| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
| 11 #include "net/base/completion_callback.h" | 11 #include "net/base/completion_callback.h" |
| 12 #include "net/base/load_flags.h" | 12 #include "net/base/load_flags.h" |
| 13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "net/socket/ssl_socket.h" | 14 #include "net/socket/ssl_socket.h" |
| 15 #include "net/socket/stream_socket.h" | 15 #include "net/socket/stream_socket.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 class CertVerifier; | 19 class CertVerifier; |
| 20 class CTVerifier; | 20 class CTVerifier; |
| 21 class HostPortPair; |
| 21 class ServerBoundCertService; | 22 class ServerBoundCertService; |
| 22 class SSLCertRequestInfo; | 23 class SSLCertRequestInfo; |
| 23 struct SSLConfig; | 24 struct SSLConfig; |
| 24 class SSLInfo; | 25 class SSLInfo; |
| 25 class TransportSecurityState; | 26 class TransportSecurityState; |
| 26 class X509Certificate; | 27 class X509Certificate; |
| 27 | 28 |
| 28 // This struct groups together several fields which are used by various | 29 // This struct groups together several fields which are used by various |
| 29 // classes related to SSLClientSocket. | 30 // classes related to SSLClientSocket. |
| 30 struct SSLClientSocketContext { | 31 struct SSLClientSocketContext { |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 74 kNextProtoUnsupported = 0, // The server doesn't support NPN. | 75 kNextProtoUnsupported = 0, // The server doesn't support NPN. |
| 75 kNextProtoNegotiated = 1, // We agreed on a protocol. | 76 kNextProtoNegotiated = 1, // We agreed on a protocol. |
| 76 kNextProtoNoOverlap = 2, // No protocols in common. We requested | 77 kNextProtoNoOverlap = 2, // No protocols in common. We requested |
| 77 // the first protocol in our list. | 78 // the first protocol in our list. |
| 78 }; | 79 }; |
| 79 | 80 |
| 80 // StreamSocket: | 81 // StreamSocket: |
| 81 virtual bool WasNpnNegotiated() const OVERRIDE; | 82 virtual bool WasNpnNegotiated() const OVERRIDE; |
| 82 virtual NextProto GetNegotiatedProtocol() const OVERRIDE; | 83 virtual NextProto GetNegotiatedProtocol() const OVERRIDE; |
| 83 | 84 |
| 85 // Formats a unique key for the SSL session cache. This method |
| 86 // is necessary so that all classes create cache keys in a consistent |
| 87 // manner. |
| 88 // TODO(mshelley) This method will be deleted in an upcoming CL when |
| 89 // it will no longer be necessary to generate a cache key outside of |
| 90 // an SSLClientSocket. |
| 91 static std::string CreateSessionCacheKey( |
| 92 const HostPortPair& host_and_port, |
| 93 const std::string& ssl_session_cache_shard); |
| 94 |
| 95 // Returns true if there is a cache entry in the SSL session cache |
| 96 // for the cache key of the SSL socket. |
| 97 // |
| 98 // The cache key consists of a host and port concatenated with a session |
| 99 // cache shard. These two strings are passed to the constructor of most |
| 100 // subclasses of SSLClientSocket. |
| 101 virtual bool InSessionCache() const = 0; |
| 102 |
| 103 // Sets |callback| to be run when the handshake has fully completed. |
| 104 // For example, in the case of False Start, Connect() will return |
| 105 // early, before the peer's TLS Finished message has been verified, |
| 106 // in order to allow the caller to call Write() and send application |
| 107 // data with the client's Finished message. |
| 108 // In such situations, |callback| will be invoked sometime after |
| 109 // Connect() - either during a Write() or Read() call, and before |
| 110 // invoking the Read() or Write() callback. |
| 111 // Otherwise, during a traditional TLS connection (i.e. no False |
| 112 // Start), this will be called right before the Connect() callback |
| 113 // is called. |
| 114 // |
| 115 // Note that it's not valid to mutate this socket during such |
| 116 // callbacks, including deleting the socket. |
| 117 // |
| 118 // TODO(mshelley): Provide additional details about whether or not |
| 119 // the handshake actually succeeded or not. This can be inferred |
| 120 // from the result to Connect()/Read()/Write(), but may be useful |
| 121 // to inform here as well. |
| 122 virtual void SetHandshakeCompletionCallback( |
| 123 const base::Closure& callback) = 0; |
| 124 |
| 84 // Gets the SSL CertificateRequest info of the socket after Connect failed | 125 // Gets the SSL CertificateRequest info of the socket after Connect failed |
| 85 // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. | 126 // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. |
| 86 virtual void GetSSLCertRequestInfo( | 127 virtual void GetSSLCertRequestInfo( |
| 87 SSLCertRequestInfo* cert_request_info) = 0; | 128 SSLCertRequestInfo* cert_request_info) = 0; |
| 88 | 129 |
| 89 // Get the application level protocol that we negotiated with the server. | 130 // Get the application level protocol that we negotiated with the server. |
| 90 // *proto is set to the resulting protocol (n.b. that the string may have | 131 // *proto is set to the resulting protocol (n.b. that the string may have |
| 91 // embedded NULs). | 132 // embedded NULs). |
| 92 // kNextProtoUnsupported: *proto is cleared. | 133 // kNextProtoUnsupported: *proto is cleared. |
| 93 // kNextProtoNegotiated: *proto is set to the negotiated protocol. | 134 // kNextProtoNegotiated: *proto is set to the negotiated protocol. |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 183 bool channel_id_sent_; | 224 bool channel_id_sent_; |
| 184 // True if SCTs were received via a TLS extension. | 225 // True if SCTs were received via a TLS extension. |
| 185 bool signed_cert_timestamps_received_; | 226 bool signed_cert_timestamps_received_; |
| 186 // True if a stapled OCSP response was received. | 227 // True if a stapled OCSP response was received. |
| 187 bool stapled_ocsp_response_received_; | 228 bool stapled_ocsp_response_received_; |
| 188 }; | 229 }; |
| 189 | 230 |
| 190 } // namespace net | 231 } // namespace net |
| 191 | 232 |
| 192 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 233 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 353713005:
Implements new, more robust design for communicating between SSLConnectJobs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master