| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <certt.h> | 9 #include <certt.h> |
| 10 #include <keyt.h> | 10 #include <keyt.h> |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 // authentication is requested, the host_and_port field of SSLCertRequestInfo | 50 // authentication is requested, the host_and_port field of SSLCertRequestInfo |
| 51 // will be populated with |host_and_port|. |ssl_config| specifies | 51 // will be populated with |host_and_port|. |ssl_config| specifies |
| 52 // the SSL settings. | 52 // the SSL settings. |
| 53 SSLClientSocketNSS(ClientSocketHandle* transport_socket, | 53 SSLClientSocketNSS(ClientSocketHandle* transport_socket, |
| 54 const HostPortPair& host_and_port, | 54 const HostPortPair& host_and_port, |
| 55 const SSLConfig& ssl_config, | 55 const SSLConfig& ssl_config, |
| 56 SSLHostInfo* ssl_host_info, | 56 SSLHostInfo* ssl_host_info, |
| 57 const SSLClientSocketContext& context); | 57 const SSLClientSocketContext& context); |
| 58 virtual ~SSLClientSocketNSS(); | 58 virtual ~SSLClientSocketNSS(); |
| 59 | 59 |
| 60 NET_EXPORT_PRIVATE static void ClearSessionCache(); | |
| 61 | |
| 62 // SSLClientSocket implementation. | 60 // SSLClientSocket implementation. |
| 63 virtual void GetSSLInfo(SSLInfo* ssl_info) OVERRIDE; | 61 virtual void GetSSLInfo(SSLInfo* ssl_info) OVERRIDE; |
| 64 virtual void GetSSLCertRequestInfo( | 62 virtual void GetSSLCertRequestInfo( |
| 65 SSLCertRequestInfo* cert_request_info) OVERRIDE; | 63 SSLCertRequestInfo* cert_request_info) OVERRIDE; |
| 66 virtual int ExportKeyingMaterial(const base::StringPiece& label, | 64 virtual int ExportKeyingMaterial(const base::StringPiece& label, |
| 67 const base::StringPiece& context, | 65 const base::StringPiece& context, |
| 68 unsigned char *out, | 66 unsigned char *out, |
| 69 unsigned int outlen) OVERRIDE; | 67 unsigned int outlen) OVERRIDE; |
| 70 virtual NextProtoStatus GetNextProto(std::string* proto, | 68 virtual NextProtoStatus GetNextProto(std::string* proto, |
| 71 std::string* server_protos) OVERRIDE; | 69 std::string* server_protos) OVERRIDE; |
| (...skipping 190 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 std::string ob_private_key_; | 260 std::string ob_private_key_; |
| 263 std::string ob_cert_; | 261 std::string ob_cert_; |
| 264 OriginBoundCertService::RequestHandle ob_cert_request_handle_; | 262 OriginBoundCertService::RequestHandle ob_cert_request_handle_; |
| 265 | 263 |
| 266 // True if NSS has called HandshakeCallback. | 264 // True if NSS has called HandshakeCallback. |
| 267 bool handshake_callback_called_; | 265 bool handshake_callback_called_; |
| 268 | 266 |
| 269 // True if the SSL handshake has been completed. | 267 // True if the SSL handshake has been completed. |
| 270 bool completed_handshake_; | 268 bool completed_handshake_; |
| 271 | 269 |
| 270 // ssl_session_cache_shard_ is an opaque string that partitions the SSL |
| 271 // session cache. i.e. sessions created with one value will not attempt to |
| 272 // resume on the socket with a different value. |
| 273 const std::string ssl_session_cache_shard_; |
| 274 |
| 272 // True iff we believe that the user has an ESET product intercepting our | 275 // True iff we believe that the user has an ESET product intercepting our |
| 273 // HTTPS connections. | 276 // HTTPS connections. |
| 274 bool eset_mitm_detected_; | 277 bool eset_mitm_detected_; |
| 275 // True iff we believe that the user has a Kaspersky product intercepting our | 278 // True iff we believe that the user has a Kaspersky product intercepting our |
| 276 // HTTPS connections. | 279 // HTTPS connections. |
| 277 bool kaspersky_mitm_detected_; | 280 bool kaspersky_mitm_detected_; |
| 278 | 281 |
| 279 // True iff |ssl_host_info_| contained a predicted certificate chain and | 282 // True iff |ssl_host_info_| contained a predicted certificate chain and |
| 280 // that we found the prediction to be correct. | 283 // that we found the prediction to be correct. |
| 281 bool predicted_cert_chain_correct_; | 284 bool predicted_cert_chain_correct_; |
| (...skipping 27 matching lines...) Expand all Loading... |
| 309 // Added the following code Debugging in release mode. | 312 // Added the following code Debugging in release mode. |
| 310 mutable base::Lock lock_; | 313 mutable base::Lock lock_; |
| 311 // This is mutable so that CalledOnValidThread can set it. | 314 // This is mutable so that CalledOnValidThread can set it. |
| 312 // It's guarded by |lock_|. | 315 // It's guarded by |lock_|. |
| 313 mutable base::PlatformThreadId valid_thread_id_; | 316 mutable base::PlatformThreadId valid_thread_id_; |
| 314 }; | 317 }; |
| 315 | 318 |
| 316 } // namespace net | 319 } // namespace net |
| 317 | 320 |
| 318 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 321 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8857002:
net: split the SSL session cache between incognito and normal. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src