Chromium Code Reviews Chromium Code Reviews
Issue 356713005:
Rename ServerBoundCert => ChannelID to reflect the current name (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
| 11 #include "net/base/completion_callback.h" | 11 #include "net/base/completion_callback.h" |
| 12 #include "net/base/load_flags.h" | 12 #include "net/base/load_flags.h" |
| 13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "net/socket/ssl_socket.h" | 14 #include "net/socket/ssl_socket.h" |
| 15 #include "net/socket/stream_socket.h" | 15 #include "net/socket/stream_socket.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 class CertVerifier; | 19 class CertVerifier; |
| 20 class CTVerifier; | 20 class CTVerifier; |
| 21 class ServerBoundCertService; | 21 class ChannelIDService; |
| 22 class SSLCertRequestInfo; | 22 class SSLCertRequestInfo; |
| 23 struct SSLConfig; | 23 struct SSLConfig; |
| 24 class SSLInfo; | 24 class SSLInfo; |
| 25 class TransportSecurityState; | 25 class TransportSecurityState; |
| 26 class X509Certificate; | 26 class X509Certificate; |
| 27 | 27 |
| 28 // This struct groups together several fields which are used by various | 28 // This struct groups together several fields which are used by various |
| 29 // classes related to SSLClientSocket. | 29 // classes related to SSLClientSocket. |
| 30 struct SSLClientSocketContext { | 30 struct SSLClientSocketContext { |
| 31 SSLClientSocketContext() | 31 SSLClientSocketContext() |
| 32 : cert_verifier(NULL), | 32 : cert_verifier(NULL), |
| 33 server_bound_cert_service(NULL), | 33 channel_id_service(NULL), |
| 34 transport_security_state(NULL), | 34 transport_security_state(NULL), |
| 35 cert_transparency_verifier(NULL) {} | 35 cert_transparency_verifier(NULL) {} |
| 36 | 36 |
| 37 SSLClientSocketContext(CertVerifier* cert_verifier_arg, | 37 SSLClientSocketContext(CertVerifier* cert_verifier_arg, |
| 38 ServerBoundCertService* server_bound_cert_service_arg, | 38 ChannelIDService* channel_id_service_arg, |
| 39 TransportSecurityState* transport_security_state_arg, | 39 TransportSecurityState* transport_security_state_arg, |
| 40 CTVerifier* cert_transparency_verifier_arg, | 40 CTVerifier* cert_transparency_verifier_arg, |
| 41 const std::string& ssl_session_cache_shard_arg) | 41 const std::string& ssl_session_cache_shard_arg) |
| 42 : cert_verifier(cert_verifier_arg), | 42 : cert_verifier(cert_verifier_arg), |
| 43 server_bound_cert_service(server_bound_cert_service_arg), | 43 channel_id_service(channel_id_service_arg), |
| 44 transport_security_state(transport_security_state_arg), | 44 transport_security_state(transport_security_state_arg), |
| 45 cert_transparency_verifier(cert_transparency_verifier_arg), | 45 cert_transparency_verifier(cert_transparency_verifier_arg), |
| 46 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} | 46 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} |
| 47 | 47 |
| 48 CertVerifier* cert_verifier; | 48 CertVerifier* cert_verifier; |
| 49 ServerBoundCertService* server_bound_cert_service; | 49 ChannelIDService* channel_id_service; |
| 50 TransportSecurityState* transport_security_state; | 50 TransportSecurityState* transport_security_state; |
| 51 CTVerifier* cert_transparency_verifier; | 51 CTVerifier* cert_transparency_verifier; |
| 52 // ssl_session_cache_shard is an opaque string that identifies a shard of the | 52 // ssl_session_cache_shard is an opaque string that identifies a shard of the |
| 53 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may | 53 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may |
| 54 // resume each other's SSL sessions but we'll never sessions between shards. | 54 // resume each other's SSL sessions but we'll never sessions between shards. |
| 55 const std::string ssl_session_cache_shard; | 55 const std::string ssl_session_cache_shard; |
| 56 }; | 56 }; |
| 57 | 57 |
| 58 // A client socket that uses SSL as the transport layer. | 58 // A client socket that uses SSL as the transport layer. |
| 59 // | 59 // |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 114 static void ClearSessionCache(); | 114 static void ClearSessionCache(); |
| 115 | 115 |
| 116 virtual bool set_was_npn_negotiated(bool negotiated); | 116 virtual bool set_was_npn_negotiated(bool negotiated); |
| 117 | 117 |
| 118 virtual bool was_spdy_negotiated() const; | 118 virtual bool was_spdy_negotiated() const; |
| 119 | 119 |
| 120 virtual bool set_was_spdy_negotiated(bool negotiated); | 120 virtual bool set_was_spdy_negotiated(bool negotiated); |
| 121 | 121 |
| 122 virtual void set_protocol_negotiated(NextProto protocol_negotiated); | 122 virtual void set_protocol_negotiated(NextProto protocol_negotiated); |
| 123 | 123 |
| 124 // Returns the ServerBoundCertService used by this socket, or NULL if | 124 // Returns the ChannelIDService used by this socket, or NULL if |
| 125 // server bound certificates are not supported. | 125 // server bound certificates are not supported. |
|
wtc
2014/07/01 19:50:53
server bound certificates => channel IDs
Ryan Hamilton
2014/07/21 19:12:09
Done.
