Cache certificate verification results in memory.

net/socket/ssl_client_socket_win.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_WIN_H_
 #define NET_SOCKET_SSL_CLIENT_SOCKET_WIN_H_
 #pragma once
 
 #define SECURITY_WIN32  // Needs to be defined before including security.h
 
@@ skipping 10 matching lines @@
 #include "net/base/net_log.h"
 #include "net/base/ssl_config_service.h"
 #include "net/socket/ssl_client_socket.h"
 
 namespace net {
 
 class BoundNetLog;
 class CertVerifier;
 class ClientSocketHandle;
 class HostPortPair;
+class SingleRequestCertVerifier;
 
 // An SSL client socket implemented with the Windows Schannel.
 class SSLClientSocketWin : public SSLClientSocket {
  public:
   // Takes ownership of the |transport_socket|, which must already be connected.
   // The hostname specified in |host_and_port| will be compared with the name(s)
   // in the server's certificate during the SSL handshake.  If SSL client
   // authentication is requested, the host_and_port field of SSLCertRequestInfo
   // will be populated with |host_and_port|.  |ssl_config| specifies
   // the SSL settings.
   SSLClientSocketWin(ClientSocketHandle* transport_socket,
                      const HostPortPair& host_and_port,
-                     const SSLConfig& ssl_config);
+                     const SSLConfig& ssl_config,
+                     CertVerifier* cert_verifier);
   ~SSLClientSocketWin();
 
   // SSLClientSocket methods:
   virtual void GetSSLInfo(SSLInfo* ssl_info);
   virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info);
   virtual NextProtoStatus GetNextProto(std::string* proto);
 
   // ClientSocket methods:
   virtual int Connect(CompletionCallback* callback);
   virtual void Disconnect();
@@ skipping 84 matching lines @@
     STATE_COMPLETED_RENEGOTIATION,
     STATE_COMPLETED_HANDSHAKE
     // After the handshake, the socket remains
     // in the STATE_COMPLETED_HANDSHAKE state,
     // unless a renegotiate handshake occurs.
   };
   State next_state_;
 
   SecPkgContext_StreamSizes stream_sizes_;
   scoped_refptr<X509Certificate> server_cert_;
-  scoped_ptr<CertVerifier> verifier_;
+  CertVerifier* const cert_verifier_;
+  scoped_ptr<SingleRequestCertVerifier> verifier_;
   CertVerifyResult server_cert_verify_result_;
 
   CredHandle* creds_;
   CtxtHandle ctxt_;
   SecBuffer in_buffers_[2];  // Input buffers for InitializeSecurityContext.
   SecBuffer send_buffer_;  // Output buffer for InitializeSecurityContext.
   SECURITY_STATUS isc_status_;  // Return value of InitializeSecurityContext.
   scoped_array<char> payload_send_buffer_;
   int payload_send_buffer_len_;
   int bytes_sent_;
@@ skipping 33 matching lines @@
 
   // True when the decrypter needs more data in order to decrypt.
   bool need_more_data_;
 
   BoundNetLog net_log_;
 };
 
 }  // namespace net
 
 #endif  // NET_SOCKET_SSL_CLIENT_SOCKET_WIN_H_