OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
11 #include "net/base/completion_callback.h" | 11 #include "net/base/completion_callback.h" |
12 #include "net/base/load_flags.h" | 12 #include "net/base/load_flags.h" |
13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
14 #include "net/base/ssl_client_cert_type.h" | 14 #include "net/base/ssl_client_cert_type.h" |
15 #include "net/socket/ssl_socket.h" | 15 #include "net/socket/ssl_socket.h" |
16 #include "net/socket/stream_socket.h" | 16 #include "net/socket/stream_socket.h" |
17 | 17 |
18 namespace net { | 18 namespace net { |
19 | 19 |
20 class CertVerifier; | 20 class CertVerifier; |
21 class OriginBoundCertService; | 21 class ServerBoundCertService; |
22 class SSLCertRequestInfo; | 22 class SSLCertRequestInfo; |
23 class SSLHostInfo; | 23 class SSLHostInfo; |
24 class SSLHostInfoFactory; | 24 class SSLHostInfoFactory; |
25 class SSLInfo; | 25 class SSLInfo; |
26 class TransportSecurityState; | 26 class TransportSecurityState; |
27 | 27 |
28 // This struct groups together several fields which are used by various | 28 // This struct groups together several fields which are used by various |
29 // classes related to SSLClientSocket. | 29 // classes related to SSLClientSocket. |
30 struct SSLClientSocketContext { | 30 struct SSLClientSocketContext { |
31 SSLClientSocketContext() | 31 SSLClientSocketContext() |
32 : cert_verifier(NULL), | 32 : cert_verifier(NULL), |
33 origin_bound_cert_service(NULL), | 33 server_bound_cert_service(NULL), |
34 transport_security_state(NULL), | 34 transport_security_state(NULL), |
35 ssl_host_info_factory(NULL) {} | 35 ssl_host_info_factory(NULL) {} |
36 | 36 |
37 SSLClientSocketContext(CertVerifier* cert_verifier_arg, | 37 SSLClientSocketContext(CertVerifier* cert_verifier_arg, |
38 OriginBoundCertService* origin_bound_cert_service_arg, | 38 ServerBoundCertService* server_bound_cert_service_arg, |
39 TransportSecurityState* transport_security_state_arg, | 39 TransportSecurityState* transport_security_state_arg, |
40 SSLHostInfoFactory* ssl_host_info_factory_arg, | 40 SSLHostInfoFactory* ssl_host_info_factory_arg, |
41 const std::string& ssl_session_cache_shard_arg) | 41 const std::string& ssl_session_cache_shard_arg) |
42 : cert_verifier(cert_verifier_arg), | 42 : cert_verifier(cert_verifier_arg), |
43 origin_bound_cert_service(origin_bound_cert_service_arg), | 43 server_bound_cert_service(server_bound_cert_service_arg), |
44 transport_security_state(transport_security_state_arg), | 44 transport_security_state(transport_security_state_arg), |
45 ssl_host_info_factory(ssl_host_info_factory_arg), | 45 ssl_host_info_factory(ssl_host_info_factory_arg), |
46 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} | 46 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} |
47 | 47 |
48 CertVerifier* cert_verifier; | 48 CertVerifier* cert_verifier; |
49 OriginBoundCertService* origin_bound_cert_service; | 49 ServerBoundCertService* server_bound_cert_service; |
50 TransportSecurityState* transport_security_state; | 50 TransportSecurityState* transport_security_state; |
51 SSLHostInfoFactory* ssl_host_info_factory; | 51 SSLHostInfoFactory* ssl_host_info_factory; |
52 // ssl_session_cache_shard is an opaque string that identifies a shard of the | 52 // ssl_session_cache_shard is an opaque string that identifies a shard of the |
53 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may | 53 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may |
54 // resume each other's SSL sessions but we'll never sessions between shards. | 54 // resume each other's SSL sessions but we'll never sessions between shards. |
55 const std::string ssl_session_cache_shard; | 55 const std::string ssl_session_cache_shard; |
