Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(143)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.h

Issue 8896012: Revert 113823 - net: move pinning checks into the SSL socket. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
7 #pragma once 7 #pragma once
8 8
9 #include <certt.h> 9 #include <certt.h>
10 #include <keyt.h> 10 #include <keyt.h>
(...skipping 17 matching lines...) Expand all
28 #include "net/base/origin_bound_cert_service.h" 28 #include "net/base/origin_bound_cert_service.h"
29 #include "net/base/ssl_config_service.h" 29 #include "net/base/ssl_config_service.h"
30 #include "net/base/x509_certificate.h" 30 #include "net/base/x509_certificate.h"
31 #include "net/socket/ssl_client_socket.h" 31 #include "net/socket/ssl_client_socket.h"
32 32
33 namespace net { 33 namespace net {
34 34
35 class BoundNetLog; 35 class BoundNetLog;
36 class CertVerifier; 36 class CertVerifier;
37 class ClientSocketHandle; 37 class ClientSocketHandle;
38 class DnsCertProvenanceChecker;
38 class OriginBoundCertService; 39 class OriginBoundCertService;
39 class SingleRequestCertVerifier; 40 class SingleRequestCertVerifier;
40 class SSLHostInfo; 41 class SSLHostInfo;
41 class TransportSecurityState;
42 class X509Certificate; 42 class X509Certificate;
43 43
44 // An SSL client socket implemented with Mozilla NSS. 44 // An SSL client socket implemented with Mozilla NSS.
45 class SSLClientSocketNSS : public SSLClientSocket { 45 class SSLClientSocketNSS : public SSLClientSocket {
46 public: 46 public:
47 // Takes ownership of the |transport_socket|, which must already be connected. 47 // Takes ownership of the |transport_socket|, which must already be connected.
48 // The hostname specified in |host_and_port| will be compared with the name(s) 48 // The hostname specified in |host_and_port| will be compared with the name(s)
49 // in the server's certificate during the SSL handshake. If SSL client 49 // in the server's certificate during the SSL handshake. If SSL client
50 // authentication is requested, the host_and_port field of SSLCertRequestInfo 50 // authentication is requested, the host_and_port field of SSLCertRequestInfo
51 // will be populated with |host_and_port|. |ssl_config| specifies 51 // will be populated with |host_and_port|. |ssl_config| specifies
(...skipping 237 matching lines...) Expand 10 before | Expand all | Expand 10 after
289 PRFileDesc* nss_fd_; 289 PRFileDesc* nss_fd_;
290 290
291 // Buffers for the network end of the SSL state machine 291 // Buffers for the network end of the SSL state machine
292 memio_Private* nss_bufs_; 292 memio_Private* nss_bufs_;
293 293
294 BoundNetLog net_log_; 294 BoundNetLog net_log_;
295 295
296 base::TimeTicks start_cert_verification_time_; 296 base::TimeTicks start_cert_verification_time_;
297 297
298 scoped_ptr<SSLHostInfo> ssl_host_info_; 298 scoped_ptr<SSLHostInfo> ssl_host_info_;
299 299 DnsCertProvenanceChecker* const dns_cert_checker_;
300 TransportSecurityState* transport_security_state_;
301 300
302 // next_proto_ is the protocol that we selected by NPN. 301 // next_proto_ is the protocol that we selected by NPN.
303 std::string next_proto_; 302 std::string next_proto_;
304 NextProtoStatus next_proto_status_; 303 NextProtoStatus next_proto_status_;
305 // Server's NPN advertised protocols. 304 // Server's NPN advertised protocols.
306 std::string server_protos_; 305 std::string server_protos_;
307 306
308 // The following two variables are added for debugging bug 65948. Will 307 // The following two variables are added for debugging bug 65948. Will
309 // remove this code after fixing bug 65948. 308 // remove this code after fixing bug 65948.
310 // Added the following code Debugging in release mode. 309 // Added the following code Debugging in release mode.
311 mutable base::Lock lock_; 310 mutable base::Lock lock_;
312 // This is mutable so that CalledOnValidThread can set it. 311 // This is mutable so that CalledOnValidThread can set it.
313 // It's guarded by |lock_|. 312 // It's guarded by |lock_|.
314 mutable base::PlatformThreadId valid_thread_id_; 313 mutable base::PlatformThreadId valid_thread_id_;
315 }; 314 };
316 315
317 } // namespace net 316 } // namespace net
318 317
319 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ 318 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698