OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
7 | 7 |
8 #include <certt.h> | 8 #include <certt.h> |
9 #include <keyt.h> | 9 #include <keyt.h> |
10 #include <nspr.h> | 10 #include <nspr.h> |
11 #include <nss.h> | 11 #include <nss.h> |
12 | 12 |
13 #include <string> | 13 #include <string> |
14 #include <vector> | 14 #include <vector> |
15 | 15 |
16 #include "base/scoped_ptr.h" | 16 #include "base/scoped_ptr.h" |
17 #include "net/base/cert_verify_result.h" | 17 #include "net/base/cert_verify_result.h" |
18 #include "net/base/completion_callback.h" | 18 #include "net/base/completion_callback.h" |
| 19 #include "net/base/net_log.h" |
19 #include "net/base/nss_memio.h" | 20 #include "net/base/nss_memio.h" |
20 #include "net/base/ssl_config_service.h" | 21 #include "net/base/ssl_config_service.h" |
21 #include "net/socket/ssl_client_socket.h" | 22 #include "net/socket/ssl_client_socket.h" |
22 | 23 |
23 namespace net { | 24 namespace net { |
24 | 25 |
| 26 class BoundNetLog; |
25 class CertVerifier; | 27 class CertVerifier; |
26 class LoadLog; | |
27 class X509Certificate; | 28 class X509Certificate; |
28 | 29 |
29 // An SSL client socket implemented with Mozilla NSS. | 30 // An SSL client socket implemented with Mozilla NSS. |
30 class SSLClientSocketNSS : public SSLClientSocket { | 31 class SSLClientSocketNSS : public SSLClientSocket { |
31 public: | 32 public: |
32 // Takes ownership of the transport_socket, which may already be connected. | 33 // Takes ownership of the transport_socket, which may already be connected. |
33 // The given hostname will be compared with the name(s) in the server's | 34 // The given hostname will be compared with the name(s) in the server's |
34 // certificate during the SSL handshake. ssl_config specifies the SSL | 35 // certificate during the SSL handshake. ssl_config specifies the SSL |
35 // settings. | 36 // settings. |
36 SSLClientSocketNSS(ClientSocket* transport_socket, | 37 SSLClientSocketNSS(ClientSocket* transport_socket, |
37 const std::string& hostname, | 38 const std::string& hostname, |
38 const SSLConfig& ssl_config); | 39 const SSLConfig& ssl_config); |
39 ~SSLClientSocketNSS(); | 40 ~SSLClientSocketNSS(); |
40 | 41 |
41 // SSLClientSocket methods: | 42 // SSLClientSocket methods: |
42 virtual void GetSSLInfo(SSLInfo* ssl_info); | 43 virtual void GetSSLInfo(SSLInfo* ssl_info); |
43 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); | 44 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); |
44 virtual NextProtoStatus GetNextProto(std::string* proto); | 45 virtual NextProtoStatus GetNextProto(std::string* proto); |
45 | 46 |
46 // ClientSocket methods: | 47 // ClientSocket methods: |
47 virtual int Connect(CompletionCallback* callback, LoadLog* load_log); | 48 virtual int Connect(CompletionCallback* callback, const BoundNetLog& net_log); |
48 virtual void Disconnect(); | 49 virtual void Disconnect(); |
49 virtual bool IsConnected() const; | 50 virtual bool IsConnected() const; |
50 virtual bool IsConnectedAndIdle() const; | 51 virtual bool IsConnectedAndIdle() const; |
51 virtual int GetPeerAddress(AddressList* address) const; | 52 virtual int GetPeerAddress(AddressList* address) const; |
52 | 53 |
53 // Socket methods: | 54 // Socket methods: |
54 virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback); | 55 virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback); |
55 virtual int Write(IOBuffer* buf, int buf_len, CompletionCallback* callback); | 56 virtual int Write(IOBuffer* buf, int buf_len, CompletionCallback* callback); |
56 virtual bool SetReceiveBufferSize(int32 size); | 57 virtual bool SetReceiveBufferSize(int32 size); |
57 virtual bool SetSendBufferSize(int32 size); | 58 virtual bool SetSendBufferSize(int32 size); |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 STATE_VERIFY_CERT_COMPLETE, | 148 STATE_VERIFY_CERT_COMPLETE, |
148 }; | 149 }; |
149 State next_handshake_state_; | 150 State next_handshake_state_; |
150 | 151 |
151 // The NSS SSL state machine | 152 // The NSS SSL state machine |
152 PRFileDesc* nss_fd_; | 153 PRFileDesc* nss_fd_; |
153 | 154 |
154 // Buffers for the network end of the SSL state machine | 155 // Buffers for the network end of the SSL state machine |
155 memio_Private* nss_bufs_; | 156 memio_Private* nss_bufs_; |
156 | 157 |
157 scoped_refptr<LoadLog> load_log_; | 158 BoundNetLog net_log_; |
158 | 159 |
159 #if defined(OS_WIN) | 160 #if defined(OS_WIN) |
160 // A CryptoAPI in-memory certificate store. We use it for two purposes: | 161 // A CryptoAPI in-memory certificate store. We use it for two purposes: |
161 // 1. Import server certificates into this store so that we can verify and | 162 // 1. Import server certificates into this store so that we can verify and |
162 // display the certificates using CryptoAPI. | 163 // display the certificates using CryptoAPI. |
163 // 2. Copy client certificates from the "MY" system certificate store into | 164 // 2. Copy client certificates from the "MY" system certificate store into |
164 // this store so that we can close the system store when we finish | 165 // this store so that we can close the system store when we finish |
165 // searching for client certificates. | 166 // searching for client certificates. |
166 static HCERTSTORE cert_store_; | 167 static HCERTSTORE cert_store_; |
167 #endif | 168 #endif |
168 }; | 169 }; |
169 | 170 |
170 } // namespace net | 171 } // namespace net |
171 | 172 |
172 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 173 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
OLD | NEW |