Index: net/socket/ssl_client_socket_openssl.h |
diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h |
index 228214b42d6e2f5b925050f976a5a8274c0171c2..1aa95af8e548bece35c5ad353a7d6b54642ac4ff 100644 |
--- a/net/socket/ssl_client_socket_openssl.h |
+++ b/net/socket/ssl_client_socket_openssl.h |
@@ -6,6 +6,7 @@ |
#define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
#include <openssl/base.h> |
+#include <openssl/bytestring.h> |
davidben
2015/10/15 21:52:09
Not needed. (Actually base.h will forward-declare
nharper
2015/10/20 22:52:19
Done.
|
#include <openssl/ssl.h> |
#include <string> |
@@ -205,6 +206,35 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
void OnPrivateKeySignComplete(Error error, |
const std::vector<uint8_t>& signature); |
+ // Token Binding Extension callbacks. RegisterTokenBidningExtensionCallbacks |
davidben
2015/10/15 21:52:09
Bidning -> Binding
nharper
2015/10/20 22:52:19
Done.
|
+ // sets the following static methods as the callbacks for the boringssl custom |
+ // extension API. The Add and Parse callbacks are wrappers around the instance |
+ // methods; The Free callback is a wrapper around OPENSSL_free. |
+ static bool RegisterTokenBindingExtensionCallbacks(SSL_CTX* ssl_ctx); |
+ static int TokenBindingAddCallback(SSL* ssl, |
+ unsigned int extension_value, |
+ const uint8_t** out, |
+ size_t* out_len, |
+ int* out_alert_value, |
+ void* add_arg); |
+ static void TokenBindingFreeCallback(SSL* ssl, |
+ unsigned int extension_value, |
+ const uint8_t* out, |
+ void* add_arg); |
+ static int TokenBindingParseCallback(SSL* ssl, |
+ unsigned int extension_value, |
+ const uint8_t* contents, |
+ size_t contents_len, |
+ int* out_alert_value, |
+ void* parse_arg); |
+ |
+ int TokenBindingAdd(const uint8_t** out, |
+ size_t* out_len, |
+ int* out_alert_value); |
+ int TokenBindingParse(const uint8_t* contents, |
+ size_t contents_len, |
+ int* out_alert_value); |
+ |
bool transport_send_busy_; |
bool transport_recv_busy_; |
@@ -276,6 +306,8 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
// The service for retrieving Channel ID keys. May be NULL. |
ChannelIDService* channel_id_service_; |
+ bool tb_was_negotiated_; |
+ TokenBindingParam tb_negotiated_param_; |
// OpenSSL stuff |
SSL* ssl_; |