OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
7 | 7 |
8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 | 8 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 |
9 // until NSS 3.12.2 comes out and we update to it. | 9 // until NSS 3.12.2 comes out and we update to it. |
10 #define Lock FOO_NSS_Lock | 10 #define Lock FOO_NSS_Lock |
11 #include <certt.h> | 11 #include <certt.h> |
12 #undef Lock | 12 #undef Lock |
| 13 #include <keyt.h> |
13 #include <nspr.h> | 14 #include <nspr.h> |
14 #include <nss.h> | 15 #include <nss.h> |
| 16 |
15 #include <string> | 17 #include <string> |
16 | 18 |
17 #include "base/scoped_ptr.h" | 19 #include "base/scoped_ptr.h" |
18 #include "net/base/cert_verify_result.h" | 20 #include "net/base/cert_verify_result.h" |
19 #include "net/base/completion_callback.h" | 21 #include "net/base/completion_callback.h" |
20 #include "net/base/nss_memio.h" | 22 #include "net/base/nss_memio.h" |
21 #include "net/base/ssl_config_service.h" | 23 #include "net/base/ssl_config_service.h" |
22 #include "net/socket/ssl_client_socket.h" | 24 #include "net/socket/ssl_client_socket.h" |
23 | 25 |
24 namespace net { | 26 namespace net { |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
78 bool DoTransportIO(); | 80 bool DoTransportIO(); |
79 int BufferSend(void); | 81 int BufferSend(void); |
80 int BufferRecv(void); | 82 int BufferRecv(void); |
81 void BufferSendComplete(int result); | 83 void BufferSendComplete(int result); |
82 void BufferRecvComplete(int result); | 84 void BufferRecvComplete(int result); |
83 | 85 |
84 // NSS calls this when checking certificates. We pass 'this' as the first | 86 // NSS calls this when checking certificates. We pass 'this' as the first |
85 // argument. | 87 // argument. |
86 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, | 88 static SECStatus OwnAuthCertHandler(void* arg, PRFileDesc* socket, |
87 PRBool checksig, PRBool is_server); | 89 PRBool checksig, PRBool is_server); |
| 90 // NSS calls this when client authentication is requested. |
| 91 static SECStatus ClientAuthHandler(void* arg, |
| 92 PRFileDesc* socket, |
| 93 CERTDistNames* ca_names, |
| 94 CERTCertificate** result_certificate, |
| 95 SECKEYPrivateKey** result_private_key); |
88 // NSS calls this when handshake is completed. We pass 'this' as the second | 96 // NSS calls this when handshake is completed. We pass 'this' as the second |
89 // argument. | 97 // argument. |
90 static void HandshakeCallback(PRFileDesc* socket, void* arg); | 98 static void HandshakeCallback(PRFileDesc* socket, void* arg); |
91 | 99 |
92 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; | 100 CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_; |
93 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; | 101 CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_; |
94 bool transport_send_busy_; | 102 bool transport_send_busy_; |
95 bool transport_recv_busy_; | 103 bool transport_recv_busy_; |
96 scoped_refptr<IOBuffer> recv_buffer_; | 104 scoped_refptr<IOBuffer> recv_buffer_; |
97 | 105 |
(...skipping 11 matching lines...) Expand all Loading... |
109 int user_read_buf_len_; | 117 int user_read_buf_len_; |
110 | 118 |
111 // Used by Write function. | 119 // Used by Write function. |
112 scoped_refptr<IOBuffer> user_write_buf_; | 120 scoped_refptr<IOBuffer> user_write_buf_; |
113 int user_write_buf_len_; | 121 int user_write_buf_len_; |
114 | 122 |
115 // Set when handshake finishes. | 123 // Set when handshake finishes. |
116 scoped_refptr<X509Certificate> server_cert_; | 124 scoped_refptr<X509Certificate> server_cert_; |
117 CertVerifyResult server_cert_verify_result_; | 125 CertVerifyResult server_cert_verify_result_; |
118 | 126 |
| 127 // Stores client authentication information between ClientAuthHandler and |
| 128 // GetSSLCertRequestInfo calls. |
| 129 CERTDistNames* client_auth_ca_names_; |
| 130 bool client_auth_cert_needed_; |
| 131 |
119 scoped_ptr<CertVerifier> verifier_; | 132 scoped_ptr<CertVerifier> verifier_; |
120 | 133 |
121 bool completed_handshake_; | 134 bool completed_handshake_; |
122 | 135 |
123 enum State { | 136 enum State { |
124 STATE_NONE, | 137 STATE_NONE, |
125 STATE_HANDSHAKE, | 138 STATE_HANDSHAKE, |
126 STATE_VERIFY_CERT, | 139 STATE_VERIFY_CERT, |
127 STATE_VERIFY_CERT_COMPLETE, | 140 STATE_VERIFY_CERT_COMPLETE, |
128 }; | 141 }; |
129 State next_handshake_state_; | 142 State next_handshake_state_; |
130 | 143 |
131 // The NSS SSL state machine | 144 // The NSS SSL state machine |
132 PRFileDesc* nss_fd_; | 145 PRFileDesc* nss_fd_; |
133 | 146 |
134 // Buffers for the network end of the SSL state machine | 147 // Buffers for the network end of the SSL state machine |
135 memio_Private* nss_bufs_; | 148 memio_Private* nss_bufs_; |
136 | 149 |
137 static bool nss_options_initialized_; | 150 static bool nss_options_initialized_; |
138 }; | 151 }; |
139 | 152 |
140 } // namespace net | 153 } // namespace net |
141 | 154 |
142 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 155 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
OLD | NEW |