Index: net/http/http_network_transaction.h |
diff --git a/net/http/http_network_transaction.h b/net/http/http_network_transaction.h |
index a5e5b08032353f7189b89ba61ee5c78ce2b65408..67317452ae033d8b23af8410b0d6b3ee4414f120 100644 |
--- a/net/http/http_network_transaction.h |
+++ b/net/http/http_network_transaction.h |
@@ -14,6 +14,7 @@ |
#include "base/memory/ref_counted.h" |
#include "base/memory/scoped_ptr.h" |
#include "base/time/time.h" |
+#include "crypto/ec_private_key.h" |
davidben
2015/11/18 20:49:00
I think you can still forward-decl this.
nharper
2015/12/04 01:42:19
Yes I can. Done.
|
#include "net/base/request_priority.h" |
#include "net/http/http_auth.h" |
#include "net/http/http_request_headers.h" |
@@ -23,6 +24,7 @@ |
#include "net/log/net_log.h" |
#include "net/proxy/proxy_service.h" |
#include "net/socket/connection_attempts.h" |
+#include "net/ssl/channel_id_service.h" |
#include "net/ssl/ssl_config_service.h" |
#include "net/ssl/ssl_failure_state.h" |
#include "net/websockets/websocket_handshake_stream_base.h" |
@@ -137,6 +139,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE, |
STATE_GENERATE_SERVER_AUTH_TOKEN, |
STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE, |
+ STATE_GET_TOKEN_BINDING_KEY, |
+ STATE_GET_TOKEN_BINDING_KEY_COMPLETE, |
STATE_INIT_REQUEST_BODY, |
STATE_INIT_REQUEST_BODY_COMPLETE, |
STATE_BUILD_REQUEST, |
@@ -153,6 +157,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
}; |
bool IsSecureRequest() const; |
+ bool IsTokenBindingEnabled() const; |
+ void RecordTokenBindingSupport() const; |
// Returns true if the request is using an HTTP(S) proxy without being |
// tunneled via the CONNECT method. |
@@ -177,6 +183,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
int DoGenerateProxyAuthTokenComplete(int result); |
int DoGenerateServerAuthToken(); |
int DoGenerateServerAuthTokenComplete(int result); |
+ int DoGetTokenBindingKey(); |
+ int DoGetTokenBindingKeyComplete(int result); |
int DoInitRequestBody(); |
int DoInitRequestBodyComplete(int result); |
int DoBuildRequest(); |
@@ -191,6 +199,7 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
int DoDrainBodyForAuthRestartComplete(int result); |
void BuildRequestHeaders(bool using_http_proxy_without_tunnel); |
+ std::string BuildTokenBindingHeader(); |
// Writes a log message to help debugging in the field when we block a proxy |
// response to a CONNECT request. |
@@ -312,6 +321,11 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction |
// The SSLFailureState which caused the last TLS version fallback. |
SSLFailureState fallback_failure_state_; |
+ // Key to use for signing message in Token Binding header. |
+ scoped_ptr<crypto::ECPrivateKey> token_binding_key_; |
+ // Object to manage lookup of |token_binding_key_|. |
+ ChannelIDService::Request token_binding_request_; |
+ |
HttpRequestHeaders request_headers_; |
// The size in bytes of the buffer we use to drain the response body that |