Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(819)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_server_socket_nss.cc

Issue 274783002: Implement SSL server socket over OpenSSL. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix for some comments. Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_server_socket_nss.h ('k') | net/socket/ssl_server_socket_openssl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_server_socket_nss.h" 5 #include "net/socket/ssl_server_socket_nss.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <winsock2.h> 8 #include <winsock2.h>
9 #endif 9 #endif
10 10
(...skipping 11 matching lines...) Expand all
22 #include <nss.h> 22 #include <nss.h>
23 #include <pk11pub.h> 23 #include <pk11pub.h>
24 #include <secerr.h> 24 #include <secerr.h>
25 #include <sechash.h> 25 #include <sechash.h>
26 #include <ssl.h> 26 #include <ssl.h>
27 #include <sslerr.h> 27 #include <sslerr.h>
28 #include <sslproto.h> 28 #include <sslproto.h>
29 29
30 #include <limits> 30 #include <limits>
31 31
32 #include "base/callback_helpers.h"
32 #include "base/lazy_instance.h" 33 #include "base/lazy_instance.h"
33 #include "base/memory/ref_counted.h" 34 #include "base/memory/ref_counted.h"
34 #include "crypto/rsa_private_key.h" 35 #include "crypto/rsa_private_key.h"
35 #include "crypto/nss_util_internal.h" 36 #include "crypto/nss_util_internal.h"
36 #include "net/base/io_buffer.h" 37 #include "net/base/io_buffer.h"
37 #include "net/base/net_errors.h" 38 #include "net/base/net_errors.h"
38 #include "net/base/net_log.h" 39 #include "net/base/net_log.h"
39 #include "net/socket/nss_ssl_util.h" 40 #include "net/socket/nss_ssl_util.h"
40 #include "net/socket/ssl_error_params.h" 41 #include "net/socket/ssl_error_params.h"
41 42
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after
240 241
241 int SSLServerSocketNSS::SetReceiveBufferSize(int32 size) { 242 int SSLServerSocketNSS::SetReceiveBufferSize(int32 size) {
242 return transport_socket_->SetReceiveBufferSize(size); 243 return transport_socket_->SetReceiveBufferSize(size);
243 } 244 }
244 245
245 int SSLServerSocketNSS::SetSendBufferSize(int32 size) { 246 int SSLServerSocketNSS::SetSendBufferSize(int32 size) {
246 return transport_socket_->SetSendBufferSize(size); 247 return transport_socket_->SetSendBufferSize(size);
247 } 248 }
248 249
249 bool SSLServerSocketNSS::IsConnected() const { 250 bool SSLServerSocketNSS::IsConnected() const {
251 // TODO(wtc): Find out if we should check transport_socket_->IsConnected()
252 // as well.
250 return completed_handshake_; 253 return completed_handshake_;
251 } 254 }
252 255
253 void SSLServerSocketNSS::Disconnect() { 256 void SSLServerSocketNSS::Disconnect() {
254 transport_socket_->Disconnect(); 257 transport_socket_->Disconnect();
255 } 258 }
256 259
257 bool SSLServerSocketNSS::IsConnectedAndIdle() const { 260 bool SSLServerSocketNSS::IsConnectedAndIdle() const {
258 return completed_handshake_ && transport_socket_->IsConnectedAndIdle(); 261 return completed_handshake_ && transport_socket_->IsConnectedAndIdle();
259 } 262 }
(...skipping 24 matching lines...) Expand all
284 287
285 bool SSLServerSocketNSS::WasEverUsed() const { 288 bool SSLServerSocketNSS::WasEverUsed() const {
286 return transport_socket_->WasEverUsed(); 289 return transport_socket_->WasEverUsed();
287 } 290 }
288 291
289 bool SSLServerSocketNSS::UsingTCPFastOpen() const { 292 bool SSLServerSocketNSS::UsingTCPFastOpen() const {
290 return transport_socket_->UsingTCPFastOpen(); 293 return transport_socket_->UsingTCPFastOpen();
291 } 294 }
292 295
293 bool SSLServerSocketNSS::WasNpnNegotiated() const { 296 bool SSLServerSocketNSS::WasNpnNegotiated() const {
297 NOTIMPLEMENTED();
294 return false; 298 return false;
295 } 299 }
296 300
297 NextProto SSLServerSocketNSS::GetNegotiatedProtocol() const { 301 NextProto SSLServerSocketNSS::GetNegotiatedProtocol() const {
298 // NPN is not supported by this class. 302 // NPN is not supported by this class.
