| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 typedef struct bio_st BIO; | 24 typedef struct bio_st BIO; |
| 25 // <openssl/evp.h> | 25 // <openssl/evp.h> |
| 26 typedef struct evp_pkey_st EVP_PKEY; | 26 typedef struct evp_pkey_st EVP_PKEY; |
| 27 // <openssl/ssl.h> | 27 // <openssl/ssl.h> |
| 28 typedef struct ssl_st SSL; | 28 typedef struct ssl_st SSL; |
| 29 // <openssl/x509.h> | 29 // <openssl/x509.h> |
| 30 typedef struct x509_st X509; | 30 typedef struct x509_st X509; |
| 31 // <openssl/ossl_type.h> | 31 // <openssl/ossl_type.h> |
| 32 typedef struct x509_store_ctx_st X509_STORE_CTX; | 32 typedef struct x509_store_ctx_st X509_STORE_CTX; |
| 33 | 33 |
| 34 namespace crypto { |
| 35 class OpenSSLErrStackTracer; |
| 36 } |
| 37 |
| 34 namespace net { | 38 namespace net { |
| 35 | 39 |
| 36 class CertVerifier; | 40 class CertVerifier; |
| 37 class SingleRequestCertVerifier; | 41 class SingleRequestCertVerifier; |
| 38 class SSLCertRequestInfo; | 42 class SSLCertRequestInfo; |
| 39 class SSLInfo; | 43 class SSLInfo; |
| 40 | 44 |
| 41 // An SSL client socket implemented with OpenSSL. | 45 // An SSL client socket implemented with OpenSSL. |
| 42 class SSLClientSocketOpenSSL : public SSLClientSocket { | 46 class SSLClientSocketOpenSSL : public SSLClientSocket { |
| 43 public: | 47 public: |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 113 int DoVerifyCert(int result); | 117 int DoVerifyCert(int result); |
| 114 int DoVerifyCertComplete(int result); | 118 int DoVerifyCertComplete(int result); |
| 115 void DoConnectCallback(int result); | 119 void DoConnectCallback(int result); |
| 116 X509Certificate* UpdateServerCert(); | 120 X509Certificate* UpdateServerCert(); |
| 117 | 121 |
| 118 void OnHandshakeIOComplete(int result); | 122 void OnHandshakeIOComplete(int result); |
| 119 void OnSendComplete(int result); | 123 void OnSendComplete(int result); |
| 120 void OnRecvComplete(int result); | 124 void OnRecvComplete(int result); |
| 121 | 125 |
| 122 int DoHandshakeLoop(int last_io_result); | 126 int DoHandshakeLoop(int last_io_result); |
| 123 int DoReadLoop(int result); | 127 int DoReadLoop(); |
| 124 int DoWriteLoop(int result); | 128 int DoWriteLoop(); |
| 125 int DoPayloadRead(); | 129 int DoPayloadRead(); |
| 126 int DoPayloadWrite(); | 130 int DoPayloadWrite(); |
| 127 | 131 |
| 128 int BufferSend(); | 132 int BufferSend(); |
| 129 int BufferRecv(); | 133 int BufferRecv(); |
| 130 void BufferSendComplete(int result); | 134 void BufferSendComplete(int result); |
| 131 void BufferRecvComplete(int result); | 135 void BufferRecvComplete(int result); |
| 132 void TransportWriteComplete(int result); | 136 void TransportWriteComplete(int result); |
| 133 int TransportReadComplete(int result); | 137 int TransportReadComplete(int result); |
| 134 | 138 |
| 139 int HandleOpenSSLError(int ssl_error, |
| 140 const crypto::OpenSSLErrStackTracer& tracer); |
| 141 |
| 135 // Callback from the SSL layer that indicates the remote server is requesting | 142 // Callback from the SSL layer that indicates the remote server is requesting |
| 136 // a certificate for this client. | 143 // a certificate for this client. |
| 137 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); | 144 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); |
| 138 | 145 |
| 139 // Callback from the SSL layer that indicates the remote server supports TLS | 146 // Callback from the SSL layer that indicates the remote server supports TLS |
| 140 // Channel IDs. | 147 // Channel IDs. |
| 141 void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey); | 148 void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey); |
| 142 | 149 |
| 143 // CertVerifyCallback is called to verify the server's certificates. We do | 150 // CertVerifyCallback is called to verify the server's certificates. We do |
| 144 // verification after the handshake so this function only enforces that the | 151 // verification after the handshake so this function only enforces that the |
| 145 // certificates don't change during renegotiation. | 152 // certificates don't change during renegotiation. |
| 146 int CertVerifyCallback(X509_STORE_CTX *store_ctx); | 153 int CertVerifyCallback(X509_STORE_CTX *store_ctx); |
| 147 | 154 |
| 148 // Callback from the SSL layer to check which NPN protocol we are supporting | 155 // Callback from the SSL layer to check which NPN protocol we are supporting |
| 149 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, | 156 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, |
