OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 13 matching lines...) Expand all Loading... |
24 typedef struct bio_st BIO; | 24 typedef struct bio_st BIO; |
25 // <openssl/evp.h> | 25 // <openssl/evp.h> |
26 typedef struct evp_pkey_st EVP_PKEY; | 26 typedef struct evp_pkey_st EVP_PKEY; |
27 // <openssl/ssl.h> | 27 // <openssl/ssl.h> |
28 typedef struct ssl_st SSL; | 28 typedef struct ssl_st SSL; |
29 // <openssl/x509.h> | 29 // <openssl/x509.h> |
30 typedef struct x509_st X509; | 30 typedef struct x509_st X509; |
31 // <openssl/ossl_type.h> | 31 // <openssl/ossl_type.h> |
32 typedef struct x509_store_ctx_st X509_STORE_CTX; | 32 typedef struct x509_store_ctx_st X509_STORE_CTX; |
33 | 33 |
| 34 namespace crypto { |
| 35 class OpenSSLErrStackTracer; |
| 36 } |
| 37 |
34 namespace net { | 38 namespace net { |
35 | 39 |
36 class CertVerifier; | 40 class CertVerifier; |
37 class SingleRequestCertVerifier; | 41 class SingleRequestCertVerifier; |
38 class SSLCertRequestInfo; | 42 class SSLCertRequestInfo; |
39 class SSLInfo; | 43 class SSLInfo; |
40 | 44 |
41 // An SSL client socket implemented with OpenSSL. | 45 // An SSL client socket implemented with OpenSSL. |
42 class SSLClientSocketOpenSSL : public SSLClientSocket { | 46 class SSLClientSocketOpenSSL : public SSLClientSocket { |
43 public: | 47 public: |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
113 int DoVerifyCert(int result); | 117 int DoVerifyCert(int result); |
114 int DoVerifyCertComplete(int result); | 118 int DoVerifyCertComplete(int result); |
115 void DoConnectCallback(int result); | 119 void DoConnectCallback(int result); |
116 X509Certificate* UpdateServerCert(); | 120 X509Certificate* UpdateServerCert(); |
117 | 121 |
118 void OnHandshakeIOComplete(int result); | 122 void OnHandshakeIOComplete(int result); |
119 void OnSendComplete(int result); | 123 void OnSendComplete(int result); |
120 void OnRecvComplete(int result); | 124 void OnRecvComplete(int result); |
121 | 125 |
122 int DoHandshakeLoop(int last_io_result); | 126 int DoHandshakeLoop(int last_io_result); |
123 int DoReadLoop(int result); | 127 int DoReadLoop(); |
124 int DoWriteLoop(int result); | 128 int DoWriteLoop(); |
125 int DoPayloadRead(); | 129 int DoPayloadRead(); |
126 int DoPayloadWrite(); | 130 int DoPayloadWrite(); |
127 | 131 |
128 int BufferSend(); | 132 int BufferSend(); |
129 int BufferRecv(); | 133 int BufferRecv(); |
130 void BufferSendComplete(int result); | 134 void BufferSendComplete(int result); |
131 void BufferRecvComplete(int result); | 135 void BufferRecvComplete(int result); |
132 void TransportWriteComplete(int result); | 136 void TransportWriteComplete(int result); |
133 int TransportReadComplete(int result); | 137 int TransportReadComplete(int result); |
134 | 138 |
| 139 int HandleOpenSSLError(int ssl_error, |
| 140 const crypto::OpenSSLErrStackTracer& tracer); |
| 141 |
135 // Callback from the SSL layer that indicates the remote server is requesting | 142 // Callback from the SSL layer that indicates the remote server is requesting |
136 // a certificate for this client. | 143 // a certificate for this client. |
137 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); | 144 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); |
138 | 145 |
139 // Callback from the SSL layer that indicates the remote server supports TLS | 146 // Callback from the SSL layer that indicates the remote server supports TLS |
140 // Channel IDs. | 147 // Channel IDs. |
141 void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey); | 148 void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey); |
142 | 149 |
143 // CertVerifyCallback is called to verify the server's certificates. We do | 150 // CertVerifyCallback is called to verify the server's certificates. We do |
144 // verification after the handshake so this function only enforces that the | 151 // verification after the handshake so this function only enforces that the |
145 // certificates don't change during renegotiation. | 152 // certificates don't change during renegotiation. |
146 int CertVerifyCallback(X509_STORE_CTX *store_ctx); | 153 int CertVerifyCallback(X509_STORE_CTX *store_ctx); |
147 | 154 |
148 // Callback from the SSL layer to check which NPN protocol we are supporting | 155 // Callback from the SSL layer to check which NPN protocol we are supporting |
149 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, | 156 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, |
