OLD | NEW |
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * A high-level class for communicating securely over a TCP socket, using | 8 * A high-level class for communicating securely over a TCP socket, using |
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an | 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an |
10 * [IOSink] interface, making it ideal for using together with | 10 * [IOSink] interface, making it ideal for using together with |
(...skipping 15 matching lines...) Expand all Loading... |
26 * [onBadCertificate] is an optional handler for unverifiable certificates. | 26 * [onBadCertificate] is an optional handler for unverifiable certificates. |
27 * The handler receives the [X509Certificate], and can inspect it and | 27 * The handler receives the [X509Certificate], and can inspect it and |
28 * decide (or let the user decide) whether to accept | 28 * decide (or let the user decide) whether to accept |
29 * the connection or not. The handler should return true | 29 * the connection or not. The handler should return true |
30 * to continue the [SecureSocket] connection. | 30 * to continue the [SecureSocket] connection. |
31 * | 31 * |
32 * [supportedProtocols] is an optional list of protocols (in decreasing | 32 * [supportedProtocols] is an optional list of protocols (in decreasing |
33 * order of preference) to use during the ALPN protocol negogiation with the | 33 * order of preference) to use during the ALPN protocol negogiation with the |
34 * server. Example values are "http/1.1" or "h2". The selected protocol | 34 * server. Example values are "http/1.1" or "h2". The selected protocol |
35 * can be obtained via [SecureSocket.selectedProtocol]. | 35 * can be obtained via [SecureSocket.selectedProtocol]. |
| 36 * |
| 37 * The argument [timeout] is used to specify the maximum allowed time to wait |
| 38 * for a connection to be established. If [timeout] is longer than the system |
| 39 * level timeout duration, a timeout may occur sooner than specified in |
| 40 * [timeout]. On timeout, a [SocketException] is thrown and all ongoing |
| 41 * connection attempts to [host] are cancelled. |
| 42 |
36 */ | 43 */ |
37 static Future<SecureSocket> connect(host, int port, | 44 static Future<SecureSocket> connect(host, int port, |
38 {SecurityContext context, | 45 {SecurityContext context, |
39 bool onBadCertificate(X509Certificate certificate), | 46 bool onBadCertificate(X509Certificate certificate), |
40 List<String> supportedProtocols}) { | 47 List<String> supportedProtocols, |
| 48 Duration timeout}) { |
41 return RawSecureSocket | 49 return RawSecureSocket |
42 .connect(host, port, | 50 .connect(host, port, |
43 context: context, | 51 context: context, |
44 onBadCertificate: onBadCertificate, | 52 onBadCertificate: onBadCertificate, |
45 supportedProtocols: supportedProtocols) | 53 supportedProtocols: supportedProtocols, |
| 54 timeout: timeout) |
46 .then((rawSocket) => new SecureSocket._(rawSocket)); | 55 .then((rawSocket) => new SecureSocket._(rawSocket)); |
47 } | 56 } |
48 | 57 |
49 /** | 58 /** |
50 * Takes an already connected [socket] and starts client side TLS | 59 * Takes an already connected [socket] and starts client side TLS |
51 * handshake to make the communication secure. When the returned | 60 * handshake to make the communication secure. When the returned |
52 * future completes the [SecureSocket] has completed the TLS | 61 * future completes the [SecureSocket] has completed the TLS |
53 * handshake. Using this function requires that the other end of the | 62 * handshake. Using this function requires that the other end of the |
54 * connection is prepared for TLS handshake. | 63 * connection is prepared for TLS handshake. |
55 * | 64 * |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 * to continue the [RawSecureSocket] connection. | 196 * to continue the [RawSecureSocket] connection. |
188 * | 197 * |
189 * [supportedProtocols] is an optional list of protocols (in decreasing | 198 * [supportedProtocols] is an optional list of protocols (in decreasing |
190 * order of preference) to use during the ALPN protocol negogiation with the | 199 * order of preference) to use during the ALPN protocol negogiation with the |
191 * server. Example values are "http/1.1" or "h2". The selected protocol | 200 * server. Example values are "http/1.1" or "h2". The selected protocol |
192 * can be obtained via [RawSecureSocket.selectedProtocol]. | 201 * can be obtained via [RawSecureSocket.selectedProtocol]. |
193 */ | 202 */ |
194 static Future<RawSecureSocket> connect(host, int port, | 203 static Future<RawSecureSocket> connect(host, int port, |
195 {SecurityContext context, | 204 {SecurityContext context, |
196 bool onBadCertificate(X509Certificate certificate), | 205 bool onBadCertificate(X509Certificate certificate), |
197 List<String> supportedProtocols}) { | 206 List<String> supportedProtocols, |
| 207 Duration timeout}) { |
198 _RawSecureSocket._verifyFields( | 208 _RawSecureSocket._verifyFields( |
199 host, port, false, false, false, onBadCertificate); | 209 host, port, false, false, false, onBadCertificate); |
200 return RawSocket.connect(host, port).then((socket) { | 210 return RawSocket.connect(host, port, timeout: timeout).then((socket) { |
201 return secure(socket, | 211 return secure(socket, |
202 context: context, | 212 context: context, |
203 onBadCertificate: onBadCertificate, | 213 onBadCertificate: onBadCertificate, |
204 supportedProtocols: supportedProtocols); | 214 supportedProtocols: supportedProtocols); |
205 }); | 215 }); |
206 } | 216 } |
207 | 217 |
208 /** | 218 /** |
209 * Takes an already connected [socket] and starts client side TLS | 219 * Takes an already connected [socket] and starts client side TLS |
210 * handshake to make the communication secure. When the returned | 220 * handshake to make the communication secure. When the returned |
(...skipping 1018 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1229 | 1239 |
1230 /** | 1240 /** |
1231 * An exception that happens in the handshake phase of establishing | 1241 * An exception that happens in the handshake phase of establishing |
1232 * a secure network connection, when looking up or verifying a | 1242 * a secure network connection, when looking up or verifying a |
1233 * certificate. | 1243 * certificate. |
1234 */ | 1244 */ |
1235 class CertificateException extends TlsException { | 1245 class CertificateException extends TlsException { |
1236 const CertificateException([String message = "", OSError osError = null]) | 1246 const CertificateException([String message = "", OSError osError = null]) |
1237 : super._("CertificateException", message, osError); | 1247 : super._("CertificateException", message, osError); |
1238 } | 1248 } |
OLD | NEW |