| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 // connection. | 70 // connection. |
| 71 enum NextProtoStatus { | 71 enum NextProtoStatus { |
| 72 // WARNING: These values are serialized to disk. Don't change them. | 72 // WARNING: These values are serialized to disk. Don't change them. |
| 73 | 73 |
| 74 kNextProtoUnsupported = 0, // The server doesn't support NPN. | 74 kNextProtoUnsupported = 0, // The server doesn't support NPN. |
| 75 kNextProtoNegotiated = 1, // We agreed on a protocol. | 75 kNextProtoNegotiated = 1, // We agreed on a protocol. |
| 76 kNextProtoNoOverlap = 2, // No protocols in common. We requested | 76 kNextProtoNoOverlap = 2, // No protocols in common. We requested |
| 77 // the first protocol in our list. | 77 // the first protocol in our list. |
| 78 }; | 78 }; |
| 79 | 79 |
| 80 // Next Protocol Negotiation (NPN), if successful, results in agreement on an | |
| 81 // application-level string that specifies the application level protocol to | |
| 82 // use over the TLS connection. NextProto enumerates the application level | |
| 83 // protocols that we recognise. | |
| 84 enum NextProto { | |
| 85 kProtoUnknown = 0, | |
| 86 kProtoHTTP11 = 1, | |
| 87 kProtoSPDY1 = 2, | |
| 88 kProtoSPDY2 = 3, | |
| 89 kProtoSPDY21 = 4, | |
| 90 kProtoSPDY3 = 5, | |
| 91 }; | |
| 92 | |
| 93 // Gets the SSL connection information of the socket. | 80 // Gets the SSL connection information of the socket. |
| 94 // | 81 // |
| 95 // TODO(sergeyu): Move this method to the SSLSocket interface and | 82 // TODO(sergeyu): Move this method to the SSLSocket interface and |
| 96 // implemented in SSLServerSocket too. | 83 // implemented in SSLServerSocket too. |
| 97 virtual void GetSSLInfo(SSLInfo* ssl_info) = 0; | 84 virtual void GetSSLInfo(SSLInfo* ssl_info) = 0; |
| 98 | 85 |
| 99 // Gets the SSL CertificateRequest info of the socket after Connect failed | 86 // Gets the SSL CertificateRequest info of the socket after Connect failed |
| 100 // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. | 87 // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. |
| 101 virtual void GetSSLCertRequestInfo( | 88 virtual void GetSSLCertRequestInfo( |
| 102 SSLCertRequestInfo* cert_request_info) = 0; | 89 SSLCertRequestInfo* cert_request_info) = 0; |
| 103 | 90 |
| 104 // Get the application level protocol that we negotiated with the server. | 91 // Get the application level protocol that we negotiated with the server. |
| 105 // *proto is set to the resulting protocol (n.b. that the string may have | 92 // *proto is set to the resulting protocol (n.b. that the string may have |
| 106 // embedded NULs). | 93 // embedded NULs). |
| 107 // kNextProtoUnsupported: *proto is cleared. | 94 // kNextProtoUnsupported: *proto is cleared. |
| 108 // kNextProtoNegotiated: *proto is set to the negotiated protocol. | 95 // kNextProtoNegotiated: *proto is set to the negotiated protocol. |
| 109 // kNextProtoNoOverlap: *proto is set to the first protocol in the | 96 // kNextProtoNoOverlap: *proto is set to the first protocol in the |
| 110 // supported list. | 97 // supported list. |
| 111 // *server_protos is set to the server advertised protocols. | 98 // *server_protos is set to the server advertised protocols. |
| 112 virtual NextProtoStatus GetNextProto(std::string* proto, | 99 virtual NextProtoStatus GetNextProto(std::string* proto, |
| 113 std::string* server_protos) = 0; | 100 std::string* server_protos) = 0; |
| 114 | 101 |
| 115 static NextProto NextProtoFromString(const std::string& proto_string); | 102 static NextProto NextProtoFromString(const std::string& proto_string); |
| 116 | 103 |
| 117 static const char* NextProtoToString(SSLClientSocket::NextProto next_proto); | 104 static const char* NextProtoToString(NextProto next_proto); |
| 118 | 105 |
| 119 static const char* NextProtoStatusToString( | 106 static const char* NextProtoStatusToString(const NextProtoStatus status); |
| 120 const SSLClientSocket::NextProtoStatus status); | |
| 121 | 107 |
| 122 // Can be used with the second argument(|server_protos|) of |GetNextProto| to | 108 // Can be used with the second argument(|server_protos|) of |GetNextProto| to |
| 123 // construct a comma separated string of server advertised protocols. | 109 // construct a comma separated string of server advertised protocols. |