299 return kProtoUnknown; 303 return kProtoUnknown;
300 } 304 }
301 305
302 bool SSLServerSocketNSS::GetSSLInfo(SSLInfo* ssl_info) { 306 bool SSLServerSocketNSS::GetSSLInfo(SSLInfo* ssl_info) {
303 NOTIMPLEMENTED(); 307 NOTIMPLEMENTED();
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after
490 return OK; 494 return OK;
491 } 495 }
492 496
493 void SSLServerSocketNSS::OnSendComplete(int result) { 497 void SSLServerSocketNSS::OnSendComplete(int result) {
494 if (next_handshake_state_ == STATE_HANDSHAKE) { 498 if (next_handshake_state_ == STATE_HANDSHAKE) {
495 // In handshake phase. 499 // In handshake phase.
496 OnHandshakeIOComplete(result); 500 OnHandshakeIOComplete(result);
497 return; 501 return;
498 } 502 }
499 503
504 // TODO(byungchul): This state machine is not correct. Copy the state machine
505 // of SSLClientSocketNSS::OnSendComplete() which handles it better.
500 if (!completed_handshake_) 506 if (!completed_handshake_)
501 return; 507 return;
502 508
503 if (user_write_buf_.get()) { 509 if (user_write_buf_.get()) {
504 int rv = DoWriteLoop(result); 510 int rv = DoWriteLoop(result);
505 if (rv != ERR_IO_PENDING) 511 if (rv != ERR_IO_PENDING)
506 DoWriteCallback(rv); 512 DoWriteCallback(rv);
507 } else { 513 } else {
508 // Ensure that any queued ciphertext is flushed. 514 // Ensure that any queued ciphertext is flushed.
509 DoTransportIO(); 515 DoTransportIO();
(...skipping 12 matching lines...) Expand all
522 if (!user_read_buf_.get() || !completed_handshake_) 528 if (!user_read_buf_.get() || !completed_handshake_)
523 return; 529 return;
524 530
525 int rv = DoReadLoop(result); 531 int rv = DoReadLoop(result);
526 if (rv != ERR_IO_PENDING) 532 if (rv != ERR_IO_PENDING)
527 DoReadCallback(rv); 533 DoReadCallback(rv);
528 } 534 }
529 535
530 void SSLServerSocketNSS::OnHandshakeIOComplete(int result) { 536 void SSLServerSocketNSS::OnHandshakeIOComplete(int result) {
531 int rv = DoHandshakeLoop(result); 537 int rv = DoHandshakeLoop(result);
532 if (rv != ERR_IO_PENDING) { 538 if (rv == ERR_IO_PENDING)
533 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv); 539 return;
534 if (!user_handshake_callback_.is_null()) 540
535 DoHandshakeCallback(rv); 541 net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
536 } 542 if (!user_handshake_callback_.is_null())
543 DoHandshakeCallback(rv);
537 } 544 }
538 545
539 // Return 0 for EOF, 546 // Return 0 for EOF,
540 // > 0 for bytes transferred immediately, 547 // > 0 for bytes transferred immediately,
541 // < 0 for error (or the non-error ERR_IO_PENDING). 548 // < 0 for error (or the non-error ERR_IO_PENDING).
