Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(303)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: runtime/bin/secure_socket.h

Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX (Closed)
Patch Set: Fixed issues on non-Macos platforms Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « runtime/bin/io_impl_sources.gypi ('k') | runtime/bin/secure_socket.cc » ('j') | runtime/bin/secure_socket.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: runtime/bin/secure_socket.h
diff --git a/runtime/bin/secure_socket.h b/runtime/bin/secure_socket.h
index 83bf34d0ae83b32e765cff5c738df8a0cd6c6af5..81ca94cb849492311630f5f7d6439be859955e1a 100644
--- a/runtime/bin/secure_socket.h
+++ b/runtime/bin/secure_socket.h
@@ -10,6 +10,7 @@
#endif
#include "platform/globals.h"
+
#if defined(HOST_OS_ANDROID) || defined(HOST_OS_LINUX) || \
defined(HOST_OS_WINDOWS) || defined(HOST_OS_FUCHSIA)
#include "bin/secure_socket_boringssl.h"
@@ -23,4 +24,121 @@
#error Unknown target os.
#endif
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+#include <openssl/x509.h>
+
+namespace dart {
+namespace bin {
+
+/* These are defined in root_certificates.cc. */
+extern const unsigned char* root_certificates_pem;
+extern unsigned int root_certificates_pem_length;
+
+const bool SSL_LOG_STATUS = false;
+const bool SSL_LOG_DATA = false;
+const bool SSL_LOG_CERTS = false;
+
+// Defined in secure_socket_{macos, ios, boringssl}.cc.
+int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx);
+
+class SSLFilter : public ReferenceCounted<SSLFilter> {
+ public:
+ // These enums must agree with those in sdk/lib/io/secure_socket.dart.
+ enum BufferIndex {
+ kReadPlaintext,
+ kWritePlaintext,
+ kReadEncrypted,
+ kWriteEncrypted,
+ kNumBuffers,
+ kFirstEncrypted = kReadEncrypted
+ };
+
+ static const intptr_t kApproximateSize;
+ static const int kSSLFilterNativeFieldIndex = 0;
+
+ SSLFilter()
+ : callback_error(NULL),
+ ssl_(NULL),
+ socket_side_(NULL),
+ string_start_(NULL),
+ string_length_(NULL),
+ handshake_complete_(NULL),
+ bad_certificate_callback_(NULL),
+ in_handshake_(false),
+ hostname_(NULL) {}
+
+ ~SSLFilter();
+
+ Dart_Handle Init(Dart_Handle dart_this);
+ void Connect(const char* hostname,
+ SSLCertContext* context,
+ bool is_server,
+ bool request_client_certificate,
+ bool require_client_certificate,
+ Dart_Handle protocols_handle);
+ void Destroy();
+ void FreeResources();
+ void Handshake();
+ void GetSelectedProtocol(Dart_NativeArguments args);
+ void Renegotiate(bool use_session_cache,
+ bool request_client_certificate,
+ bool require_client_certificate);
+ void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete);
+ void RegisterBadCertificateCallback(Dart_Handle callback);
+ Dart_Handle bad_certificate_callback() {
+ return Dart_HandleFromPersistent(bad_certificate_callback_);
+ }
+ int ProcessReadPlaintextBuffer(int start, int end);
+ int ProcessWritePlaintextBuffer(int start, int end);
+ int ProcessReadEncryptedBuffer(int start, int end);
+ int ProcessWriteEncryptedBuffer(int start, int end);
+ bool ProcessAllBuffers(int starts[kNumBuffers],
+ int ends[kNumBuffers],
+ bool in_handshake);
+ Dart_Handle PeerCertificate();
+ static void InitializeLibrary();
+ Dart_Handle callback_error;
+
+ static CObject* ProcessFilterRequest(const CObjectArray& request);
+
+ // The index of the external data field in _ssl that points to the SSLFilter.
+ static int filter_ssl_index;
+
+ private:
+ void RegisterCallbacks(SSLCertContext* cert_ctx);
+ int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx);
+
+ static const intptr_t kInternalBIOSize;
+ static bool library_initialized_;
+ static Mutex* mutex_; // To protect library initialization.
+
+ SSL* ssl_;
+ BIO* socket_side_;
+
+ uint8_t* buffers_[kNumBuffers];
+ int buffer_size_;
+ int encrypted_buffer_size_;
+ Dart_PersistentHandle string_start_;
+ Dart_PersistentHandle string_length_;
+ Dart_PersistentHandle dart_buffer_objects_[kNumBuffers];
+ Dart_PersistentHandle handshake_complete_;
+ Dart_PersistentHandle bad_certificate_callback_;
+ bool in_handshake_;
+ bool is_server_;
+ char* hostname_;
+
+ static bool IsBufferEncrypted(int i) {
+ return static_cast<BufferIndex>(i) >= kFirstEncrypted;
+ }
+ Dart_Handle InitializeBuffers(Dart_Handle dart_this);
+ void InitializePlatformData();
+
+ DISALLOW_COPY_AND_ASSIGN(SSLFilter);
+};
+
+} // namespace bin
+} // namespace dart
+
#endif // RUNTIME_BIN_SECURE_SOCKET_H_
« no previous file with comments | « runtime/bin/io_impl_sources.gypi ('k') | runtime/bin/secure_socket.cc » ('j') | runtime/bin/secure_socket.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698