OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
7 | 7 |
8 #include <openssl/base.h> | 8 #include <openssl/base.h> |
9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
10 #include <stdint.h> | 10 #include <stdint.h> |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
203 const EVP_MD* md, | 203 const EVP_MD* md, |
204 const uint8_t* in, | 204 const uint8_t* in, |
205 size_t in_len); | 205 size_t in_len); |
206 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, | 206 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, |
207 size_t* out_len, | 207 size_t* out_len, |
208 size_t max_out); | 208 size_t max_out); |
209 | 209 |
210 void OnPrivateKeySignComplete(Error error, | 210 void OnPrivateKeySignComplete(Error error, |
211 const std::vector<uint8_t>& signature); | 211 const std::vector<uint8_t>& signature); |
212 | 212 |
213 // Token Binding Extension callbacks. RegisterTokenBindingExtensionCallbacks | |
214 // sets the following static methods as the callbacks for the boringssl custom | |
215 // extension API. The Add and Parse callbacks are wrappers around the instance | |
216 // methods; The Free callback is a wrapper around OPENSSL_free. | |
davidben
2015/11/04 00:40:36
"; The" -> "; the"
Though I'd probably just drop
nharper
2015/11/04 02:28:04
Done.
| |
217 static bool RegisterTokenBindingExtensionCallbacks(SSL_CTX* ssl_ctx); | |
218 static int TokenBindingAddCallback(SSL* ssl, | |
219 unsigned int extension_value, | |
220 const uint8_t** out, | |
221 size_t* out_len, | |
222 int* out_alert_value, | |
223 void* add_arg); | |
224 static void TokenBindingFreeCallback(SSL* ssl, | |
225 unsigned int extension_value, | |
226 const uint8_t* out, | |
227 void* add_arg); | |
228 static int TokenBindingParseCallback(SSL* ssl, | |
229 unsigned int extension_value, | |
230 const uint8_t* contents, | |
231 size_t contents_len, | |
232 int* out_alert_value, | |
233 void* parse_arg); | |
234 | |
235 int TokenBindingAdd(const uint8_t** out, | |
236 size_t* out_len, | |
237 int* out_alert_value); | |
238 int TokenBindingParse(const uint8_t* contents, | |
239 size_t contents_len, | |
240 int* out_alert_value); | |
241 | |
213 bool transport_send_busy_; | 242 bool transport_send_busy_; |
214 bool transport_recv_busy_; | 243 bool transport_recv_busy_; |
215 | 244 |
216 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL. | 245 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL. |
217 // GrowableIOBuffer is used to keep ownership and setting offset. | 246 // GrowableIOBuffer is used to keep ownership and setting offset. |
218 scoped_refptr<GrowableIOBuffer> send_buffer_; | 247 scoped_refptr<GrowableIOBuffer> send_buffer_; |
219 scoped_refptr<GrowableIOBuffer> recv_buffer_; | 248 scoped_refptr<GrowableIOBuffer> recv_buffer_; |
220 | 249 |
221 CompletionCallback user_connect_callback_; | 250 CompletionCallback user_connect_callback_; |
222 CompletionCallback user_read_callback_; | 251 CompletionCallback user_read_callback_; |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
274 CertVerifier* const cert_verifier_; | 303 CertVerifier* const cert_verifier_; |
275 scoped_ptr<CertVerifier::Request> cert_verifier_request_; | 304 scoped_ptr<CertVerifier::Request> cert_verifier_request_; |
276 base::TimeTicks start_cert_verification_time_; | 305 base::TimeTicks start_cert_verification_time_; |
277 | 306 |
278 // Certificate Transparency: Verifier and result holder. | 307 // Certificate Transparency: Verifier and result holder. |
279 ct::CTVerifyResult ct_verify_result_; | 308 ct::CTVerifyResult ct_verify_result_; |
280 CTVerifier* cert_transparency_verifier_; | 309 CTVerifier* cert_transparency_verifier_; |
281 | 310 |
282 // The service for retrieving Channel ID keys. May be NULL. | 311 // The service for retrieving Channel ID keys. May be NULL. |
283 ChannelIDService* channel_id_service_; | 312 ChannelIDService* channel_id_service_; |
313 bool tb_was_negotiated_; | |
314 TokenBindingParam tb_negotiated_param_; | |
284 | 315 |
285 // OpenSSL stuff | 316 // OpenSSL stuff |
286 SSL* ssl_; | 317 SSL* ssl_; |
287 BIO* transport_bio_; | 318 BIO* transport_bio_; |
288 | 319 |
289 scoped_ptr<ClientSocketHandle> transport_; | 320 scoped_ptr<ClientSocketHandle> transport_; |
290 const HostPortPair host_and_port_; | 321 const HostPortPair host_and_port_; |
291 SSLConfig ssl_config_; | 322 SSLConfig ssl_config_; |
292 // ssl_session_cache_shard_ is an opaque string that partitions the SSL | 323 // ssl_session_cache_shard_ is an opaque string that partitions the SSL |
293 // session cache. i.e. sessions created with one value will not attempt to | 324 // session cache. i.e. sessions created with one value will not attempt to |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
337 // pinning failure. It is a (somewhat) human-readable string. | 368 // pinning failure. It is a (somewhat) human-readable string. |
338 std::string pinning_failure_log_; | 369 std::string pinning_failure_log_; |
339 | 370 |
340 BoundNetLog net_log_; | 371 BoundNetLog net_log_; |
341 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; | 372 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; |
342 }; | 373 }; |
343 | 374 |
344 } // namespace net | 375 } // namespace net |
345 | 376 |
346 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 377 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
OLD | NEW |