542 int SSLServerSocketNSS::BufferSend(void) { 549 int SSLServerSocketNSS::BufferSend(void) {
543 if (transport_send_busy_) 550 if (transport_send_busy_)
544 return ERR_IO_PENDING; 551 return ERR_IO_PENDING;
545 552
546 const char* buf1; 553 const char* buf1;
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after
718 int rv; 725 int rv;
719 do { 726 do {
720 rv = DoPayloadRead(); 727 rv = DoPayloadRead();
721 network_moved = DoTransportIO(); 728 network_moved = DoTransportIO();
722 } while (rv == ERR_IO_PENDING && network_moved); 729 } while (rv == ERR_IO_PENDING && network_moved);
723 return rv; 730 return rv;
724 } 731 }
725 732
726 int SSLServerSocketNSS::DoWriteLoop(int result) { 733 int SSLServerSocketNSS::DoWriteLoop(int result) {
727 DCHECK(completed_handshake_); 734 DCHECK(completed_handshake_);
728 DCHECK(next_handshake_state_ == STATE_NONE); 735 DCHECK_EQ(next_handshake_state_, STATE_NONE);
729 736
730 if (result < 0) 737 if (result < 0)
731 return result; 738 return result;
732 739
733 if (!nss_bufs_) { 740 if (!nss_bufs_) {
734 LOG(DFATAL) << "!nss_bufs_"; 741 LOG(DFATAL) << "!nss_bufs_";
735 int rv = ERR_UNEXPECTED; 742 int rv = ERR_UNEXPECTED;
736 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR, 743 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR,
737 CreateNetLogSSLErrorCallback(rv, 0)); 744 CreateNetLogSSLErrorCallback(rv, 0));
738 return rv; 745 return rv;
(...skipping 26 matching lines...) Expand all
765 << ", net_error " << net_error; 772 << ", net_error " << net_error;
766 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR, 773 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR,
767 CreateNetLogSSLErrorCallback(net_error, prerr)); 774 CreateNetLogSSLErrorCallback(net_error, prerr));
768 } 775 }
769 } 776 }
770 return net_error; 777 return net_error;
771 } 778 }
772 779
773 void SSLServerSocketNSS::DoHandshakeCallback(int rv) { 780 void SSLServerSocketNSS::DoHandshakeCallback(int rv) {
774 DCHECK_NE(rv, ERR_IO_PENDING); 781 DCHECK_NE(rv, ERR_IO_PENDING);
775 782 ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv);
776 CompletionCallback c = user_handshake_callback_;
777 user_handshake_callback_.Reset();
778 c.Run(rv > OK ? OK : rv);
779 } 783 }
780 784
781 void SSLServerSocketNSS::DoReadCallback(int rv) { 785 void SSLServerSocketNSS::DoReadCallback(int rv) {
782 DCHECK(rv != ERR_IO_PENDING); 786 DCHECK(rv != ERR_IO_PENDING);
783 DCHECK(!user_read_callback_.is_null()); 787 DCHECK(!user_read_callback_.is_null());
784 788
785 // Since Run may result in Read being called, clear |user_read_callback_|
786 // up front.
787 CompletionCallback c = user_read_callback_;
788 user_read_callback_.Reset();
789 user_read_buf_ = NULL; 789 user_read_buf_ = NULL;
790 user_read_buf_len_ = 0; 790 user_read_buf_len_ = 0;
791 c.Run(rv); 791 ResetAndReturn(&user_read_callback_).Run(rv);
792 } 792 }
793 793
794 void SSLServerSocketNSS::DoWriteCallback(int rv) { 794 void SSLServerSocketNSS::DoWriteCallback(int rv) {
795 DCHECK(rv != ERR_IO_PENDING); 795 DCHECK(rv != ERR_IO_PENDING);
796 DCHECK(!user_write_callback_.is_null()); 796 DCHECK(!user_write_callback_.is_null());
797 797
798 // Since Run may result in Write being called, clear |user_write_callback_|
799 // up front.
800 CompletionCallback c = user_write_callback_;
801 user_write_callback_.Reset();
802 user_write_buf_ = NULL; 798 user_write_buf_ = NULL;
803 user_write_buf_len_ = 0; 799 user_write_buf_len_ = 0;
804 c.Run(rv); 800 ResetAndReturn(&user_write_callback_).Run(rv);
805 } 801 }
806 802
807 // static 803 // static
808 // NSS calls this if an incoming certificate needs to be verified. 804 // NSS calls this if an incoming certificate needs to be verified.
809 // Do nothing but return SECSuccess. 805 // Do nothing but return SECSuccess.
810 // This is called only in full handshake mode. 806 // This is called only in full handshake mode.
811 // Peer certificate is retrieved in HandshakeCallback() later, which is called 807 // Peer certificate is retrieved in HandshakeCallback() later, which is called
812 // in full handshake mode or in resumption handshake mode. 808 // in full handshake mode or in resumption handshake mode.
813 SECStatus SSLServerSocketNSS::OwnAuthCertHandler(void* arg, 809 SECStatus SSLServerSocketNSS::OwnAuthCertHandler(void* arg,
814 PRFileDesc* socket, 810 PRFileDesc* socket,
(...skipping 17 matching lines...) Expand all
832 // initializes the NSS base library. 828 // initializes the NSS base library.
833 EnsureNSSSSLInit(); 829 EnsureNSSSSLInit();
834 if (!NSS_IsInitialized()) 830 if (!NSS_IsInitialized())
835 return ERR_UNEXPECTED; 831 return ERR_UNEXPECTED;
836 832
837 EnableSSLServerSockets(); 833 EnableSSLServerSockets();
838 return OK; 834 return OK;
839 } 835 }
840 836
841 } // namespace net 837 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_server_socket_nss.h ('k') | net/socket/ssl_server_socket_openssl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698