| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 class CTVerifier; | 34 class CTVerifier; |
| 35 class SSLCertRequestInfo; | 35 class SSLCertRequestInfo; |
| 36 struct SSLConfig; | 36 struct SSLConfig; |
| 37 class SSLInfo; | 37 class SSLInfo; |
| 38 class TransportSecurityState; | 38 class TransportSecurityState; |
| 39 class X509Certificate; | 39 class X509Certificate; |
| 40 | 40 |
| 41 // This struct groups together several fields which are used by various | 41 // This struct groups together several fields which are used by various |
| 42 // classes related to SSLClientSocket. | 42 // classes related to SSLClientSocket. |
| 43 struct SSLClientSocketContext { | 43 struct SSLClientSocketContext { |
| 44 SSLClientSocketContext() | 44 SSLClientSocketContext() = default; |
| 45 : cert_verifier(NULL), | |
| 46 channel_id_service(NULL), | |
| 47 transport_security_state(NULL), | |
| 48 cert_transparency_verifier(NULL), | |
| 49 ct_policy_enforcer(NULL) {} | |
| 50 | |
| 51 SSLClientSocketContext(CertVerifier* cert_verifier_arg, | 45 SSLClientSocketContext(CertVerifier* cert_verifier_arg, |
| 52 ChannelIDService* channel_id_service_arg, | 46 ChannelIDService* channel_id_service_arg, |
| 53 TransportSecurityState* transport_security_state_arg, | 47 TransportSecurityState* transport_security_state_arg, |
| 54 CTVerifier* cert_transparency_verifier_arg, | 48 CTVerifier* cert_transparency_verifier_arg, |
| 55 CTPolicyEnforcer* ct_policy_enforcer_arg, | 49 CTPolicyEnforcer* ct_policy_enforcer_arg, |
| 56 const std::string& ssl_session_cache_shard_arg) | 50 const std::string& ssl_session_cache_shard_arg) |
| 57 : cert_verifier(cert_verifier_arg), | 51 : cert_verifier(cert_verifier_arg), |
| 58 channel_id_service(channel_id_service_arg), | 52 channel_id_service(channel_id_service_arg), |
| 59 transport_security_state(transport_security_state_arg), | 53 transport_security_state(transport_security_state_arg), |
| 60 cert_transparency_verifier(cert_transparency_verifier_arg), | 54 cert_transparency_verifier(cert_transparency_verifier_arg), |
| 61 ct_policy_enforcer(ct_policy_enforcer_arg), | 55 ct_policy_enforcer(ct_policy_enforcer_arg), |
| 62 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} | 56 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} |
| 63 | 57 |
| 64 CertVerifier* cert_verifier; | 58 CertVerifier* cert_verifier = nullptr; |
| 65 ChannelIDService* channel_id_service; | 59 ChannelIDService* channel_id_service = nullptr; |
| 66 TransportSecurityState* transport_security_state; | 60 TransportSecurityState* transport_security_state = nullptr; |
| 67 CTVerifier* cert_transparency_verifier; | 61 CTVerifier* cert_transparency_verifier = nullptr; |
| 68 CTPolicyEnforcer* ct_policy_enforcer; | 62 CTPolicyEnforcer* ct_policy_enforcer = nullptr; |
| 69 // ssl_session_cache_shard is an opaque string that identifies a shard of the | 63 // ssl_session_cache_shard is an opaque string that identifies a shard of the |
| 70 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may | 64 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may |
| 71 // resume each other's SSL sessions but we'll never sessions between shards. | 65 // resume each other's SSL sessions but we'll never sessions between shards. |
| 72 const std::string ssl_session_cache_shard; | 66 const std::string ssl_session_cache_shard; |
| 73 }; | 67 }; |
| 74 | 68 |
| 75 // A client socket that uses SSL as the transport layer. | 69 // A client socket that uses SSL as the transport layer. |
| 76 // | 70 // |
| 77 // NOTE: The SSL handshake occurs within the Connect method after a TCP | 71 // NOTE: The SSL handshake occurs within the Connect method after a TCP |
| 78 // connection is established. If a SSL error occurs during the handshake, | 72 // connection is established. If a SSL error occurs during the handshake, |
| (...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 bool signed_cert_timestamps_received_; | 219 bool signed_cert_timestamps_received_; |
| 226 // True if a stapled OCSP response was received. | 220 // True if a stapled OCSP response was received. |
| 227 bool stapled_ocsp_response_received_; | 221 bool stapled_ocsp_response_received_; |
| 228 // Protocol negotiation extension used. | 222 // Protocol negotiation extension used. |
| 229 SSLNegotiationExtension negotiation_extension_; | 223 SSLNegotiationExtension negotiation_extension_; |
| 230 }; | 224 }; |
| 231 | 225 |
| 232 } // namespace net | 226 } // namespace net |
| 233 | 227 |
| 234 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 228 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2067843003:
Require a CTVerifier and CTPolicyEnforcer for TLS/QUIC sockets (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master