| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/memory/weak_ptr.h" | 12 #include "base/memory/weak_ptr.h" |
| 13 #include "net/base/completion_callback.h" | 13 #include "net/base/completion_callback.h" |
| 14 #include "net/base/io_buffer.h" | 14 #include "net/base/io_buffer.h" |
| 15 #include "net/cert/cert_verify_result.h" | 15 #include "net/cert/cert_verify_result.h" |
| 16 #include "net/socket/client_socket_handle.h" | 16 #include "net/socket/client_socket_handle.h" |
| 17 #include "net/socket/ssl_client_socket.h" | 17 #include "net/socket/ssl_client_socket.h" |
| 18 #include "net/ssl/server_bound_cert_service.h" | 18 #include "net/ssl/channel_id_service.h" |
| 19 #include "net/ssl/ssl_client_cert_type.h" | 19 #include "net/ssl/ssl_client_cert_type.h" |
| 20 #include "net/ssl/ssl_config_service.h" | 20 #include "net/ssl/ssl_config_service.h" |
| 21 | 21 |
| 22 // Avoid including misc OpenSSL headers, i.e.: | 22 // Avoid including misc OpenSSL headers, i.e.: |
| 23 // <openssl/bio.h> | 23 // <openssl/bio.h> |
| 24 typedef struct bio_st BIO; | 24 typedef struct bio_st BIO; |
| 25 // <openssl/evp.h> | 25 // <openssl/evp.h> |
| 26 typedef struct evp_pkey_st EVP_PKEY; | 26 typedef struct evp_pkey_st EVP_PKEY; |
| 27 // <openssl/ssl.h> | 27 // <openssl/ssl.h> |
| 28 typedef struct ssl_st SSL; | 28 typedef struct ssl_st SSL; |
| (...skipping 25 matching lines...) Expand all Loading... |
| 54 const HostPortPair& host_and_port() const { return host_and_port_; } | 54 const HostPortPair& host_and_port() const { return host_and_port_; } |
| 55 const std::string& ssl_session_cache_shard() const { | 55 const std::string& ssl_session_cache_shard() const { |
| 56 return ssl_session_cache_shard_; | 56 return ssl_session_cache_shard_; |
| 57 } | 57 } |
| 58 | 58 |
| 59 // SSLClientSocket implementation. | 59 // SSLClientSocket implementation. |
| 60 virtual void GetSSLCertRequestInfo( | 60 virtual void GetSSLCertRequestInfo( |
| 61 SSLCertRequestInfo* cert_request_info) OVERRIDE; | 61 SSLCertRequestInfo* cert_request_info) OVERRIDE; |
| 62 virtual NextProtoStatus GetNextProto(std::string* proto, | 62 virtual NextProtoStatus GetNextProto(std::string* proto, |
| 63 std::string* server_protos) OVERRIDE; | 63 std::string* server_protos) OVERRIDE; |
| 64 virtual ServerBoundCertService* GetServerBoundCertService() const OVERRIDE; | 64 virtual ChannelIDService* GetChannelIDService() const OVERRIDE; |
| 65 | 65 |
| 66 // SSLSocket implementation. | 66 // SSLSocket implementation. |
| 67 virtual int ExportKeyingMaterial(const base::StringPiece& label, | 67 virtual int ExportKeyingMaterial(const base::StringPiece& label, |
| 68 bool has_context, | 68 bool has_context, |
| 69 const base::StringPiece& context, | 69 const base::StringPiece& context, |
| 70 unsigned char* out, | 70 unsigned char* out, |
| 71 unsigned int outlen) OVERRIDE; | 71 unsigned int outlen) OVERRIDE; |
| 72 virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE; | 72 virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE; |
| 73 | 73 |
| 74 // StreamSocket implementation. | 74 // StreamSocket implementation. |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 // allowed by the server. | 197 // allowed by the server. |
| 198 std::vector<std::string> cert_authorities_; | 198 std::vector<std::string> cert_authorities_; |
| 199 // List of SSLClientCertType values for client certificates allowed by the | 199 // List of SSLClientCertType values for client certificates allowed by the |
| 200 // server. | 200 // server. |
