Index: sdk/lib/io/secure_socket.dart |
diff --git a/sdk/lib/io/secure_socket.dart b/sdk/lib/io/secure_socket.dart |
index 417534a5d7f632b50484bb4cbe2749b63754361b..231b82cbdb7db8c3855486d8e8a44bfb4782c54c 100644 |
--- a/sdk/lib/io/secure_socket.dart |
+++ b/sdk/lib/io/secure_socket.dart |
@@ -150,6 +150,17 @@ abstract class SecureSocket implements Socket { |
X509Certificate get peerCertificate; |
/** |
+ * Renegotiate an existing secure connection, renewing the session keys |
+ * and possibly changing the connection properties. |
+ * |
+ * This repeats the SSL or TLS handshake, with options that allow clearing |
+ * the session cache and requesting a client certificate. |
+ */ |
+ void renegotiate({bool useSessionCache: true, |
+ bool requestClientCertificate: false, |
+ bool requireClientCertificate: false}); |
+ |
+ /** |
* Initializes the NSS library. If [initialize] is not called, the library |
* is automatically initialized as if [initialize] were called with no |
* arguments. If [initialize] is called more than once, or called after |
@@ -334,6 +345,17 @@ abstract class RawSecureSocket implements RawSocket { |
} |
/** |
+ * Renegotiate an existing secure connection, renewing the session keys |
+ * and possibly changing the connection properties. |
+ * |
+ * This repeats the SSL or TLS handshake, with options that allow clearing |
+ * the session cache and requesting a client certificate. |
+ */ |
+ void renegotiate({bool useSessionCache: true, |
+ bool requestClientCertificate: false, |
+ bool requireClientCertificate: false}); |
+ |
+ /** |
* Get the peer certificate for a connected RawSecureSocket. If this |
* RawSecureSocket is the server end of a secure socket connection, |
* [peerCertificate] will return the client certificate, or null, if no |
@@ -785,6 +807,25 @@ class _RawSecureSocket extends Stream<RawSocketEvent> |
} |
} |
+ void renegotiate({bool useSessionCache: true, |
+ bool requestClientCertificate: false, |
+ bool requireClientCertificate: false}) { |
+ try { |
+ if (_status != CONNECTED) { |
Anders Johnsen
2013/07/11 11:20:32
I would expect this to be a StateError thrown dire
Bill Hesse
2013/07/11 15:25:42
Done.
|
+ throw new HandshakeException( |
+ "Called renegotiate on a non-connected socket"); |
+ } |
+ _secureFilter.renegotiate(useSessionCache, |
+ requestClientCertificate, |
+ requireClientCertificate); |
+ _status = HANDSHAKE; |
+ _filterStatus.writeEmpty = false; |
+ _scheduleFilter(); |
+ } catch (e) { |
+ _reportError(e); |
+ } |
+ } |
+ |
void _secureHandshakeCompleteHandler() { |
_status = CONNECTED; |
if (_connectPending) { |
@@ -1158,6 +1199,10 @@ abstract class _SecureFilter { |
bool sendClientCertificate); |
void destroy(); |
void handshake(); |
+ void rehandshake(); |
+ void renegotiate(bool useSessionCache, |
+ bool requestClientCertificate, |
+ bool requireClientCertificate); |
void init(); |
X509Certificate get peerCertificate; |
int processBuffer(int bufferIndex); |