| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/memory/weak_ptr.h" | 12 #include "base/memory/weak_ptr.h" |
| 13 #include "net/base/completion_callback.h" | 13 #include "net/base/completion_callback.h" |
| 14 #include "net/base/io_buffer.h" | 14 #include "net/base/io_buffer.h" |
| 15 #include "net/cert/cert_verify_result.h" | 15 #include "net/cert/cert_verify_result.h" |
| 16 #include "net/socket/client_socket_handle.h" | 16 #include "net/socket/client_socket_handle.h" |
| 17 #include "net/socket/ssl_client_socket.h" | 17 #include "net/socket/ssl_client_socket.h" |
| 18 #include "net/ssl/server_bound_cert_service.h" | 18 #include "net/ssl/channel_id_service.h" |
| 19 #include "net/ssl/ssl_client_cert_type.h" | 19 #include "net/ssl/ssl_client_cert_type.h" |
| 20 #include "net/ssl/ssl_config_service.h" | 20 #include "net/ssl/ssl_config_service.h" |
| 21 | 21 |
| 22 // Avoid including misc OpenSSL headers, i.e.: | 22 // Avoid including misc OpenSSL headers, i.e.: |
| 23 // <openssl/bio.h> | 23 // <openssl/bio.h> |
| 24 typedef struct bio_st BIO; | 24 typedef struct bio_st BIO; |
| 25 // <openssl/evp.h> | 25 // <openssl/evp.h> |
| 26 typedef struct evp_pkey_st EVP_PKEY; | 26 typedef struct evp_pkey_st EVP_PKEY; |
| 27 // <openssl/ssl.h> | 27 // <openssl/ssl.h> |
| 28 typedef struct ssl_st SSL; | 28 typedef struct ssl_st SSL; |
| (...skipping 25 matching lines...) Expand all Loading... |
| 54 const HostPortPair& host_and_port() const { return host_and_port_; } | 54 const HostPortPair& host_and_port() const { return host_and_port_; } |
| 55 const std::string& ssl_session_cache_shard() const { | 55 const std::string& ssl_session_cache_shard() const { |
| 56 return ssl_session_cache_shard_; | 56 return ssl_session_cache_shard_; |
| 57 } | 57 } |
| 58 | 58 |
| 59 // SSLClientSocket implementation. | 59 // SSLClientSocket implementation. |
| 60 virtual void GetSSLCertRequestInfo( | 60 virtual void GetSSLCertRequestInfo( |
| 61 SSLCertRequestInfo* cert_request_info) OVERRIDE; | 61 SSLCertRequestInfo* cert_request_info) OVERRIDE; |
| 62 virtual NextProtoStatus GetNextProto(std::string* proto, | 62 virtual NextProtoStatus GetNextProto(std::string* proto, |
| 63 std::string* server_protos) OVERRIDE; | 63 std::string* server_protos) OVERRIDE; |
| 64 virtual ServerBoundCertService* GetServerBoundCertService() const OVERRIDE; | 64 virtual ChannelIDService* GetChannelIDService() const OVERRIDE; |
| 65 | 65 |
| 66 // SSLSocket implementation. | 66 // SSLSocket implementation. |
| 67 virtual int ExportKeyingMaterial(const base::StringPiece& label, | 67 virtual int ExportKeyingMaterial(const base::StringPiece& label, |
| 68 bool has_context, | 68 bool has_context, |
| 69 const base::StringPiece& context, | 69 const base::StringPiece& context, |
| 70 unsigned char* out, | 70 unsigned char* out, |
| 71 unsigned int outlen) OVERRIDE; | 71 unsigned int outlen) OVERRIDE; |
| 72 virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE; | 72 virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE; |
| 73 | 73 |
| 74 // StreamSocket implementation. | 74 // StreamSocket implementation. |
| (...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 216 // allowed by the server. | 216 // allowed by the server. |
| 217 std::vector<std::string> cert_authorities_; | 217 std::vector<std::string> cert_authorities_; |
| 218 // List of SSLClientCertType values for client certificates allowed by the | 218 // List of SSLClientCertType values for client certificates allowed by the |
| 219 // server. | 219 // server. |
