Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(244)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_host_info.h

Issue 5386001: Cache certificate verification results in memory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Add unit tests. Ready for review. Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/socket/ssl_client_socket_unittest.cc ('K') | « net/socket/ssl_client_socket_win.cc ('k') | net/socket/ssl_host_info.cc » ('j') | net/tools/fetch/fetch_client.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SOCKET_SSL_HOST_INFO_H_ 5 #ifndef NET_SOCKET_SSL_HOST_INFO_H_
6 #define NET_SOCKET_SSL_HOST_INFO_H_ 6 #define NET_SOCKET_SSL_HOST_INFO_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/ref_counted.h" 11 #include "base/ref_counted.h"
12 #include "base/scoped_ptr.h" 12 #include "base/scoped_ptr.h"
13 #include "base/time.h" 13 #include "base/time.h"
14 #include "net/base/cert_verifier.h"
14 #include "net/base/cert_verify_result.h" 15 #include "net/base/cert_verify_result.h"
15 #include "net/base/completion_callback.h" 16 #include "net/base/completion_callback.h"
16 #include "net/socket/ssl_client_socket.h" 17 #include "net/socket/ssl_client_socket.h"
17 18
18 namespace net { 19 namespace net {
19 20
20 class CertVerifier;
21 class X509Certificate; 21 class X509Certificate;
22 struct SSLConfig; 22 struct SSLConfig;
23 23
24 // SSLHostInfo is an interface for fetching information about an SSL server. 24 // SSLHostInfo is an interface for fetching information about an SSL server.
25 // This information may be stored on disk so does not include keys or session 25 // This information may be stored on disk so does not include keys or session
26 // information etc. Primarily it's intended for caching the server's 26 // information etc. Primarily it's intended for caching the server's
27 // certificates. 27 // certificates.
28 class SSLHostInfo { 28 class SSLHostInfo {
29 public: 29 public:
30 SSLHostInfo(const std::string& hostname, const SSLConfig& ssl_config); 30 SSLHostInfo(const std::string& hostname,
31 const SSLConfig& ssl_config,
32 CertVerifier *certVerifier);
31 virtual ~SSLHostInfo(); 33 virtual ~SSLHostInfo();
32 34
33 // Start will commence the lookup. This must be called before any other 35 // Start will commence the lookup. This must be called before any other
34 // methods. By opportunistically calling this early, it may be possible to 36 // methods. By opportunistically calling this early, it may be possible to
35 // overlap this object's lookup and reduce latency. 37 // overlap this object's lookup and reduce latency.
36 virtual void Start() = 0; 38 virtual void Start() = 0;
37 39
38 // WaitForDataReady returns OK if the fetch of the requested data has 40 // WaitForDataReady returns OK if the fetch of the requested data has
39 // completed. Otherwise it returns ERR_IO_PENDING and will call |callback| on 41 // completed. Otherwise it returns ERR_IO_PENDING and will call |callback| on
40 // the current thread when ready. 42 // the current thread when ready.
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
110 112
111 // This is the hostname that we'll validate the certificates against. 113 // This is the hostname that we'll validate the certificates against.
112 const std::string hostname_; 114 const std::string hostname_;
113 bool cert_parsing_failed_; 115 bool cert_parsing_failed_;
114 CompletionCallback* cert_verification_callback_; 116 CompletionCallback* cert_verification_callback_;
115 // These two members are taken from the SSLConfig. 117 // These two members are taken from the SSLConfig.
116 bool rev_checking_enabled_; 118 bool rev_checking_enabled_;
117 bool verify_ev_cert_; 119 bool verify_ev_cert_;
118 base::TimeTicks verification_start_time_; 120 base::TimeTicks verification_start_time_;
119 CertVerifyResult cert_verify_result_; 121 CertVerifyResult cert_verify_result_;
120 scoped_ptr<CertVerifier> verifier_; 122 SingleRequestCertVerifier verifier_;
121 scoped_refptr<X509Certificate> cert_; 123 scoped_refptr<X509Certificate> cert_;
122 scoped_refptr<CancelableCompletionCallback<SSLHostInfo> > callback_; 124 scoped_refptr<CancelableCompletionCallback<SSLHostInfo> > callback_;
123 }; 125 };
124 126
125 class SSLHostInfoFactory { 127 class SSLHostInfoFactory {
126 public: 128 public:
127 virtual ~SSLHostInfoFactory(); 129 virtual ~SSLHostInfoFactory();
128 130
129 // GetForHost returns a fresh, allocated SSLHostInfo for the given hostname 131 // GetForHost returns a fresh, allocated SSLHostInfo for the given hostname
130 // or NULL on failure. 132 // or NULL on failure.
131 virtual SSLHostInfo* GetForHost(const std::string& hostname, 133 virtual SSLHostInfo* GetForHost(const std::string& hostname,
132 const SSLConfig& ssl_config) = 0; 134 const SSLConfig& ssl_config) = 0;
133 }; 135 };
134 136
135 } // namespace net 137 } // namespace net
136 138
137 #endif // NET_SOCKET_SSL_HOST_INFO_H_ 139 #endif // NET_SOCKET_SSL_HOST_INFO_H_
OLDNEW
« net/socket/ssl_client_socket_unittest.cc ('K') | « net/socket/ssl_client_socket_win.cc ('k') | net/socket/ssl_host_info.cc » ('j') | net/tools/fetch/fetch_client.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698