Rewrite session cache in OpenSSL ports.

net/socket/ssl_client_socket_openssl.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_
 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_
 
 #include <string>
 
 #include "base/compiler_specific.h"
@@ skipping 148 matching lines @@
                                  const char *argp, int argi, long argl,
                                  long retvalue);
 
   // Callback from the SSL layer when an operation is performed on
   // |transport_bio_|'s peer.
   static long BIOCallback(BIO *bio,
                           int cmd,
                           const char *argp, int argi, long argl,
                           long retvalue);
 
+  // Called after the initial handshake completes and after the server
+  // certificate has been verified. The order of handshake completion and
+  // certificate verification depends on whether the connection was false
+  // started. After both have happened (thus calling this twice), the session is
+  // safe to cache and will be cached.
+  void MaybeCacheSession();
+
+  // Callback from the SSL layer when the internal state machine progresses. It
+  // is used to listen for when the handshake completes entirely; |Connect| may
+  // return early if false starting.
+  void InfoCallback(int type, int val);
+
   // Adds the SignedCertificateTimestamps from ct_verify_result_ to |ssl_info|.
   // SCTs are held in three separate vectors in ct_verify_result, each
   // vetor representing a particular verification state, this method associates
   // each of the SCTs with the corresponding SCTVerifyStatus as it adds it to
   // the |ssl_info|.signed_certificate_timestamps list.
   void AddSCTInfoToSSLInfo(SSLInfo* ssl_info) const;
 
   // Returns a unique key string for the SSL session cache for
   // this socket.
   std::string GetSessionCacheKey() const;
@@ skipping 78 matching lines @@
   BIO* transport_bio_;
 
   scoped_ptr<ClientSocketHandle> transport_;
   const HostPortPair host_and_port_;
   SSLConfig ssl_config_;
   // ssl_session_cache_shard_ is an opaque string that partitions the SSL
   // session cache. i.e. sessions created with one value will not attempt to
   // resume on the socket with a different value.
   const std::string ssl_session_cache_shard_;
 
-  // Used for session cache diagnostics.
-  bool trying_cached_session_;
-
   enum State {
     STATE_NONE,
     STATE_HANDSHAKE,
     STATE_CHANNEL_ID_LOOKUP,
     STATE_CHANNEL_ID_LOOKUP_COMPLETE,
     STATE_VERIFY_CERT,
     STATE_VERIFY_CERT_COMPLETE,
   };
   State next_handshake_state_;
   NextProtoStatus npn_status_;
   std::string npn_proto_;
   // Written by the |channel_id_service_|.
   std::string channel_id_private_key_;
   std::string channel_id_cert_;
   // True if channel ID extension was negotiated.
   bool channel_id_xtn_negotiated_;
+  // True if the initial handshake has completed.
+  bool handshake_completed_;
+  // True if the initial handshake's certificate has been verified.
+  bool certificate_verified_;
   // The request handle for |channel_id_service_|.
   ChannelIDService::RequestHandle channel_id_request_handle_;
 
   TransportSecurityState* transport_security_state_;
 
   CertPolicyEnforcer* const policy_enforcer_;
 
   // pinning_failure_log contains a message produced by
   // TransportSecurityState::CheckPublicKeyPins in the event of a
   // pinning failure. It is a (somewhat) human-readable string.
   std::string pinning_failure_log_;
 
   BoundNetLog net_log_;
   base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
 };
 
 }  // namespace net
 
 #endif  // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_