| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
| 11 #include "net/base/completion_callback.h" | 11 #include "net/base/completion_callback.h" |
| 12 #include "net/base/load_flags.h" | 12 #include "net/base/load_flags.h" |
| 13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "net/socket/ssl_socket.h" | 14 #include "net/socket/ssl_socket.h" |
| 15 #include "net/socket/stream_socket.h" | 15 #include "net/socket/stream_socket.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 class CertPolicyEnforcer; |
| 19 class CertVerifier; | 20 class CertVerifier; |
| 20 class ChannelIDService; | 21 class ChannelIDService; |
| 21 class CTVerifier; | 22 class CTVerifier; |
| 22 class HostPortPair; | 23 class HostPortPair; |
| 23 class ServerBoundCertService; | 24 class ServerBoundCertService; |
| 24 class SSLCertRequestInfo; | 25 class SSLCertRequestInfo; |
| 25 struct SSLConfig; | 26 struct SSLConfig; |
| 26 class SSLInfo; | 27 class SSLInfo; |
| 27 class TransportSecurityState; | 28 class TransportSecurityState; |
| 28 class X509Certificate; | 29 class X509Certificate; |
| 29 | 30 |
| 30 // This struct groups together several fields which are used by various | 31 // This struct groups together several fields which are used by various |
| 31 // classes related to SSLClientSocket. | 32 // classes related to SSLClientSocket. |
| 32 struct SSLClientSocketContext { | 33 struct SSLClientSocketContext { |
| 33 SSLClientSocketContext() | 34 SSLClientSocketContext() |
| 34 : cert_verifier(NULL), | 35 : cert_verifier(NULL), |
| 35 channel_id_service(NULL), | 36 channel_id_service(NULL), |
| 36 transport_security_state(NULL), | 37 transport_security_state(NULL), |
| 37 cert_transparency_verifier(NULL) {} | 38 cert_transparency_verifier(NULL), |
| 39 cert_policy_enforcer(NULL) {} |
| 38 | 40 |
| 39 SSLClientSocketContext(CertVerifier* cert_verifier_arg, | 41 SSLClientSocketContext(CertVerifier* cert_verifier_arg, |
| 40 ChannelIDService* channel_id_service_arg, | 42 ChannelIDService* channel_id_service_arg, |
| 41 TransportSecurityState* transport_security_state_arg, | 43 TransportSecurityState* transport_security_state_arg, |
| 42 CTVerifier* cert_transparency_verifier_arg, | 44 CTVerifier* cert_transparency_verifier_arg, |
| 45 CertPolicyEnforcer* cert_policy_enforcer_arg, |
| 43 const std::string& ssl_session_cache_shard_arg) | 46 const std::string& ssl_session_cache_shard_arg) |
| 44 : cert_verifier(cert_verifier_arg), | 47 : cert_verifier(cert_verifier_arg), |
| 45 channel_id_service(channel_id_service_arg), | 48 channel_id_service(channel_id_service_arg), |
| 46 transport_security_state(transport_security_state_arg), | 49 transport_security_state(transport_security_state_arg), |
| 47 cert_transparency_verifier(cert_transparency_verifier_arg), | 50 cert_transparency_verifier(cert_transparency_verifier_arg), |
| 51 cert_policy_enforcer(cert_policy_enforcer_arg), |
| 48 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} | 52 ssl_session_cache_shard(ssl_session_cache_shard_arg) {} |
| 49 | 53 |
| 50 CertVerifier* cert_verifier; | 54 CertVerifier* cert_verifier; |
| 51 ChannelIDService* channel_id_service; | 55 ChannelIDService* channel_id_service; |
| 52 TransportSecurityState* transport_security_state; | 56 TransportSecurityState* transport_security_state; |
| 53 CTVerifier* cert_transparency_verifier; | 57 CTVerifier* cert_transparency_verifier; |
| 58 CertPolicyEnforcer* cert_policy_enforcer; |
| 54 // ssl_session_cache_shard is an opaque string that identifies a shard of the | 59 // ssl_session_cache_shard is an opaque string that identifies a shard of the |
| 55 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may | 60 // SSL session cache. SSL sockets with the same ssl_session_cache_shard may |
| 56 // resume each other's SSL sessions but we'll never sessions between shards. | 61 // resume each other's SSL sessions but we'll never sessions between shards. |
| 57 const std::string ssl_session_cache_shard; | 62 const std::string ssl_session_cache_shard; |
| 58 }; | 63 }; |
| 59 | 64 |
| 60 // A client socket that uses SSL as the transport layer. | 65 // A client socket that uses SSL as the transport layer. |
| 61 // | 66 // |
| 62 // NOTE: The SSL handshake occurs within the Connect method after a TCP | 67 // NOTE: The SSL handshake occurs within the Connect method after a TCP |
| 63 // connection is established. If a SSL error occurs during the handshake, | 68 // connection is established. If a SSL error occurs during the handshake, |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 static const char* NextProtoToString(NextProto next_proto); | 147 static const char* NextProtoToString(NextProto next_proto); |
| 143 | 148 |
| 144 static const char* NextProtoStatusToString(const NextProtoStatus status); | 149 static const char* NextProtoStatusToString(const NextProtoStatus status); |
| 145 | 150 |
| 146 static bool IgnoreCertError(int error, int load_flags); | 151 static bool IgnoreCertError(int error, int load_flags); |
| 147 | 152 |
| 148 // ClearSessionCache clears the SSL session cache, used to resume SSL | 153 // ClearSessionCache clears the SSL session cache, used to resume SSL |
| 149 // sessions. | 154 // sessions. |
| 150 static void ClearSessionCache(); | 155 static void ClearSessionCache(); |
| 151 | 156 |
| 157 // Get the maximum SSL version supported by the underlying library and |
| 158 // cryptographic implementation. |
| 159 static uint16 GetMaxSupportedSSLVersion(); |
| 160 |
| 152 virtual bool set_was_npn_negotiated(bool negotiated); | 161 virtual bool set_was_npn_negotiated(bool negotiated); |
| 153 | 162 |
| 154 virtual bool was_spdy_negotiated() const; | 163 virtual bool was_spdy_negotiated() const; |
| 155 | 164 |
| 156 virtual bool set_was_spdy_negotiated(bool negotiated); | 165 virtual bool set_was_spdy_negotiated(bool negotiated); |
| 157 | 166 |
| 158 virtual void set_protocol_negotiated(NextProto protocol_negotiated); | 167 virtual void set_protocol_negotiated(NextProto protocol_negotiated); |
| 159 | 168 |
| 160 void set_negotiation_extension(SSLNegotiationExtension negotiation_extension); | 169 void set_negotiation_extension(SSLNegotiationExtension negotiation_extension); |
| 161 | 170 |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 235 bool signed_cert_timestamps_received_; | 244 bool signed_cert_timestamps_received_; |
| 236 // True if a stapled OCSP response was received. | 245 // True if a stapled OCSP response was received. |
| 237 bool stapled_ocsp_response_received_; | 246 bool stapled_ocsp_response_received_; |
| 238 // Protocol negotiation extension used. | 247 // Protocol negotiation extension used. |
| 239 SSLNegotiationExtension negotiation_extension_; | 248 SSLNegotiationExtension negotiation_extension_; |
| 240 }; | 249 }; |
| 241 | 250 |
| 242 } // namespace net | 251 } // namespace net |
| 243 | 252 |
| 244 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 253 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 761903003:
Update from https://crrev.com/306655 (Closed)
Base URL: git@github.com:domokit/mojo.git@master