| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 7 | 7 |
| 8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 | 8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 |
| 9 // until NSS 3.12.2 comes out and we update to it. | 9 // until NSS 3.12.2 comes out and we update to it. |
| 10 #define Lock FOO_NSS_Lock | 10 #define Lock FOO_NSS_Lock |
| 11 #include <certt.h> | 11 #include <certt.h> |
| 12 #undef Lock | 12 #undef Lock |
| 13 #include <keyt.h> |
| 13 #include <nspr.h> | 14 #include <nspr.h> |
| 14 #include <nss.h> | 15 #include <nss.h> |
| 16 |
| 15 #include <string> | 17 #include <string> |
| 16 | 18 |
| 17 #include "base/scoped_ptr.h" | 19 #include "base/scoped_ptr.h" |
| 18 #include "net/base/cert_verify_result.h" | 20 #include "net/base/cert_verify_result.h" |
| 19 #include "net/base/completion_callback.h" | 21 #include "net/base/completion_callback.h" |
| 20 #include "net/base/nss_memio.h" | 22 #include "net/base/nss_memio.h" |
| 21 #include "net/base/ssl_config_service.h" | 23 #include "net/base/ssl_config_service.h" |
| 22 #include "net/socket/ssl_client_socket.h" | 24 #include "net/socket/ssl_client_socket.h" |
| 23 | 25 |
| 24 namespace net { | 26 namespace net { |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 bool DoTransportIO(); | 80 bool DoTransportIO(); |
| 79 int BufferSend(void); | 81 int BufferSend(void); |
| 80 int BufferRecv(void); | 82 int BufferRecv(void); |
| 81 void BufferSendComplete(int result); | 83 void BufferSendComplete(int result); |
| 82 void BufferRecvComplete(int result); | 84 void BufferRecvComplete(int result); |
| 83 | 85 |
| 84 // NSS calls this when checking certificates. We pass 'this' as the first | 86 // NSS calls this when checking certificates. We pass 'this' as the first |
| 85 // argument. | 87 // argument. |
| 86 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, | 88 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, |
| 87 PRBool checksig, PRBool is_server); | 89 PRBool checksig, PRBool is_server); |
| 90 // NSS calls this when client authentication is requested. |
| 91 static SECStatus ClientAuthHandler(void* arg, |
| 92 PRFileDesc* socket, |
| 93 CERTDistNames* ca_names, |
| 94 CERTCertificate** result_certificate, |
| 95 SECKEYPrivateKey** result_private_key); |
| 88 // NSS calls this when handshake is completed. We pass 'this' as the second | 96 // NSS calls this when handshake is completed. We pass 'this' as the second |
| 89 // argument. | 97 // argument. |
| 90 static void HandshakeCallback(PRFileDesc* socket, void* arg); | 98 static void HandshakeCallback(PRFileDesc* socket, void* arg); |
| 91 | 99 |
| 92 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; | 100 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; |
| 93 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; | 101 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; |
| 94 bool transport_send_busy_; | 102 bool transport_send_busy_; |
| 95 bool transport_recv_busy_; | 103 bool transport_recv_busy_; |
| 96 scoped_refptr<IOBuffer> recv_buffer_; | 104 scoped_refptr<IOBuffer> recv_buffer_; |
| 97 | 105 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 109 int user_read_buf_len_; | 117 int user_read_buf_len_; |
| 110 | 118 |
| 111 // Used by Write function. | 119 // Used by Write function. |
| 112 scoped_refptr<IOBuffer> user_write_buf_; | 120 scoped_refptr<IOBuffer> user_write_buf_; |
| 113 int user_write_buf_len_; | 121 int user_write_buf_len_; |
| 114 | 122 |
| 115 // Set when handshake finishes. | 123 // Set when handshake finishes. |
| 116 scoped_refptr<X509Certificate> server_cert_; | 124 scoped_refptr<X509Certificate> server_cert_; |
| 117 CertVerifyResult server_cert_verify_result_; | 125 CertVerifyResult server_cert_verify_result_; |
| 118 | 126 |
| 127 // Stores client authentication information between ClientAuthHandler and |
| 128 // GetSSLCertRequestInfo calls. |
| 129 CERTDistNames* client_auth_ca_names_; |
| 130 bool client_auth_cert_needed_; |
| 131 |
| 119 scoped_ptr<CertVerifier> verifier_; | 132 scoped_ptr<CertVerifier> verifier_; |
| 120 | 133 |
| 121 bool completed_handshake_; | 134 bool completed_handshake_; |
| 122 | 135 |
| 123 enum State { | 136 enum State { |
| 124 STATE_NONE, | 137 STATE_NONE, |
| 125 STATE_HANDSHAKE, | 138 STATE_HANDSHAKE, |
| 126 STATE_VERIFY_CERT, | 139 STATE_VERIFY_CERT, |
| 127 STATE_VERIFY_CERT_COMPLETE, | 140 STATE_VERIFY_CERT_COMPLETE, |
| 128 }; | 141 }; |
| 129 State next_handshake_state_; | 142 State next_handshake_state_; |
| 130 | 143 |
| 131 // The NSS SSL state machine | 144 // The NSS SSL state machine |
| 132 PRFileDesc* nss_fd_; | 145 PRFileDesc* nss_fd_; |
| 133 | 146 |
| 134 // Buffers for the network end of the SSL state machine | 147 // Buffers for the network end of the SSL state machine |
| 135 memio_Private* nss_bufs_; | 148 memio_Private* nss_bufs_; |
| 136 | 149 |
| 137 static bool nss_options_initialized_; | 150 static bool nss_options_initialized_; |
| 138 }; | 151 }; |
| 139 | 152 |
| 140 } // namespace net | 153 } // namespace net |
| 141 | 154 |
| 142 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 155 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 276037:
Provides a certificate for SSL client authentication on NSS sockets.... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/