| 201 std::vector<SSLClientCertType> cert_key_types_; | 201 std::vector<SSLClientCertType> cert_key_types_; |
| 202 | 202 |
| 203 CertVerifier* const cert_verifier_; | 203 CertVerifier* const cert_verifier_; |
| 204 scoped_ptr<SingleRequestCertVerifier> verifier_; | 204 scoped_ptr<SingleRequestCertVerifier> verifier_; |
| 205 | 205 |
| 206 // The service for retrieving Channel ID keys. May be NULL. | 206 // The service for retrieving Channel ID keys. May be NULL. |
| 207 ServerBoundCertService* server_bound_cert_service_; | 207 ChannelIDService* channel_id_service_; |
| 208 | 208 |
| 209 // OpenSSL stuff | 209 // OpenSSL stuff |
| 210 SSL* ssl_; | 210 SSL* ssl_; |
| 211 BIO* transport_bio_; | 211 BIO* transport_bio_; |
| 212 | 212 |
| 213 scoped_ptr<ClientSocketHandle> transport_; | 213 scoped_ptr<ClientSocketHandle> transport_; |
| 214 const HostPortPair host_and_port_; | 214 const HostPortPair host_and_port_; |
| 215 SSLConfig ssl_config_; | 215 SSLConfig ssl_config_; |
| 216 // ssl_session_cache_shard_ is an opaque string that partitions the SSL | 216 // ssl_session_cache_shard_ is an opaque string that partitions the SSL |
| 217 // session cache. i.e. sessions created with one value will not attempt to | 217 // session cache. i.e. sessions created with one value will not attempt to |
| 218 // resume on the socket with a different value. | 218 // resume on the socket with a different value. |
| 219 const std::string ssl_session_cache_shard_; | 219 const std::string ssl_session_cache_shard_; |
| 220 | 220 |
| 221 // Used for session cache diagnostics. | 221 // Used for session cache diagnostics. |
| 222 bool trying_cached_session_; | 222 bool trying_cached_session_; |
| 223 | 223 |
| 224 enum State { | 224 enum State { |
| 225 STATE_NONE, | 225 STATE_NONE, |
| 226 STATE_HANDSHAKE, | 226 STATE_HANDSHAKE, |
| 227 STATE_CHANNEL_ID_LOOKUP, | 227 STATE_CHANNEL_ID_LOOKUP, |
| 228 STATE_CHANNEL_ID_LOOKUP_COMPLETE, | 228 STATE_CHANNEL_ID_LOOKUP_COMPLETE, |
| 229 STATE_VERIFY_CERT, | 229 STATE_VERIFY_CERT, |
| 230 STATE_VERIFY_CERT_COMPLETE, | 230 STATE_VERIFY_CERT_COMPLETE, |
| 231 }; | 231 }; |
| 232 State next_handshake_state_; | 232 State next_handshake_state_; |
| 233 NextProtoStatus npn_status_; | 233 NextProtoStatus npn_status_; |
| 234 std::string npn_proto_; | 234 std::string npn_proto_; |
| 235 std::string server_protos_; | 235 std::string server_protos_; |
| 236 // Written by the |server_bound_cert_service_|. | 236 // Written by the |channel_id_service_|. |
| 237 std::string channel_id_private_key_; | 237 std::string channel_id_private_key_; |
| 238 std::string channel_id_cert_; | 238 std::string channel_id_cert_; |
| 239 // True if channel ID extension was negotiated. | 239 // True if channel ID extension was negotiated. |
| 240 bool channel_id_xtn_negotiated_; | 240 bool channel_id_xtn_negotiated_; |
| 241 // The request handle for |server_bound_cert_service_|. | 241 // The request handle for |channel_id_service_|. |
| 242 ServerBoundCertService::RequestHandle channel_id_request_handle_; | 242 ChannelIDService::RequestHandle channel_id_request_handle_; |
| 243 BoundNetLog net_log_; | 243 BoundNetLog net_log_; |
| 244 }; | 244 }; |
| 245 | 245 |
| 246 } // namespace net | 246 } // namespace net |
| 247 | 247 |
| 248 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 248 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 356713005:
Rename ServerBoundCert => ChannelID to reflect the current name (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src