| 124 static std::string ServerProtosToString(const std::string& server_protos); | 110 static std::string ServerProtosToString(const std::string& server_protos); |
| 125 | 111 |
| 126 static bool IgnoreCertError(int error, int load_flags); | 112 static bool IgnoreCertError(int error, int load_flags); |
| 127 | 113 |
| 128 // ClearSessionCache clears the SSL session cache, used to resume SSL | 114 // ClearSessionCache clears the SSL session cache, used to resume SSL |
| 129 // sessions. | 115 // sessions. |
| 130 static void ClearSessionCache(); | 116 static void ClearSessionCache(); |
| 131 | 117 |
| 132 virtual bool was_npn_negotiated() const; | 118 virtual bool was_npn_negotiated() const; |
| 133 | 119 |
| 134 virtual bool set_was_npn_negotiated(bool negotiated); | 120 virtual bool set_was_npn_negotiated(bool negotiated); |
| 135 | 121 |
| 136 virtual bool was_spdy_negotiated() const; | 122 virtual bool was_spdy_negotiated() const; |
| 137 | 123 |
| 138 virtual bool set_was_spdy_negotiated(bool negotiated); | 124 virtual bool set_was_spdy_negotiated(bool negotiated); |
| 139 | 125 |
| 140 virtual SSLClientSocket::NextProto protocol_negotiated() const; | 126 virtual NextProto protocol_negotiated() const; |
| 141 | 127 |
| 142 virtual void set_protocol_negotiated( | 128 virtual void set_protocol_negotiated(NextProto protocol_negotiated); |
| 143 SSLClientSocket::NextProto protocol_negotiated); | |
| 144 | 129 |
| 145 // Returns the ServerBoundCertService used by this socket, or NULL if | 130 // Returns the ServerBoundCertService used by this socket, or NULL if |
| 146 // server bound certificates are not supported. | 131 // server bound certificates are not supported. |
| 147 virtual ServerBoundCertService* GetServerBoundCertService() const = 0; | 132 virtual ServerBoundCertService* GetServerBoundCertService() const = 0; |
| 148 | 133 |
| 149 // Returns true if a domain bound certificate was sent on this connection. | 134 // Returns true if a domain bound certificate was sent on this connection. |
| 150 // This may be useful for protocols, like SPDY, which allow the same | 135 // This may be useful for protocols, like SPDY, which allow the same |
| 151 // connection to be shared between multiple domains, each of which need | 136 // connection to be shared between multiple domains, each of which need |
| 152 // a domain bound certificate. | 137 // a domain bound certificate. |
| 153 virtual bool WasDomainBoundCertSent() const; | 138 virtual bool WasDomainBoundCertSent() const; |
| 154 | 139 |
| 155 // Returns the type of the domain bound cert that was sent, or | 140 // Returns the type of the domain bound cert that was sent, or |
| 156 // CLIENT_CERT_INVALID_TYPE if none was sent. | 141 // CLIENT_CERT_INVALID_TYPE if none was sent. |
| 157 virtual SSLClientCertType domain_bound_cert_type() const; | 142 virtual SSLClientCertType domain_bound_cert_type() const; |
| 158 | 143 |
| 159 virtual SSLClientCertType set_domain_bound_cert_type(SSLClientCertType type); | 144 virtual SSLClientCertType set_domain_bound_cert_type(SSLClientCertType type); |
| 160 | 145 |
| 161 private: | 146 private: |
| 162 // True if NPN was responded to, independent of selecting SPDY or HTTP. | 147 // True if NPN was responded to, independent of selecting SPDY or HTTP. |
| 163 bool was_npn_negotiated_; | 148 bool was_npn_negotiated_; |
| 164 // True if NPN successfully negotiated SPDY. | 149 // True if NPN successfully negotiated SPDY. |
| 165 bool was_spdy_negotiated_; | 150 bool was_spdy_negotiated_; |
| 166 // Protocol that we negotiated with the server. | 151 // Protocol that we negotiated with the server. |
| 167 SSLClientSocket::NextProto protocol_negotiated_; | 152 NextProto protocol_negotiated_; |
| 168 // Type of the domain bound cert that was sent, or CLIENT_CERT_INVALID_TYPE | 153 // Type of the domain bound cert that was sent, or CLIENT_CERT_INVALID_TYPE |
| 169 // if none was sent. | 154 // if none was sent. |
| 170 SSLClientCertType domain_bound_cert_type_; | 155 SSLClientCertType domain_bound_cert_type_; |
| 171 }; | 156 }; |
| 172 | 157 |
| 173 } // namespace net | 158 } // namespace net |
| 174 | 159 |
| 175 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 160 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| OLD | NEW |