Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(298)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.h

Issue 8865006: net: move pinning checks into the SSL socket. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
7 #pragma once 7 #pragma once
8 8
9 #include <certt.h> 9 #include <certt.h>
10 #include <keyt.h> 10 #include <keyt.h>
(...skipping 17 matching lines...) Expand all
28 #include "net/base/origin_bound_cert_service.h" 28 #include "net/base/origin_bound_cert_service.h"
29 #include "net/base/ssl_config_service.h" 29 #include "net/base/ssl_config_service.h"
30 #include "net/base/x509_certificate.h" 30 #include "net/base/x509_certificate.h"
31 #include "net/socket/ssl_client_socket.h" 31 #include "net/socket/ssl_client_socket.h"
32 32
33 namespace net { 33 namespace net {
34 34
35 class BoundNetLog; 35 class BoundNetLog;
36 class CertVerifier; 36 class CertVerifier;
37 class ClientSocketHandle; 37 class ClientSocketHandle;
38 class DnsCertProvenanceChecker;
39 class OriginBoundCertService; 38 class OriginBoundCertService;
40 class SingleRequestCertVerifier; 39 class SingleRequestCertVerifier;
41 class SSLHostInfo; 40 class SSLHostInfo;
41 class TransportSecurityState;
42 class X509Certificate; 42 class X509Certificate;
43 43
44 // An SSL client socket implemented with Mozilla NSS. 44 // An SSL client socket implemented with Mozilla NSS.
45 class SSLClientSocketNSS : public SSLClientSocket { 45 class SSLClientSocketNSS : public SSLClientSocket {
46 public: 46 public:
47 // Takes ownership of the |transport_socket|, which must already be connected. 47 // Takes ownership of the |transport_socket|, which must already be connected.
48 // The hostname specified in |host_and_port| will be compared with the name(s) 48 // The hostname specified in |host_and_port| will be compared with the name(s)
49 // in the server's certificate during the SSL handshake. If SSL client 49 // in the server's certificate during the SSL handshake. If SSL client
50 // authentication is requested, the host_and_port field of SSLCertRequestInfo 50 // authentication is requested, the host_and_port field of SSLCertRequestInfo
51 // will be populated with |host_and_port|. |ssl_config| specifies 51 // will be populated with |host_and_port|. |ssl_config| specifies
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 PRFileDesc* nss_fd_; 298 PRFileDesc* nss_fd_;
299 299
300 // Buffers for the network end of the SSL state machine 300 // Buffers for the network end of the SSL state machine
301 memio_Private* nss_bufs_; 301 memio_Private* nss_bufs_;
302 302
303 BoundNetLog net_log_; 303 BoundNetLog net_log_;
304 304
305 base::TimeTicks start_cert_verification_time_; 305 base::TimeTicks start_cert_verification_time_;
306 306
307 scoped_ptr<SSLHostInfo> ssl_host_info_; 307 scoped_ptr<SSLHostInfo> ssl_host_info_;
308 DnsCertProvenanceChecker* const dns_cert_checker_; 308
309 TransportSecurityState* transport_security_state_;
309 310
310 // next_proto_ is the protocol that we selected by NPN. 311 // next_proto_ is the protocol that we selected by NPN.
311 std::string next_proto_; 312 std::string next_proto_;
312 NextProtoStatus next_proto_status_; 313 NextProtoStatus next_proto_status_;
313 // Server's NPN advertised protocols. 314 // Server's NPN advertised protocols.
314 std::string server_protos_; 315 std::string server_protos_;
315 316
316 // The following two variables are added for debugging bug 65948. Will 317 // The following two variables are added for debugging bug 65948. Will
317 // remove this code after fixing bug 65948. 318 // remove this code after fixing bug 65948.
318 // Added the following code Debugging in release mode. 319 // Added the following code Debugging in release mode.
319 mutable base::Lock lock_; 320 mutable base::Lock lock_;
320 // This is mutable so that CalledOnValidThread can set it. 321 // This is mutable so that CalledOnValidThread can set it.
321 // It's guarded by |lock_|. 322 // It's guarded by |lock_|.
322 mutable base::PlatformThreadId valid_thread_id_; 323 mutable base::PlatformThreadId valid_thread_id_;
323 }; 324 };
324 325
325 } // namespace net 326 } // namespace net
326 327
327 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 328 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698