OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
11 #include "base/scoped_ptr.h" | 11 #include "base/scoped_ptr.h" |
12 #include "net/base/cert_verify_result.h" | 12 #include "net/base/cert_verify_result.h" |
13 #include "net/base/completion_callback.h" | 13 #include "net/base/completion_callback.h" |
14 #include "net/base/io_buffer.h" | 14 #include "net/base/io_buffer.h" |
15 #include "net/base/ssl_config_service.h" | 15 #include "net/base/ssl_config_service.h" |
16 #include "net/socket/ssl_client_socket.h" | 16 #include "net/socket/ssl_client_socket.h" |
17 #include "net/socket/client_socket_handle.h" | 17 #include "net/socket/client_socket_handle.h" |
18 | 18 |
19 typedef struct bio_st BIO; | 19 typedef struct bio_st BIO; |
20 typedef struct evp_pkey_st EVP_PKEY; | 20 typedef struct evp_pkey_st EVP_PKEY; |
21 typedef struct ssl_st SSL; | 21 typedef struct ssl_st SSL; |
22 typedef struct x509_st X509; | 22 typedef struct x509_st X509; |
23 | 23 |
24 namespace net { | 24 namespace net { |
25 | 25 |
26 class CertVerifier; | 26 class CertVerifier; |
| 27 class SingleRequestCertVerifier; |
27 class SSLCertRequestInfo; | 28 class SSLCertRequestInfo; |
28 class SSLConfig; | 29 class SSLConfig; |
29 class SSLInfo; | 30 class SSLInfo; |
30 | 31 |
31 // An SSL client socket implemented with OpenSSL. | 32 // An SSL client socket implemented with OpenSSL. |
32 class SSLClientSocketOpenSSL : public SSLClientSocket { | 33 class SSLClientSocketOpenSSL : public SSLClientSocket { |
33 public: | 34 public: |
34 // Takes ownership of the transport_socket, which may already be connected. | 35 // Takes ownership of the transport_socket, which may already be connected. |
35 // The given hostname will be compared with the name(s) in the server's | 36 // The given hostname will be compared with the name(s) in the server's |
36 // certificate during the SSL handshake. ssl_config specifies the SSL | 37 // certificate during the SSL handshake. ssl_config specifies the SSL |
37 // settings. | 38 // settings. |
38 SSLClientSocketOpenSSL(ClientSocketHandle* transport_socket, | 39 SSLClientSocketOpenSSL(ClientSocketHandle* transport_socket, |
39 const HostPortPair& host_and_port, | 40 const HostPortPair& host_and_port, |
40 const SSLConfig& ssl_config); | 41 const SSLConfig& ssl_config, |
| 42 CertVerifier* cert_verifier); |
41 ~SSLClientSocketOpenSSL(); | 43 ~SSLClientSocketOpenSSL(); |
42 | 44 |
43 const HostPortPair& host_and_port() const { return host_and_port_; } | 45 const HostPortPair& host_and_port() const { return host_and_port_; } |
44 | 46 |
45 // Callback from the SSL layer that indicates the remote server is requesting | 47 // Callback from the SSL layer that indicates the remote server is requesting |
46 // a certificate for this client. | 48 // a certificate for this client. |
47 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); | 49 int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey); |
48 | 50 |
49 // Callback from the SSL layer to check which NPN protocol we are supporting | 51 // Callback from the SSL layer to check which NPN protocol we are supporting |
50 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, | 52 int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen, |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
124 // Set when handshake finishes. | 126 // Set when handshake finishes. |
125 scoped_refptr<X509Certificate> server_cert_; | 127 scoped_refptr<X509Certificate> server_cert_; |
126 CertVerifyResult server_cert_verify_result_; | 128 CertVerifyResult server_cert_verify_result_; |
127 bool completed_handshake_; | 129 bool completed_handshake_; |
128 | 130 |
129 // Stores client authentication information between ClientAuthHandler and | 131 // Stores client authentication information between ClientAuthHandler and |
130 // GetSSLCertRequestInfo calls. | 132 // GetSSLCertRequestInfo calls. |
131 std::vector<scoped_refptr<X509Certificate> > client_certs_; | 133 std::vector<scoped_refptr<X509Certificate> > client_certs_; |
132 bool client_auth_cert_needed_; | 134 bool client_auth_cert_needed_; |
133 | 135 |
134 scoped_ptr<CertVerifier> verifier_; | 136 CertVerifier* const cert_verifier_; |
| 137 scoped_ptr<SingleRequestCertVerifier> verifier_; |
135 CompletionCallbackImpl<SSLClientSocketOpenSSL> handshake_io_callback_; | 138 CompletionCallbackImpl<SSLClientSocketOpenSSL> handshake_io_callback_; |
136 | 139 |
137 // OpenSSL stuff | 140 // OpenSSL stuff |
138 SSL* ssl_; | 141 SSL* ssl_; |
139 BIO* transport_bio_; | 142 BIO* transport_bio_; |
140 | 143 |
141 scoped_ptr<ClientSocketHandle> transport_; | 144 scoped_ptr<ClientSocketHandle> transport_; |
142 const HostPortPair host_and_port_; | 145 const HostPortPair host_and_port_; |
143 SSLConfig ssl_config_; | 146 SSLConfig ssl_config_; |
144 | 147 |
145 // Used for session cache diagnostics. | 148 // Used for session cache diagnostics. |
146 bool trying_cached_session_; | 149 bool trying_cached_session_; |
147 | 150 |
148 enum State { | 151 enum State { |
149 STATE_NONE, | 152 STATE_NONE, |
150 STATE_HANDSHAKE, | 153 STATE_HANDSHAKE, |
151 STATE_VERIFY_CERT, | 154 STATE_VERIFY_CERT, |
152 STATE_VERIFY_CERT_COMPLETE, | 155 STATE_VERIFY_CERT_COMPLETE, |
153 }; | 156 }; |
154 State next_handshake_state_; | 157 State next_handshake_state_; |
155 NextProtoStatus npn_status_; | 158 NextProtoStatus npn_status_; |
156 std::string npn_proto_; | 159 std::string npn_proto_; |
157 BoundNetLog net_log_; | 160 BoundNetLog net_log_; |
158 }; | 161 }; |
159 | 162 |
160 } // namespace net | 163 } // namespace net |
161 | 164 |
162 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 165 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
163 | 166 |
OLD | NEW |