150 const unsigned char* in, unsigned int inlen); | 157 const unsigned char* in, unsigned int inlen); |
151 | 158 |
152 bool transport_send_busy_; | 159 bool transport_send_busy_; |
153 bool transport_recv_busy_; | 160 bool transport_recv_busy_; |
154 bool transport_recv_eof_; | |
155 | 161 |
156 scoped_refptr<DrainableIOBuffer> send_buffer_; | 162 scoped_refptr<DrainableIOBuffer> send_buffer_; |
157 scoped_refptr<IOBuffer> recv_buffer_; | 163 scoped_refptr<IOBuffer> recv_buffer_; |
158 | 164 |
159 CompletionCallback user_connect_callback_; | 165 CompletionCallback user_connect_callback_; |
160 CompletionCallback user_read_callback_; | 166 CompletionCallback user_read_callback_; |
161 CompletionCallback user_write_callback_; | 167 CompletionCallback user_write_callback_; |
162 | 168 |
163 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; | 169 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; |
164 | 170 |
165 // Used by Read function. | 171 // Used by Read function. |
166 scoped_refptr<IOBuffer> user_read_buf_; | 172 scoped_refptr<IOBuffer> user_read_buf_; |
167 int user_read_buf_len_; | 173 int user_read_buf_len_; |
168 | 174 |
169 // Used by Write function. | 175 // Used by Write function. |
170 scoped_refptr<IOBuffer> user_write_buf_; | 176 scoped_refptr<IOBuffer> user_write_buf_; |
171 int user_write_buf_len_; | 177 int user_write_buf_len_; |
172 | 178 |
173 // Used by DoPayloadRead() when attempting to fill the caller's buffer with | 179 // Used by DoPayloadRead() when attempting to fill the caller's buffer with |
174 // as much data as possible without blocking. | 180 // as much data as possible without blocking. |
175 // If DoPayloadRead() encounters an error after having read some data, stores | 181 // If DoPayloadRead() encounters an error after having read some data, stores |
176 // the result to return on the *next* call to DoPayloadRead(). A value > 0 | 182 // the result to return on the *next* call to DoPayloadRead(). A value > 0 |
177 // indicates there is no pending result, otherwise 0 indicates EOF and < 0 | 183 // indicates there is no pending result, otherwise 0 indicates EOF and < 0 |
178 // indicates an error. | 184 // indicates an error. |
179 int pending_read_error_; | 185 int pending_read_error_; |
180 | 186 |
181 // Used by TransportWriteComplete() and TransportReadComplete() to signify an | 187 // Used by TransportReadComplete() to signify an error or EOF reading from the |
182 // error writing to the transport socket. A value of OK indicates no error. | 188 // transport socket. A value of 0 indicates the transport is still readable. |
| 189 int transport_read_error_; |
| 190 |
| 191 // Used by TransportWriteComplete() to signify an error writing to the |
| 192 // transport socket. A value of 0 indicates the transport is still writeable. |
183 int transport_write_error_; | 193 int transport_write_error_; |
184 | 194 |
185 // Set when handshake finishes. | 195 // Set when handshake finishes. |
186 scoped_ptr<PeerCertificateChain> server_cert_chain_; | 196 scoped_ptr<PeerCertificateChain> server_cert_chain_; |
187 scoped_refptr<X509Certificate> server_cert_; | 197 scoped_refptr<X509Certificate> server_cert_; |
188 CertVerifyResult server_cert_verify_result_; | 198 CertVerifyResult server_cert_verify_result_; |
189 bool completed_handshake_; | 199 bool completed_handshake_; |
190 | 200 |
191 // Set when Read() or Write() successfully reads or writes data to or from the | 201 // Set when Read() or Write() successfully reads or writes data to or from the |
192 // network. | 202 // network. |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
241 // True if channel ID extension was negotiated. | 251 // True if channel ID extension was negotiated. |
242 bool channel_id_xtn_negotiated_; | 252 bool channel_id_xtn_negotiated_; |
243 // The request handle for |server_bound_cert_service_|. | 253 // The request handle for |server_bound_cert_service_|. |
244 ServerBoundCertService::RequestHandle channel_id_request_handle_; | 254 ServerBoundCertService::RequestHandle channel_id_request_handle_; |
245 BoundNetLog net_log_; | 255 BoundNetLog net_log_; |
246 }; | 256 }; |
247 | 257 |
248 } // namespace net | 258 } // namespace net |
249 | 259 |
250 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 260 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
OLD | NEW |