Specify new methods for supporting SSL client authentication.

See the changes to url_request.h and ssl_cert_request_info.h.

They are similar to the methods for handling SSL certificate
errors and HTTP authentication.

The handling of servers that request but don't require SSL
client authentication is reimplemented using the new methods.

R=rvargas,eroman
BUG=http://crbug.com/318
TEST=none
Review URL: http://codereview.chromium.org/118039

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@18322 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 37 insertions, 0 deletions

diff --git a/net/base/ssl_cert_request_info.h b/net/base/ssl_cert_request_info.h
new file mode 100644
index 0000000..2529d87
--- /dev/null
+++ b/net/base/ssl_cert_request_info.h
@@ -0,0 +1,37 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_BASE_SSL_CERT_REQUEST_INFO_H_
+#define NET_BASE_SSL_CERT_REQUEST_INFO_H_
+
+#include <string>
+#include <vector>
+
+#include "base/ref_counted.h"
+
+namespace net {
+
+class X509Certificate;
+
+// The SSLCertRequestInfo class contains the info that allows a user to
+// select a certificate to send to the SSL server for client authentication.
+class SSLCertRequestInfo
+    : public base::RefCountedThreadSafe<SSLCertRequestInfo> {
+ public:
+  // The host and port of the SSL server that requested client authentication.
+  std::string host_and_port;
+
+  // A list of client certificates that match the server's criteria in the
+  // SSL CertificateRequest message.  In TLS 1.0, the CertificateRequest
+  // message is defined as:
+  //   struct {
+  //       ClientCertificateType certificate_types<1..2^8-1>;
+  //       DistinguishedName certificate_authorities<3..2^16-1>;
+  //   } CertificateRequest;
+  std::vector<scoped_refptr<X509Certificate> > client_certs;
+};
+
+}  // namespace net
+
+#endif  // NET_BASE_SSL_CERT_REQUEST_INFO_H_