diff options
| author | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-08-14 20:33:25 +0000 |
|---|---|---|
| committer | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-08-14 20:33:25 +0000 |
| commit | 4628a2a1293b6661630162edfce543998c69f105 (patch) | |
| tree | 40b2ffaf5d0f56c27b56aa44391bd0271bcb8302 /net/base/ssl_client_socket.h | |
| parent | 0297f4f98eedef215784483827deb2356f44e7ca (diff) | |
| download | chromium_src-4628a2a1293b6661630162edfce543998c69f105.zip chromium_src-4628a2a1293b6661630162edfce543998c69f105.tar.gz chromium_src-4628a2a1293b6661630162edfce543998c69f105.tar.bz2 | |
First cut at implementing SSLClientSocket using Schannel.
Not implemented:
- Handling certificate errors
- Handling session renegotiation
- Sending the close_notify alert
- Miscellaneous TODOs and DCHECKs in the code.
R=darin
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@884 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_client_socket.h')
| -rw-r--r-- | net/base/ssl_client_socket.h | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/net/base/ssl_client_socket.h b/net/base/ssl_client_socket.h index 3e1779f..8711e2a 100644 --- a/net/base/ssl_client_socket.h +++ b/net/base/ssl_client_socket.h @@ -43,6 +43,8 @@ namespace net { +class SSLInfo; + // A client socket that uses SSL as the transport layer. // // NOTE: The SSL handshake occurs within the Connect method after a TCP @@ -68,6 +70,9 @@ class SSLClientSocket : public ClientSocket { virtual int Read(char* buf, int buf_len, CompletionCallback* callback); virtual int Write(const char* buf, int buf_len, CompletionCallback* callback); + // Gets the SSL connection information of the socket. + void GetSSLInfo(SSLInfo* ssl_info); + private: void DoCallback(int result); void OnIOComplete(int result); @@ -81,6 +86,7 @@ class SSLClientSocket : public ClientSocket { int DoHandshakeWriteComplete(int result); int DoPayloadRead(); int DoPayloadReadComplete(int result); + int DoPayloadEncrypt(); int DoPayloadWrite(); int DoPayloadWriteComplete(int result); @@ -104,6 +110,7 @@ class SSLClientSocket : public ClientSocket { STATE_HANDSHAKE_READ_COMPLETE, STATE_HANDSHAKE_WRITE, STATE_HANDSHAKE_WRITE_COMPLETE, + STATE_PAYLOAD_ENCRYPT, STATE_PAYLOAD_WRITE, STATE_PAYLOAD_WRITE_COMPLETE, STATE_PAYLOAD_READ, @@ -116,12 +123,35 @@ class SSLClientSocket : public ClientSocket { CredHandle creds_; CtxtHandle ctxt_; SecBuffer send_buffer_; + scoped_array<char> payload_send_buffer_; + int payload_send_buffer_len_; int bytes_sent_; + // recv_buffer_ holds the received ciphertext. Since Schannel decrypts + // data in place, sometimes recv_buffer_ may contain decrypted plaintext and + // any undecrypted ciphertext. (Ciphertext is decrypted one full SSL record + // at a time.) + // + // If bytes_decrypted_ is 0, the received ciphertext is at the beginning of + // recv_buffer_, ready to be passed to DecryptMessage. scoped_array<char> recv_buffer_; - int bytes_received_; + char* decrypted_ptr_; // Points to the decrypted plaintext in recv_buffer_ + int bytes_decrypted_; // The number of bytes of decrypted plaintext. + char* received_ptr_; // Points to the received ciphertext in recv_buffer_ + int bytes_received_; // The number of bytes of received ciphertext. bool completed_handshake_; + + // Only used in the STATE_HANDSHAKE_READ_COMPLETE and + // STATE_PAYLOAD_READ_COMPLETE states. True if a 'result' argument of OK + // should be ignored, to prevent it from being interpreted as EOF. + // + // The reason we need this flag is that OK means not only "0 bytes of data + // were read" but also EOF. We set ignore_ok_result_ to true when we need + // to continue processing previously read data without reading more data. + // We have to pass a 'result' of OK to the DoLoop method, and don't want it + // to be interpreted as EOF. + bool ignore_ok_result_; }; } // namespace net |