OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ |
7 | 7 |
8 #include <openssl/base.h> | 8 #include <openssl/base.h> |
9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
10 #include <stddef.h> | 10 #include <stddef.h> |
(...skipping 12 matching lines...) Expand all Loading... |
23 #include "net/base/io_buffer.h" | 23 #include "net/base/io_buffer.h" |
24 #include "net/cert/cert_verifier.h" | 24 #include "net/cert/cert_verifier.h" |
25 #include "net/cert/cert_verify_result.h" | 25 #include "net/cert/cert_verify_result.h" |
26 #include "net/cert/ct_verify_result.h" | 26 #include "net/cert/ct_verify_result.h" |
27 #include "net/socket/client_socket_handle.h" | 27 #include "net/socket/client_socket_handle.h" |
28 #include "net/socket/ssl_client_socket.h" | 28 #include "net/socket/ssl_client_socket.h" |
29 #include "net/ssl/channel_id_service.h" | 29 #include "net/ssl/channel_id_service.h" |
30 #include "net/ssl/openssl_ssl_util.h" | 30 #include "net/ssl/openssl_ssl_util.h" |
31 #include "net/ssl/ssl_client_cert_type.h" | 31 #include "net/ssl/ssl_client_cert_type.h" |
32 #include "net/ssl/ssl_config_service.h" | 32 #include "net/ssl/ssl_config_service.h" |
33 #include "net/ssl/ssl_failure_state.h" | |
34 | 33 |
35 namespace base { | 34 namespace base { |
36 class FilePath; | 35 class FilePath; |
37 class SequencedTaskRunner; | 36 class SequencedTaskRunner; |
38 } | 37 } |
39 | 38 |
40 namespace net { | 39 namespace net { |
41 | 40 |
42 class CertVerifier; | 41 class CertVerifier; |
43 class CTVerifier; | 42 class CTVerifier; |
(...skipping 27 matching lines...) Expand all Loading... |
71 const scoped_refptr<base::SequencedTaskRunner>& task_runner); | 70 const scoped_refptr<base::SequencedTaskRunner>& task_runner); |
72 #endif | 71 #endif |
73 | 72 |
74 // SSLClientSocket implementation. | 73 // SSLClientSocket implementation. |
75 void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info) override; | 74 void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info) override; |
76 NextProtoStatus GetNextProto(std::string* proto) const override; | 75 NextProtoStatus GetNextProto(std::string* proto) const override; |
77 ChannelIDService* GetChannelIDService() const override; | 76 ChannelIDService* GetChannelIDService() const override; |
78 Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key, | 77 Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key, |
79 std::vector<uint8_t>* out) override; | 78 std::vector<uint8_t>* out) override; |
80 crypto::ECPrivateKey* GetChannelIDKey() const override; | 79 crypto::ECPrivateKey* GetChannelIDKey() const override; |
81 SSLFailureState GetSSLFailureState() const override; | |
82 | 80 |
83 // SSLSocket implementation. | 81 // SSLSocket implementation. |
84 int ExportKeyingMaterial(const base::StringPiece& label, | 82 int ExportKeyingMaterial(const base::StringPiece& label, |
85 bool has_context, | 83 bool has_context, |
86 const base::StringPiece& context, | 84 const base::StringPiece& context, |
87 unsigned char* out, | 85 unsigned char* out, |
88 unsigned int outlen) override; | 86 unsigned int outlen) override; |
89 | 87 |
90 // StreamSocket implementation. | 88 // StreamSocket implementation. |
91 int Connect(const CompletionCallback& callback) override; | 89 int Connect(const CompletionCallback& callback) override; |
(...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
349 // True if a channel ID was sent. | 347 // True if a channel ID was sent. |
350 bool channel_id_sent_; | 348 bool channel_id_sent_; |
351 // True if the current session was newly-established, but the certificate had | 349 // True if the current session was newly-established, but the certificate had |
352 // not yet been verified externally, so it cannot be inserted into the cache | 350 // not yet been verified externally, so it cannot be inserted into the cache |
353 // until later. | 351 // until later. |
354 bool session_pending_; | 352 bool session_pending_; |
355 // True if the initial handshake's certificate has been verified. | 353 // True if the initial handshake's certificate has been verified. |
356 bool certificate_verified_; | 354 bool certificate_verified_; |
357 // The request handle for |channel_id_service_|. | 355 // The request handle for |channel_id_service_|. |
358 ChannelIDService::Request channel_id_request_; | 356 ChannelIDService::Request channel_id_request_; |
359 SSLFailureState ssl_failure_state_; | |
360 | 357 |
361 int signature_result_; | 358 int signature_result_; |
362 std::vector<uint8_t> signature_; | 359 std::vector<uint8_t> signature_; |
363 | 360 |
364 TransportSecurityState* transport_security_state_; | 361 TransportSecurityState* transport_security_state_; |
365 | 362 |
366 CTPolicyEnforcer* const policy_enforcer_; | 363 CTPolicyEnforcer* const policy_enforcer_; |
367 | 364 |
368 // pinning_failure_log contains a message produced by | 365 // pinning_failure_log contains a message produced by |
369 // TransportSecurityState::CheckPublicKeyPins in the event of a | 366 // TransportSecurityState::CheckPublicKeyPins in the event of a |
370 // pinning failure. It is a (somewhat) human-readable string. | 367 // pinning failure. It is a (somewhat) human-readable string. |
371 std::string pinning_failure_log_; | 368 std::string pinning_failure_log_; |
372 | 369 |
373 // True if PKP is bypassed due to a local trust anchor. | 370 // True if PKP is bypassed due to a local trust anchor. |
374 bool pkp_bypassed_; | 371 bool pkp_bypassed_; |
375 | 372 |
376 BoundNetLog net_log_; | 373 BoundNetLog net_log_; |
377 base::WeakPtrFactory<SSLClientSocketImpl> weak_factory_; | 374 base::WeakPtrFactory<SSLClientSocketImpl> weak_factory_; |
378 }; | 375 }; |
379 | 376 |
380 } // namespace net | 377 } // namespace net |
381 | 378 |
382 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ | 379 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_ |
OLD | NEW |