runtime/bin/secure_socket.h - Issue 1721283002: Implements secure sockets on Mac OS with SecureTransport API

Side by Side Diff: runtime/bin/secure_socket.h

Issue 1721283002: Implements secure sockets on Mac OS with SecureTransport API (Closed) Base URL: git@github.com:dart-lang/sdk.git@master

Patch Set: Address comments Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file	1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file

2 // for details. All rights reserved. Use of this source code is governed by a	2 // for details. All rights reserved. Use of this source code is governed by a

3 // BSD-style license that can be found in the LICENSE file.	3 // BSD-style license that can be found in the LICENSE file.

4	4

5 #ifndef BIN_SECURE_SOCKET_H_	5 #ifndef BIN_SECURE_SOCKET_H_

6 #define BIN_SECURE_SOCKET_H_	6 #define BIN_SECURE_SOCKET_H_

7	7

8 #ifdef DART_IO_SECURE_SOCKET_DISABLED	8 #ifdef DART_IO_SECURE_SOCKET_DISABLED

9 #error "secure_socket.h can only be included on builds with SSL enabled"	9 #error "secure_socket.h can only be included on builds with SSL enabled"

10 #endif	10 #endif

11	11

12 #include <stdio.h>	12 #include "platform/globals.h"

13 #include <stdlib.h>	13 #if defined(TARGET_OS_ANDROID) \|\| \

14 #include <string.h>	14 defined(TARGET_OS_LINUX) \|\| \

15 #include <sys/types.h>	15 defined(TARGET_OS_WINDOWS)

16	16 #include "bin/secure_socket_boringssl.h"

17 #include <openssl/bio.h>	17 #elif defined(TARGET_OS_MACOS)

18 #include <openssl/err.h>	18 #include "bin/secure_socket_macos.h"

19 #include <openssl/ssl.h>	19 #else

20 #include <openssl/x509.h>	20 #error Unknown target os.

21	21 #endif

22 #include "bin/builtin.h"

23 #include "bin/dartutils.h"

24 #include "bin/socket.h"

25 #include "bin/thread.h"

26 #include "bin/utils.h"

27

28 namespace dart {

29 namespace bin {

30

31 /* These are defined in root_certificates.cc. */

32 extern const unsigned char* root_certificates_pem;

33 extern unsigned int root_certificates_pem_length;

34

35 /*

36 * SSLFilter encapsulates the NSS SSL(TLS) code in a filter, that communicates

37 * with the containing _SecureFilterImpl Dart object through four shared

38 * ExternalByteArray buffers, for reading and writing plaintext, and

39 * reading and writing encrypted text. The filter handles handshaking

40 * and certificate verification.

41 */

42 class SSLFilter {

43 public:

44 // These enums must agree with those in sdk/lib/io/secure_socket.dart.

45 enum BufferIndex {

46 kReadPlaintext,

47 kWritePlaintext,

48 kReadEncrypted,

49 kWriteEncrypted,

50 kNumBuffers,

51 kFirstEncrypted = kReadEncrypted

52 };

53

54 SSLFilter()

55 : callback_error(NULL),

56 ssl_(NULL),

57 socket_side_(NULL),

58 string_start_(NULL),

59 string_length_(NULL),

60 handshake_complete_(NULL),

61 bad_certificate_callback_(NULL),

62 in_handshake_(false),

63 hostname_(NULL) { }

64

65 ~SSLFilter();

66

67 Dart_Handle Init(Dart_Handle dart_this);

68 void Connect(const char* hostname,

69 SSL_CTX* context,

70 bool is_server,

71 bool request_client_certificate,

72 bool require_client_certificate,

73 Dart_Handle protocols_handle);

74 void Destroy();

75 void Handshake();

76 void GetSelectedProtocol(Dart_NativeArguments args);

77 void Renegotiate(bool use_session_cache,

78 bool request_client_certificate,

79 bool require_client_certificate);

80 void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete);

81 void RegisterBadCertificateCallback(Dart_Handle callback);

82 Dart_Handle bad_certificate_callback() {

83 return Dart_HandleFromPersistent(bad_certificate_callback_);

84 }

85 int ProcessReadPlaintextBuffer(int start, int end);

86 int ProcessWritePlaintextBuffer(int start, int end);

87 int ProcessReadEncryptedBuffer(int start, int end);

88 int ProcessWriteEncryptedBuffer(int start, int end);

89 bool ProcessAllBuffers(int starts[kNumBuffers],

90 int ends[kNumBuffers],

91 bool in_handshake);

92 Dart_Handle PeerCertificate();

93 static void InitializeLibrary();

94 Dart_Handle callback_error;

95

96 static CObject* ProcessFilterRequest(const CObjectArray& request);

97

98 // The index of the external data field in _ssl that points to the SSLFilter.

99 static int filter_ssl_index;

100

101 // TODO(whesse): make private:

102 SSL* ssl_;

103 BIO* socket_side_;

104

105 private:

106 static bool library_initialized_;

107 static Mutex* mutex_; // To protect library initialization.

108

109 uint8_t* buffers_[kNumBuffers];

110 int buffer_size_;

111 int encrypted_buffer_size_;

112 Dart_PersistentHandle string_start_;

113 Dart_PersistentHandle string_length_;

114 Dart_PersistentHandle dart_buffer_objects_[kNumBuffers];

115 Dart_PersistentHandle handshake_complete_;

116 Dart_PersistentHandle bad_certificate_callback_;

117 bool in_handshake_;

118 bool is_server_;

119 char* hostname_;

120

121 static bool isBufferEncrypted(int i) {

122 return static_cast<BufferIndex>(i) >= kFirstEncrypted;

123 }

124 Dart_Handle InitializeBuffers(Dart_Handle dart_this);

125 void InitializePlatformData();

126

127 DISALLOW_COPY_AND_ASSIGN(SSLFilter);

128 };

129

130 } // namespace bin

131 } // namespace dart

132	22

133 #endif // BIN_SECURE_SOCKET_H_	23 #endif // BIN_SECURE_SOCKET_H_

OLD	NEW

« no previous file with comments | « runtime/bin/io_natives.cc ('k') | runtime/bin/secure_socket.cc » ('j') | no next file with comments »