| 150 const unsigned char* in, unsigned int inlen); | 157 const unsigned char* in, unsigned int inlen); |
| 151 | 158 |
| 152 bool transport_send_busy_; | 159 bool transport_send_busy_; |
| 153 bool transport_recv_busy_; | 160 bool transport_recv_busy_; |
| 154 bool transport_recv_eof_; | |
| 155 | 161 |
| 156 scoped_refptr<DrainableIOBuffer> send_buffer_; | 162 scoped_refptr<DrainableIOBuffer> send_buffer_; |
| 157 scoped_refptr<IOBuffer> recv_buffer_; | 163 scoped_refptr<IOBuffer> recv_buffer_; |
| 158 | 164 |
| 159 CompletionCallback user_connect_callback_; | 165 CompletionCallback user_connect_callback_; |
| 160 CompletionCallback user_read_callback_; | 166 CompletionCallback user_read_callback_; |
| 161 CompletionCallback user_write_callback_; | 167 CompletionCallback user_write_callback_; |
| 162 | 168 |
| 163 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; | 169 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; |
| 164 | 170 |
| 165 // Used by Read function. | 171 // Used by Read function. |
| 166 scoped_refptr<IOBuffer> user_read_buf_; | 172 scoped_refptr<IOBuffer> user_read_buf_; |
| 167 int user_read_buf_len_; | 173 int user_read_buf_len_; |
| 168 | 174 |
| 169 // Used by Write function. | 175 // Used by Write function. |
| 170 scoped_refptr<IOBuffer> user_write_buf_; | 176 scoped_refptr<IOBuffer> user_write_buf_; |
| 171 int user_write_buf_len_; | 177 int user_write_buf_len_; |
| 172 | 178 |
| 173 // Used by DoPayloadRead() when attempting to fill the caller's buffer with | 179 // Used by DoPayloadRead() when attempting to fill the caller's buffer with |
| 174 // as much data as possible without blocking. | 180 // as much data as possible without blocking. |
| 175 // If DoPayloadRead() encounters an error after having read some data, stores | 181 // If DoPayloadRead() encounters an error after having read some data, stores |
| 176 // the result to return on the *next* call to DoPayloadRead(). A value > 0 | 182 // the result to return on the *next* call to DoPayloadRead(). A value > 0 |
| 177 // indicates there is no pending result, otherwise 0 indicates EOF and < 0 | 183 // indicates there is no pending result, otherwise 0 indicates EOF and < 0 |
| 178 // indicates an error. | 184 // indicates an error. |
| 179 int pending_read_error_; | 185 int pending_read_error_; |
| 180 | 186 |
| 181 // Used by TransportWriteComplete() and TransportReadComplete() to signify an | 187 // Used by TransportReadComplete() to signify an error or EOF reading from the |
| 182 // error writing to the transport socket. A value of OK indicates no error. | 188 // transport socket. A value of 0 indicates the transport is still readable. |
| 189 int transport_read_error_; |
| 190 |
| 191 // Used by TransportWriteComplete() to signify an error writing to the |
| 192 // transport socket. A value of 0 indicates the transport is still writeable. |
| 183 int transport_write_error_; | 193 int transport_write_error_; |
| 184 | 194 |
| 185 // Set when handshake finishes. | 195 // Set when handshake finishes. |
| 186 scoped_ptr<PeerCertificateChain> server_cert_chain_; | 196 scoped_ptr<PeerCertificateChain> server_cert_chain_; |
| 187 scoped_refptr<X509Certificate> server_cert_; | 197 scoped_refptr<X509Certificate> server_cert_; |
| 188 CertVerifyResult server_cert_verify_result_; | 198 CertVerifyResult server_cert_verify_result_; |
| 189 bool completed_handshake_; | 199 bool completed_handshake_; |
| 190 | 200 |
| 191 // Set when Read() or Write() successfully reads or writes data to or from the | 201 // Set when Read() or Write() successfully reads or writes data to or from the |
| 192 // network. | 202 // network. |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 241 // True if channel ID extension was negotiated. | 251 // True if channel ID extension was negotiated. |
| 242 bool channel_id_xtn_negotiated_; | 252 bool channel_id_xtn_negotiated_; |
| 243 // The request handle for |server_bound_cert_service_|. | 253 // The request handle for |server_bound_cert_service_|. |
| 244 ServerBoundCertService::RequestHandle channel_id_request_handle_; | 254 ServerBoundCertService::RequestHandle channel_id_request_handle_; |
| 245 BoundNetLog net_log_; | 255 BoundNetLog net_log_; |
| 246 }; | 256 }; |
| 247 | 257 |
| 248 } // namespace net | 258 } // namespace net |
| 249 | 259 |
| 250 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 260 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 280853002:
Preserve transport errors for OpenSSL sockets. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src