OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
10 | 10 |
11 #include <string> | 11 #include <string> |
12 #include <vector> | 12 #include <vector> |
13 | 13 |
14 #include "base/scoped_ptr.h" | 14 #include "base/scoped_ptr.h" |
15 #include "net/base/cert_verify_result.h" | 15 #include "net/base/cert_verify_result.h" |
16 #include "net/base/completion_callback.h" | 16 #include "net/base/completion_callback.h" |
17 #include "net/base/host_port_pair.h" | 17 #include "net/base/host_port_pair.h" |
18 #include "net/base/net_log.h" | 18 #include "net/base/net_log.h" |
19 #include "net/base/ssl_config_service.h" | 19 #include "net/base/ssl_config_service.h" |
20 #include "net/socket/ssl_client_socket.h" | 20 #include "net/socket/ssl_client_socket.h" |
21 | 21 |
22 namespace net { | 22 namespace net { |
23 | 23 |
24 class CertVerifier; | 24 class CertVerifier; |
25 class ClientSocketHandle; | 25 class ClientSocketHandle; |
| 26 class SingleRequestCertVerifier; |
26 | 27 |
27 // An SSL client socket implemented with Secure Transport. | 28 // An SSL client socket implemented with Secure Transport. |
28 class SSLClientSocketMac : public SSLClientSocket { | 29 class SSLClientSocketMac : public SSLClientSocket { |
29 public: | 30 public: |
30 // Takes ownership of the |transport_socket|, which must already be connected. | 31 // Takes ownership of the |transport_socket|, which must already be connected. |
31 // The hostname specified in |host_and_port| will be compared with the name(s) | 32 // The hostname specified in |host_and_port| will be compared with the name(s) |
32 // in the server's certificate during the SSL handshake. If SSL client | 33 // in the server's certificate during the SSL handshake. If SSL client |
33 // authentication is requested, the host_and_port field of SSLCertRequestInfo | 34 // authentication is requested, the host_and_port field of SSLCertRequestInfo |
34 // will be populated with |host_and_port|. |ssl_config| specifies | 35 // will be populated with |host_and_port|. |ssl_config| specifies |
35 // the SSL settings. | 36 // the SSL settings. |
36 SSLClientSocketMac(ClientSocketHandle* transport_socket, | 37 SSLClientSocketMac(ClientSocketHandle* transport_socket, |
37 const HostPortPair& host_and_port, | 38 const HostPortPair& host_and_port, |
38 const SSLConfig& ssl_config); | 39 const SSLConfig& ssl_config, |
| 40 CertVerifier* cert_verifier); |
39 ~SSLClientSocketMac(); | 41 ~SSLClientSocketMac(); |
40 | 42 |
41 // SSLClientSocket methods: | 43 // SSLClientSocket methods: |
42 virtual void GetSSLInfo(SSLInfo* ssl_info); | 44 virtual void GetSSLInfo(SSLInfo* ssl_info); |
43 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); | 45 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); |
44 virtual NextProtoStatus GetNextProto(std::string* proto); | 46 virtual NextProtoStatus GetNextProto(std::string* proto); |
45 | 47 |
46 // ClientSocket methods: | 48 // ClientSocket methods: |
47 virtual int Connect(CompletionCallback* callback); | 49 virtual int Connect(CompletionCallback* callback); |
48 virtual void Disconnect(); | 50 virtual void Disconnect(); |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
130 // STATE_VERIFY_CERT_COMPLETE, and then continues to | 132 // STATE_VERIFY_CERT_COMPLETE, and then continues to |
131 // STATE_COMPLETED_RENEGOTIATION. After STATE_COMPLETED_RENEGOTIATION | 133 // STATE_COMPLETED_RENEGOTIATION. After STATE_COMPLETED_RENEGOTIATION |
132 // has been processed, it goes back to STATE_COMPLETED_HANDSHAKE and | 134 // has been processed, it goes back to STATE_COMPLETED_HANDSHAKE and |
133 // will remain there until the server requests renegotiation again. | 135 // will remain there until the server requests renegotiation again. |
134 // During the initial handshake, STATE_COMPLETED_RENEGOTIATION is | 136 // During the initial handshake, STATE_COMPLETED_RENEGOTIATION is |
135 // skipped. | 137 // skipped. |
136 }; | 138 }; |
137 State next_handshake_state_; | 139 State next_handshake_state_; |
138 | 140 |
139 scoped_refptr<X509Certificate> server_cert_; | 141 scoped_refptr<X509Certificate> server_cert_; |
140 scoped_ptr<CertVerifier> verifier_; | 142 CertVerifier* const cert_verifier_; |
| 143 scoped_ptr<SingleRequestCertVerifier> verifier_; |
141 CertVerifyResult server_cert_verify_result_; | 144 CertVerifyResult server_cert_verify_result_; |
142 | 145 |
143 // The initial handshake has already completed, and the current handshake | 146 // The initial handshake has already completed, and the current handshake |
144 // is server-initiated renegotiation. | 147 // is server-initiated renegotiation. |
145 bool renegotiating_; | 148 bool renegotiating_; |
146 bool client_cert_requested_; | 149 bool client_cert_requested_; |
147 SSLContextRef ssl_context_; | 150 SSLContextRef ssl_context_; |
148 | 151 |
149 // These buffers hold data retrieved from/sent to the underlying transport | 152 // These buffers hold data retrieved from/sent to the underlying transport |
150 // before it's fed to the SSL engine. | 153 // before it's fed to the SSL engine. |
151 std::vector<char> send_buffer_; | 154 std::vector<char> send_buffer_; |
152 int pending_send_error_; | 155 int pending_send_error_; |
153 std::vector<char> recv_buffer_; | 156 std::vector<char> recv_buffer_; |
154 | 157 |
155 // These are the IOBuffers used for operations on the underlying transport. | 158 // These are the IOBuffers used for operations on the underlying transport. |
156 scoped_refptr<IOBuffer> read_io_buf_; | 159 scoped_refptr<IOBuffer> read_io_buf_; |
157 scoped_refptr<IOBuffer> write_io_buf_; | 160 scoped_refptr<IOBuffer> write_io_buf_; |
158 | 161 |
159 BoundNetLog net_log_; | 162 BoundNetLog net_log_; |
160 }; | 163 }; |
161 | 164 |
162 } // namespace net | 165 } // namespace net |
163 | 166 |
164 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ | 167 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ |
OLD | NEW |