| |
| 126 virtual ServerBoundCertService* GetServerBoundCertService() const = 0; | 126 virtual ChannelIDService* GetChannelIDService() const = 0; |
| 127 | 127 |
| 128 // Returns true if a channel ID was sent on this connection. | 128 // Returns true if a channel ID was sent on this connection. |
| 129 // This may be useful for protocols, like SPDY, which allow the same | 129 // This may be useful for protocols, like SPDY, which allow the same |
| 130 // connection to be shared between multiple domains, each of which need | 130 // connection to be shared between multiple domains, each of which need |
| 131 // a channel ID. | 131 // a channel ID. |
| 132 // | 132 // |
| 133 // Public for ssl_client_socket_openssl_unittest.cc. | 133 // Public for ssl_client_socket_openssl_unittest.cc. |
| 134 virtual bool WasChannelIDSent() const; | 134 virtual bool WasChannelIDSent() const; |
| 135 | 135 |
| 136 protected: | 136 protected: |
| 137 virtual void set_channel_id_sent(bool channel_id_sent); | 137 virtual void set_channel_id_sent(bool channel_id_sent); |
| 138 | 138 |
| 139 virtual void set_signed_cert_timestamps_received( | 139 virtual void set_signed_cert_timestamps_received( |
| 140 bool signed_cert_timestamps_received); | 140 bool signed_cert_timestamps_received); |
| 141 | 141 |
| 142 virtual void set_stapled_ocsp_response_received( | 142 virtual void set_stapled_ocsp_response_received( |
| 143 bool stapled_ocsp_response_received); | 143 bool stapled_ocsp_response_received); |
| 144 | 144 |
| 145 // Records histograms for channel id support during full handshakes - resumed | 145 // Records histograms for channel id support during full handshakes - resumed |
| 146 // handshakes are ignored. | 146 // handshakes are ignored. |
| 147 static void RecordChannelIDSupport( | 147 static void RecordChannelIDSupport( |
| 148 ServerBoundCertService* server_bound_cert_service, | 148 ChannelIDService* channel_id_service, |
| 149 bool negotiated_channel_id, | 149 bool negotiated_channel_id, |
| 150 bool channel_id_enabled, | 150 bool channel_id_enabled, |
| 151 bool supports_ecc); | 151 bool supports_ecc); |
| 152 | 152 |
| 153 // Returns whether TLS channel ID is enabled. | 153 // Returns whether TLS channel ID is enabled. |
| 154 static bool IsChannelIDEnabled( | 154 static bool IsChannelIDEnabled( |
| 155 const SSLConfig& ssl_config, | 155 const SSLConfig& ssl_config, |
| 156 ServerBoundCertService* server_bound_cert_service); | 156 ChannelIDService* channel_id_service); |
| 157 | 157 |
| 158 // For unit testing only. | 158 // For unit testing only. |
| 159 // Returns the unverified certificate chain as presented by server. | 159 // Returns the unverified certificate chain as presented by server. |
| 160 // Note that chain may be different than the verified chain returned by | 160 // Note that chain may be different than the verified chain returned by |
| 161 // StreamSocket::GetSSLInfo(). | 161 // StreamSocket::GetSSLInfo(). |
| 162 virtual scoped_refptr<X509Certificate> GetUnverifiedServerCertificateChain() | 162 virtual scoped_refptr<X509Certificate> GetUnverifiedServerCertificateChain() |
| 163 const = 0; | 163 const = 0; |
| 164 | 164 |
| 165 private: | 165 private: |
| 166 // For signed_cert_timestamps_received_ and stapled_ocsp_response_received_. | 166 // For signed_cert_timestamps_received_ and stapled_ocsp_response_received_. |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 183 bool channel_id_sent_; | 183 bool channel_id_sent_; |
| 184 // True if SCTs were received via a TLS extension. | 184 // True if SCTs were received via a TLS extension. |
| 185 bool signed_cert_timestamps_received_; | 185 bool signed_cert_timestamps_received_; |
| 186 // True if a stapled OCSP response was received. | 186 // True if a stapled OCSP response was received. |
| 187 bool stapled_ocsp_response_received_; | 187 bool stapled_ocsp_response_received_; |
| 188 }; | 188 }; |
| 189 | 189 |
| 190 } // namespace net | 190 } // namespace net |
| 191 | 191 |
| 192 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 192 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| OLD | NEW |
