Cache certificate verification results in memory.

net/socket/ssl_client_socket_pool.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_
 #define NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_
 #pragma once
 
 #include <string>
 
 #include "base/ref_counted.h"
 #include "base/scoped_ptr.h"
 #include "base/time.h"
 #include "net/base/host_resolver.h"
 #include "net/base/ssl_config_service.h"
 #include "net/http/http_response_info.h"
 #include "net/proxy/proxy_server.h"
 #include "net/socket/ssl_client_socket.h"
 #include "net/socket/client_socket_pool_base.h"
 #include "net/socket/client_socket_pool_histograms.h"
 #include "net/socket/client_socket_pool.h"
 
 namespace net {
 
+class CertVerifier;
 class ClientSocketFactory;
 class ConnectJobFactory;
 class DnsCertProvenanceChecker;
 class DnsRRResolver;
 class HostPortPair;
 class HttpProxyClientSocketPool;
 class HttpProxySocketParams;
 class SOCKSClientSocketPool;
 class SOCKSSocketParams;
 class SSLClientSocket;
@@ skipping 53 matching lines @@
  public:
   SSLConnectJob(
       const std::string& group_name,
       const scoped_refptr<SSLSocketParams>& params,
       const base::TimeDelta& timeout_duration,
       TCPClientSocketPool* tcp_pool,
       SOCKSClientSocketPool* socks_pool,
       HttpProxyClientSocketPool* http_proxy_pool,
       ClientSocketFactory* client_socket_factory,
       HostResolver* host_resolver,
+      CertVerifier* cert_verifier,
       DnsRRResolver* dnsrr_resolver,
       DnsCertProvenanceChecker* dns_cert_checker,
       SSLHostInfoFactory* ssl_host_info_factory,
       Delegate* delegate,
       NetLog* net_log);
   virtual ~SSLConnectJob();
 
   // ConnectJob methods.
   virtual LoadState GetLoadState() const;
 
@@ skipping 29 matching lines @@
   int DoTunnelConnect();
   int DoTunnelConnectComplete(int result);
   int DoSSLConnect();
   int DoSSLConnectComplete(int result);
 
   scoped_refptr<SSLSocketParams> params_;
   TCPClientSocketPool* const tcp_pool_;
   SOCKSClientSocketPool* const socks_pool_;
   HttpProxyClientSocketPool* const http_proxy_pool_;
   ClientSocketFactory* const client_socket_factory_;
-  HostResolver* const resolver_;
+  HostResolver* const host_resolver_;
+  CertVerifier* const cert_verifier_;
   DnsRRResolver* const dnsrr_resolver_;
   DnsCertProvenanceChecker* dns_cert_checker_;
   SSLHostInfoFactory* const ssl_host_info_factory_;
 
   State next_state_;
   CompletionCallbackImpl<SSLConnectJob> callback_;
   scoped_ptr<ClientSocketHandle> transport_socket_handle_;
   scoped_ptr<SSLClientSocket> ssl_socket_;
   scoped_ptr<SSLHostInfo> ssl_host_info_;
 
   // The time the DoSSLConnect() method was called.
   base::TimeTicks ssl_connect_start_time_;
 
   HttpResponseInfo error_response_info_;
 
   DISALLOW_COPY_AND_ASSIGN(SSLConnectJob);
 };
 
 class SSLClientSocketPool : public ClientSocketPool,
                             public SSLConfigService::Observer {
  public:
   // Only the pools that will be used are required. i.e. if you never
   // try to create an SSL over SOCKS socket, |socks_pool| may be NULL.
   SSLClientSocketPool(
       int max_sockets,
       int max_sockets_per_group,
       ClientSocketPoolHistograms* histograms,
       HostResolver* host_resolver,
+      CertVerifier* cert_verifier,
       DnsRRResolver* dnsrr_resolver,
       DnsCertProvenanceChecker* dns_cert_checker,
       SSLHostInfoFactory* ssl_host_info_factory,
       ClientSocketFactory* client_socket_factory,
       TCPClientSocketPool* tcp_pool,
       SOCKSClientSocketPool* socks_pool,
       HttpProxyClientSocketPool* http_proxy_pool,
       SSLConfigService* ssl_config_service,
       NetLog* net_log);
 
@@ skipping 48 matching lines @@
   typedef ClientSocketPoolBase<SSLSocketParams> PoolBase;
 
   class SSLConnectJobFactory : public PoolBase::ConnectJobFactory {
    public:
     SSLConnectJobFactory(
         TCPClientSocketPool* tcp_pool,
         SOCKSClientSocketPool* socks_pool,
         HttpProxyClientSocketPool* http_proxy_pool,
         ClientSocketFactory* client_socket_factory,
         HostResolver* host_resolver,
+        CertVerifier* cert_verifier,
         DnsRRResolver* dnsrr_resolver,
         DnsCertProvenanceChecker* dns_cert_checker,
         SSLHostInfoFactory* ssl_host_info_factory,
         NetLog* net_log);
 
     virtual ~SSLConnectJobFactory() {}
 
     // ClientSocketPoolBase::ConnectJobFactory methods.
     virtual ConnectJob* NewConnectJob(
         const std::string& group_name,
         const PoolBase::Request& request,
         ConnectJob::Delegate* delegate) const;
 
     virtual base::TimeDelta ConnectionTimeout() const { return timeout_; }
 
    private:
     TCPClientSocketPool* const tcp_pool_;
     SOCKSClientSocketPool* const socks_pool_;
     HttpProxyClientSocketPool* const http_proxy_pool_;
     ClientSocketFactory* const client_socket_factory_;
     HostResolver* const host_resolver_;
+    CertVerifier* const cert_verifier_;
     DnsRRResolver* const dnsrr_resolver_;
     DnsCertProvenanceChecker* const dns_cert_checker_;
     SSLHostInfoFactory* const ssl_host_info_factory_;
     base::TimeDelta timeout_;
     NetLog* net_log_;
 
     DISALLOW_COPY_AND_ASSIGN(SSLConnectJobFactory);
   };
 
   TCPClientSocketPool* const tcp_pool_;
   SOCKSClientSocketPool* const socks_pool_;
   HttpProxyClientSocketPool* const http_proxy_pool_;
   PoolBase base_;
   const scoped_refptr<SSLConfigService> ssl_config_service_;
 
   DISALLOW_COPY_AND_ASSIGN(SSLClientSocketPool);
 };
 
 REGISTER_SOCKET_PARAMS_FOR_POOL(SSLClientSocketPool, SSLSocketParams);
 
 }  // namespace net
 
 #endif  // NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_