket
-  // must have already been connected.
-  //
-  // Accept either returns ERR_IO_PENDING, in which case the given callback
-  // will be called in the future with the real result, or it completes
-  // synchronously, returning the result immediately.
-  virtual int Accept(CompletionCallback* callback) = 0;
-};

[wtc, 2011/06/02 19:48:24]

It is strange that a header file named ssl_server_socket.h
doesn't define the SSLServerSocket class.  I would define
SSLServerSocket as a typedef or a dummy derived class of
StreamSocket.

It is also strange for a server socket to use a Connect
method, but I know why you do this -- the ServerSocket
interface is designed for transport layer and doesn't
match how an SSL server socket is created.  Perhaps the
ServerSocket interface, which has the Listen and Accept
methods of a conventional server socket in the BSD socket
API, should be renamed TransportServerSocket?

Another solution is to have a single SSLSocket or
SSLStreamSocket class, with an attribute to indicate
whether it should handshake as a server or as a client.

-
 // Creates an SSL server socket using an already connected socket. A certificate
 // and private key needs to be provided.
 //
-// This created server socket will take ownership of |socket|. However |key|
-// is copied.
-// TODO(hclam): Defines ServerSocketFactory to create SSLServerSocket. This will
-// make mocking easier.
-NET_API SSLServerSocket* CreateSSLServerSocket(
-    Socket* socket, X509Certificate* certificate, crypto::RSAPrivateKey* key,
+// The SSL StreamSocket takes ownership of |socket|.

[wtc, 2011/06/02 19:48:24]

You should document that this happens even if the function
returns NULL.  This is what the OpenSSL stub function does.

Alternatively, change the OpenSSL stub function to NOT
delete 'socket'.

[Wez, 2011/06/02 22:06:01]

Done.

+// It takes a reference to |certificate|.
+// The |key| and |ssl_config| parameters are copied.  |key| cannot be const
+// because the methods used to copy its contents are non-const.
+//
+// The caller starts the SSL connection acceptance protocol by calling Connect

[wtc, 2011/06/02 19:48:24]

Nit: SSL connection acceptance protocol => SSL server handshake

[Wez, 2011/06/02 22:06:01]

Done.

+// on the returned socket.
+NET_API StreamSocket* CreateSSLServerSocket(
+    StreamSocket* socket,
+    X509Certificate* certificate,
+    crypto::RSAPrivateKey* key,
     const SSLConfig& ssl_config);
 
 }  // namespace net
 
 #endif  // NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_