Chromium Code Reviews Chromium Code Reviews
Issue 1378613004:
Set Token-Binding HTTP header (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new| Index: net/http/http_network_transaction.h |
| diff --git a/net/http/http_network_transaction.h b/net/http/http_network_transaction.h |
| index a5e5b08032353f7189b89ba61ee5c78ce2b65408..67317452ae033d8b23af8410b0d6b3ee4414f120 100644 |
| --- a/net/http/http_network_transaction.h |
| +++ b/net/http/http_network_transaction.h |
| @@ -14,6 +14,7 @@ |
| #include "base/memory/ref_counted.h" |
| #include "base/memory/scoped_ptr.h" |
| #include "base/time/time.h" |
| +#include "crypto/ec_private_key.h" |
|
davidben
2015/11/18 20:49:00
I think you can still forward-decl this.
nharper
2015/12/04 01:42:19
Yes I can. Done.
|
| #include "net/base/request_priority.h" |
| #include "net/http/http_auth.h" |
| #include "net/http/http_request_headers.h" |
| @@ -23,6 +24,7 @@ |
| #include "net/log/net_log.h" |
| #include "net/proxy/proxy_service.h" |
| #include "net/socket/connection_attempts.h" |
| +#include "net/ssl/channel_id_service.h" |
| #include "net/ssl/ssl_config_service.h" |
| #include "net/ssl/ssl_failure_state.h" |
| #include "net/websockets/websocket_handshake_stream_base.h" |
| @@ -137,6 +139,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
| STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE, |
| STATE_GENERATE_SERVER_AUTH_TOKEN, |
| STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE, |
| + STATE_GET_TOKEN_BINDING_KEY, |
| + STATE_GET_TOKEN_BINDING_KEY_COMPLETE, |
| STATE_INIT_REQUEST_BODY, |
| STATE_INIT_REQUEST_BODY_COMPLETE, |
| STATE_BUILD_REQUEST, |
| @@ -153,6 +157,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
| }; |
| bool IsSecureRequest() const; |
| + bool IsTokenBindingEnabled() const; |
| + void RecordTokenBindingSupport() const; |
| // Returns true if the request is using an HTTP(S) proxy without being |
| // tunneled via the CONNECT method. |
| @@ -177,6 +183,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
| int DoGenerateProxyAuthTokenComplete(int result); |
| int DoGenerateServerAuthToken(); |
| int DoGenerateServerAuthTokenComplete(int result); |
| + int DoGetTokenBindingKey(); |
| + int DoGetTokenBindingKeyComplete(int result); |
| int DoInitRequestBody(); |
| int DoInitRequestBodyComplete(int result); |
| int DoBuildRequest(); |
| @@ -191,6 +199,7 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
| int DoDrainBodyForAuthRestartComplete(int result); |
| void BuildRequestHeaders(bool using_http_proxy_without_tunnel); |
| + std::string BuildTokenBindingHeader(); |
| // Writes a log message to help debugging in the field when we block a proxy |
| // response to a CONNECT request. |
| @@ -312,6 +321,11 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
| // The SSLFailureState which caused the last TLS version fallback. |
| SSLFailureState fallback_failure_state_; |
| + // Key to use for signing message in Token Binding header. |
| + scoped_ptr<crypto::ECPrivateKey> token_binding_key_; |
| + // Object to manage lookup of |token_binding_key_|. |
| + ChannelIDService::Request token_binding_request_; |
| + |
| HttpRequestHeaders request_headers_; |
| // The size in bytes of the buffer we use to drain the response body that |
