Breaking Change: merge BoringSSL branch into master

sdk/lib/io/http.dart

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 part of dart.io;
 
 /**
  * HTTP status codes.
  */
 abstract class HttpStatus {
@@ skipping 75 matching lines @@
  * ignored and any future writes are ignored.
  *
  * The HttpRequest exposes the request headers and provides the request body,
  * if it exists, as a Stream of data. If the body is unread, it is drained
  * when the server writes to the HttpResponse or closes it.
  *
  * ## Bind with a secure HTTPS connection
  *
  * Use [bindSecure] to create an HTTPS server.
  *
- * The server presents a certificate to the client. In the following
- * example, the certificate is named `localhost_cert` and comes from
- * the database found in the `pkcert` directory.
+ * The server presents a certificate to the client. The certificate
+ * chain and the private key are set in the SecurityContext
+ * object that is passed to [bindSecure].
  *
  *     import 'dart:io';
  *     import "dart:isolate";
  *
  *     main() {
- *       var testPkcertDatabase = Platform.script.resolve('pkcert')
- *                                        .toFilePath();
- *       SecureSocket.initialize(database: testPkcertDatabase,
- *                               password: 'dartdart');
+ *       SecurityContext context = new SecurityContext();
+ *       var chain =
+ *           Platform.script.resolve('certificates/server_chain.pem')
+ *           .toFilePath();
+ *       var key =
+ *           Platform.script.resolve('certificates/server_key.pem')
+ *           .toFilePath();
+ *       context.useCertificateChain(chain);
+ *       context.usePrivateKey(key, password: 'dartdart');
  *
  *       HttpServer
  *           .bindSecure(InternetAddress.ANY_IP_V6,
  *                       443,
- *                       certificateName: 'localhost_cert')
+ *                       context)
  *           .then((server) {
  *             server.listen((HttpRequest request) {
  *               request.response.write('Hello, world!');
  *               request.response.close();
  *             });
  *           });
  *     }
  *
- * The certificate database is managed using the Mozilla certutil tool (see
- * [NSS Tools certutil](https://developer.mozilla.org/en-US/docs/NSS/tools/NSS_Tools_certutil)).
- * Dart uses the NSS library to handle SSL, and the Mozilla certutil
- * must be used to manipulate the certificate database.
+ *  The certificates and keys are pem files, which can be created and
+ *  managed with the tools in OpenSSL and BoringSSL.
  *
  * ## Connect to a server socket
  *
  * You can use the [listenOn] constructor to attach an HTTP server to
  * a [ServerSocket].
  *
  *     import 'dart:io';
  *
  *     main() {
  *       ServerSocket.bind(InternetAddress.ANY_IP_V6, 80)
@@ skipping 149 matching lines @@
    * to the same `address`, `port` and `v6Only` combination is
    * possible from the same Dart process. If `shared` is `true` and
    * additional binds are performed, then the incoming connections
    * will be distributed between that set of `HttpServer`s. One way of
    * using this is to have number of isolates between which incoming
    * connections are distributed.
    */
 
   static Future<HttpServer> bindSecure(address,
                                        int port,
+                                       SecurityContext context,
                                        {int backlog: 0,
                                         bool v6Only: false,
                                         String certificateName,
                                         bool requestClientCertificate: false,
                                         bool shared: false})
       => _HttpServer.bindSecure(address,
                                 port,
+                                context,
                                 backlog,
                                 v6Only,
                                 certificateName,
                                 requestClientCertificate,
                                 shared);
 
   /**
    * Attaches the HTTP server to an existing [ServerSocket]. When the
    * [HttpServer] is closed, the [HttpServer] will just detach itself,
    * closing current connections but not closing [serverSocket].
@@ skipping 1013 matching lines @@
   /**
    * Set and get the default value of the `User-Agent` header for all requests
    * generated by this [HttpClient]. The default value is
    * `Dart/<version> (dart:io)`.
    *
    * If the userAgent is set to `null`, no default `User-Agent` header will be
    * added to each request.
    */
   String userAgent;
 
-  factory HttpClient() => new _HttpClient();
+  factory HttpClient({SecurityContext context}) => new _HttpClient(context);
 
   /**
    * Opens a HTTP connection.
    *
    * The HTTP method to use is specified in [method], the server is
    * specified using [host] and [port], and the path (including
    * a possible query) is specified using [path].
    * The path may also contain a URI fragment, which will be ignored.
    *
    * The `Host` header for the request will be set to the value
@@ skipping 662 matching lines @@
 class RedirectException implements HttpException {
   final String message;
   final List<RedirectInfo> redirects;
 
   const RedirectException(this.message, this.redirects);
 
   String toString() => "RedirectException: $message";
 
   Uri get uri => redirects.last.location;
 }