OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
171 // Section 9.2 of the HTTP/2 specification. Note that the server might still | 171 // Section 9.2 of the HTTP/2 specification. Note that the server might still |
172 // pick an inadequate cipher suite. | 172 // pick an inadequate cipher suite. |
173 static bool HasCipherAdequateForHTTP2( | 173 static bool HasCipherAdequateForHTTP2( |
174 const std::vector<uint16>& cipher_suites); | 174 const std::vector<uint16>& cipher_suites); |
175 | 175 |
176 // Determine if the TLS version required by Section 9.2 of the HTTP/2 | 176 // Determine if the TLS version required by Section 9.2 of the HTTP/2 |
177 // specification is enabled. Note that the server might still pick an | 177 // specification is enabled. Note that the server might still pick an |
178 // inadequate TLS version. | 178 // inadequate TLS version. |
179 static bool IsTLSVersionAdequateForHTTP2(const SSLConfig& ssl_config); | 179 static bool IsTLSVersionAdequateForHTTP2(const SSLConfig& ssl_config); |
180 | 180 |
181 // Serializes |next_protos| in the wire format for ALPN: protocols are listed | 181 // Remove HTTP/2 from |next_protos|. |
182 // in order, each prefixed by a one-byte length. Any HTTP/2 protocols in | 182 static void DisableHTTP2(NextProtoVector* next_protos); |
davidben
2015/09/28 22:16:22
Do you think this should perhaps be in next_proto.
Bence
2015/09/28 23:55:52
Great idea! Especially because I might end up usi
| |
183 // |next_protos| are ignored if |can_advertise_http2| is false. | 183 |
184 // Serialize |next_protos| in the wire format for ALPN and NPN: protocols are | |
185 // listed in order, each prefixed by a one-byte length. | |
184 static std::vector<uint8_t> SerializeNextProtos( | 186 static std::vector<uint8_t> SerializeNextProtos( |
185 const NextProtoVector& next_protos, | 187 const NextProtoVector& next_protos); |
186 bool can_advertise_http2); | |
187 | 188 |
188 private: | 189 private: |
190 FRIEND_TEST_ALL_PREFIXES(SSLClientSocket, DisableHTTP2); | |
189 FRIEND_TEST_ALL_PREFIXES(SSLClientSocket, SerializeNextProtos); | 191 FRIEND_TEST_ALL_PREFIXES(SSLClientSocket, SerializeNextProtos); |
190 // For signed_cert_timestamps_received_ and stapled_ocsp_response_received_. | 192 // For signed_cert_timestamps_received_ and stapled_ocsp_response_received_. |
191 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, | 193 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, |
192 ConnectSignedCertTimestampsEnabledTLSExtension); | 194 ConnectSignedCertTimestampsEnabledTLSExtension); |
193 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, | 195 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, |
194 ConnectSignedCertTimestampsEnabledOCSP); | 196 ConnectSignedCertTimestampsEnabledOCSP); |
195 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, | 197 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, |
196 ConnectSignedCertTimestampsDisabled); | 198 ConnectSignedCertTimestampsDisabled); |
197 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, | 199 FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, |
198 VerifyServerChainProperlyOrdered); | 200 VerifyServerChainProperlyOrdered); |
199 | 201 |
200 // True if SCTs were received via a TLS extension. | 202 // True if SCTs were received via a TLS extension. |
201 bool signed_cert_timestamps_received_; | 203 bool signed_cert_timestamps_received_; |
202 // True if a stapled OCSP response was received. | 204 // True if a stapled OCSP response was received. |
203 bool stapled_ocsp_response_received_; | 205 bool stapled_ocsp_response_received_; |
204 // Protocol negotiation extension used. | 206 // Protocol negotiation extension used. |
205 SSLNegotiationExtension negotiation_extension_; | 207 SSLNegotiationExtension negotiation_extension_; |
206 }; | 208 }; |
207 | 209 |
208 } // namespace net | 210 } // namespace net |
209 | 211 |
210 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 212 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
OLD | NEW |