56 }; | 56 }; |
57 | 57 |
58 // A client socket that uses SSL as the transport layer. | 58 // A client socket that uses SSL as the transport layer. |
59 // | 59 // |
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
135 | 135 |
136 virtual bool was_spdy_negotiated() const; | 136 virtual bool was_spdy_negotiated() const; |
137 | 137 |
138 virtual bool set_was_spdy_negotiated(bool negotiated); | 138 virtual bool set_was_spdy_negotiated(bool negotiated); |
139 | 139 |
140 virtual SSLClientSocket::NextProto protocol_negotiated() const; | 140 virtual SSLClientSocket::NextProto protocol_negotiated() const; |
141 | 141 |
142 virtual void set_protocol_negotiated( | 142 virtual void set_protocol_negotiated( |
143 SSLClientSocket::NextProto protocol_negotiated); | 143 SSLClientSocket::NextProto protocol_negotiated); |
144 | 144 |
145 // Returns the OriginBoundCertService used by this socket, or NULL if | 145 // Returns the ServerBoundCertService used by this socket, or NULL if |
146 // origin bound certificates are not supported. | 146 // server bound certificates are not supported. |
147 virtual OriginBoundCertService* GetOriginBoundCertService() const = 0; | 147 virtual ServerBoundCertService* GetServerBoundCertService() const = 0; |
148 | 148 |
149 // Returns true if an origin bound certificate was sent on this connection. | 149 // Returns true if a domain bound certificate was sent on this connection. |
150 // This may be useful for protocols, like SPDY, which allow the same | 150 // This may be useful for protocols, like SPDY, which allow the same |
151 // connection to be shared between multiple origins, each of which need | 151 // connection to be shared between multiple domains, each of which need |
152 // an origin bound certificate. | 152 // an domain bound certificate. |
wtc
2012/03/15 23:46:38
Nit: an domain => a domain
mattm
2012/03/16 22:22:00
Done.
| |
153 virtual bool WasOriginBoundCertSent() const; | 153 virtual bool WasDomainBoundCertSent() const; |
154 | 154 |
155 // Returns the type of the origin bound cert that was sent, or | 155 // Returns the type of the domain bound cert that was sent, or |
156 // CLIENT_CERT_INVALID_TYPE if none was sent. | 156 // CLIENT_CERT_INVALID_TYPE if none was sent. |
157 virtual SSLClientCertType origin_bound_cert_type() const; | 157 virtual SSLClientCertType domain_bound_cert_type() const; |
158 | 158 |
159 virtual SSLClientCertType set_origin_bound_cert_type(SSLClientCertType type); | 159 virtual SSLClientCertType set_domain_bound_cert_type(SSLClientCertType type); |
160 | 160 |
161 private: | 161 private: |
162 // True if NPN was responded to, independent of selecting SPDY or HTTP. | 162 // True if NPN was responded to, independent of selecting SPDY or HTTP. |
163 bool was_npn_negotiated_; | 163 bool was_npn_negotiated_; |
164 // True if NPN successfully negotiated SPDY. | 164 // True if NPN successfully negotiated SPDY. |
165 bool was_spdy_negotiated_; | 165 bool was_spdy_negotiated_; |
166 // Protocol that we negotiated with the server. | 166 // Protocol that we negotiated with the server. |
167 SSLClientSocket::NextProto protocol_negotiated_; | 167 SSLClientSocket::NextProto protocol_negotiated_; |
168 // Type of the origin bound cert that was sent, or CLIENT_CERT_INVALID_TYPE | 168 // Type of the domain bound cert that was sent, or CLIENT_CERT_INVALID_TYPE |
169 // if none was sent. | 169 // if none was sent. |
170 SSLClientCertType origin_bound_cert_type_; | 170 SSLClientCertType domain_bound_cert_type_; |
171 }; | 171 }; |
172 | 172 |
173 } // namespace net | 173 } // namespace net |
174 | 174 |
175 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 175 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
OLD | NEW |