| 220 std::vector<SSLClientCertType> cert_key_types_; | 220 std::vector<SSLClientCertType> cert_key_types_; |
| 221 | 221 |
| 222 CertVerifier* const cert_verifier_; | 222 CertVerifier* const cert_verifier_; |
| 223 scoped_ptr<SingleRequestCertVerifier> verifier_; | 223 scoped_ptr<SingleRequestCertVerifier> verifier_; |
| 224 | 224 |
| 225 // The service for retrieving Channel ID keys. May be NULL. | 225 // The service for retrieving Channel ID keys. May be NULL. |
| 226 ServerBoundCertService* server_bound_cert_service_; | 226 ChannelIDService* channel_id_service_; |
| 227 | 227 |
| 228 // OpenSSL stuff | 228 // OpenSSL stuff |
| 229 SSL* ssl_; | 229 SSL* ssl_; |
| 230 BIO* transport_bio_; | 230 BIO* transport_bio_; |
| 231 | 231 |
| 232 scoped_ptr<ClientSocketHandle> transport_; | 232 scoped_ptr<ClientSocketHandle> transport_; |
| 233 const HostPortPair host_and_port_; | 233 const HostPortPair host_and_port_; |
| 234 SSLConfig ssl_config_; | 234 SSLConfig ssl_config_; |
| 235 // ssl_session_cache_shard_ is an opaque string that partitions the SSL | 235 // ssl_session_cache_shard_ is an opaque string that partitions the SSL |
| 236 // session cache. i.e. sessions created with one value will not attempt to | 236 // session cache. i.e. sessions created with one value will not attempt to |
| 237 // resume on the socket with a different value. | 237 // resume on the socket with a different value. |
| 238 const std::string ssl_session_cache_shard_; | 238 const std::string ssl_session_cache_shard_; |
| 239 | 239 |
| 240 // Used for session cache diagnostics. | 240 // Used for session cache diagnostics. |
| 241 bool trying_cached_session_; | 241 bool trying_cached_session_; |
| 242 | 242 |
| 243 enum State { | 243 enum State { |
| 244 STATE_NONE, | 244 STATE_NONE, |
| 245 STATE_HANDSHAKE, | 245 STATE_HANDSHAKE, |
| 246 STATE_CHANNEL_ID_LOOKUP, | 246 STATE_CHANNEL_ID_LOOKUP, |
| 247 STATE_CHANNEL_ID_LOOKUP_COMPLETE, | 247 STATE_CHANNEL_ID_LOOKUP_COMPLETE, |
| 248 STATE_VERIFY_CERT, | 248 STATE_VERIFY_CERT, |
| 249 STATE_VERIFY_CERT_COMPLETE, | 249 STATE_VERIFY_CERT_COMPLETE, |
| 250 }; | 250 }; |
| 251 State next_handshake_state_; | 251 State next_handshake_state_; |
| 252 NextProtoStatus npn_status_; | 252 NextProtoStatus npn_status_; |
| 253 std::string npn_proto_; | 253 std::string npn_proto_; |
| 254 std::string server_protos_; | 254 std::string server_protos_; |
| 255 // Written by the |server_bound_cert_service_|. | 255 // Written by the |channel_id_service_|. |
| 256 std::string channel_id_private_key_; | 256 std::string channel_id_private_key_; |
| 257 std::string channel_id_cert_; | 257 std::string channel_id_cert_; |
| 258 // True if channel ID extension was negotiated. | 258 // True if channel ID extension was negotiated. |
| 259 bool channel_id_xtn_negotiated_; | 259 bool channel_id_xtn_negotiated_; |
| 260 // The request handle for |server_bound_cert_service_|. | 260 // The request handle for |channel_id_service_|. |
| 261 ServerBoundCertService::RequestHandle channel_id_request_handle_; | 261 ChannelIDService::RequestHandle channel_id_request_handle_; |
| 262 BoundNetLog net_log_; | 262 BoundNetLog net_log_; |
| 263 }; | 263 }; |
| 264 | 264 |
| 265 } // namespace net | 265 } // namespace net |
| 266 | 266 |
| 267 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 267 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 356713005:
Rename ServerBoundCert => ChannelID to reflect the current name (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src