diff options
| author | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-15 00:20:11 +0000 |
|---|---|---|
| committer | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-15 00:20:11 +0000 |
| commit | aaead5019627818c93693fdb6ec04d47b47c17f2 (patch) | |
| tree | 6ff15880c597bb59a8c3def51d13ce492a4bb405 /net/base/ssl_client_socket_win.h | |
| parent | 1ad083f293cd321fa7d7c8f14e71816571c6c54f (diff) | |
| download | chromium_src-aaead5019627818c93693fdb6ec04d47b47c17f2.zip chromium_src-aaead5019627818c93693fdb6ec04d47b47c17f2.tar.gz chromium_src-aaead5019627818c93693fdb6ec04d47b47c17f2.tar.bz2 | |
Turn SSLClientSocket into an interface.
The original ssl_client_socket.{h,cc} are renamed
ssl_client_socket_win.{h,cc}.
The new ssl_client_socket.h defines the SSLClientSocket
interface, which simply extends the ClientSocket interface
with a new GetSSLInfo method.
ClientSocketFactory::CreateSSLClientSocket returns
SSLClientSocket* instead of ClientSocket*.
Replace the SSL protocol version mask parameter to the
constructor and factory method by a SSLConfig parameter.
R=darin
Review URL: http://codereview.chromium.org/7304
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@3387 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_client_socket_win.h')
| -rw-r--r-- | net/base/ssl_client_socket_win.h | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/net/base/ssl_client_socket_win.h b/net/base/ssl_client_socket_win.h new file mode 100644 index 0000000..403e7f3 --- /dev/null +++ b/net/base/ssl_client_socket_win.h @@ -0,0 +1,139 @@ +// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CLIENT_SOCKET_WIN_H_ +#define NET_BASE_SSL_CLIENT_SOCKET_WIN_H_ + +#define SECURITY_WIN32 // Needs to be defined before including security.h + +#include <windows.h> +#include <wincrypt.h> +#include <security.h> + +#include <string> + +#include "base/scoped_ptr.h" +#include "net/base/completion_callback.h" +#include "net/base/ssl_client_socket.h" +#include "net/base/ssl_config_service.h" + +namespace net { + +// An SSL client socket implemented with the Windows Schannel. +class SSLClientSocketWin : public SSLClientSocket { + public: + // Takes ownership of the transport_socket, which may already be connected. + // The given hostname will be compared with the name(s) in the server's + // certificate during the SSL handshake. ssl_config specifies the SSL + // settings. + SSLClientSocketWin(ClientSocket* transport_socket, + const std::string& hostname, + const SSLConfig& ssl_config); + ~SSLClientSocketWin(); + + // SSLClientSocket methods: + virtual void GetSSLInfo(SSLInfo* ssl_info); + + // ClientSocket methods: + virtual int Connect(CompletionCallback* callback); + virtual int ReconnectIgnoringLastError(CompletionCallback* callback); + virtual void Disconnect(); + virtual bool IsConnected() const; + + // Socket methods: + virtual int Read(char* buf, int buf_len, CompletionCallback* callback); + virtual int Write(const char* buf, int buf_len, CompletionCallback* callback); + + private: + void DoCallback(int result); + void OnIOComplete(int result); + + int DoLoop(int last_io_result); + int DoConnect(); + int DoConnectComplete(int result); + int DoHandshakeRead(); + int DoHandshakeReadComplete(int result); + int DoHandshakeWrite(); + int DoHandshakeWriteComplete(int result); + int DoPayloadRead(); + int DoPayloadReadComplete(int result); + int DoPayloadEncrypt(); + int DoPayloadWrite(); + int DoPayloadWriteComplete(int result); + + int DidCompleteHandshake(); + int VerifyServerCert(); + + CompletionCallbackImpl<SSLClientSocketWin> io_callback_; + scoped_ptr<ClientSocket> transport_; + std::string hostname_; + SSLConfig ssl_config_; + + CompletionCallback* user_callback_; + + // Used by both Read and Write functions. + char* user_buf_; + int user_buf_len_; + + enum State { + STATE_NONE, + STATE_CONNECT, + STATE_CONNECT_COMPLETE, + STATE_HANDSHAKE_READ, + STATE_HANDSHAKE_READ_COMPLETE, + STATE_HANDSHAKE_WRITE, + STATE_HANDSHAKE_WRITE_COMPLETE, + STATE_PAYLOAD_ENCRYPT, + STATE_PAYLOAD_WRITE, + STATE_PAYLOAD_WRITE_COMPLETE, + STATE_PAYLOAD_READ, + STATE_PAYLOAD_READ_COMPLETE, + }; + State next_state_; + + SecPkgContext_StreamSizes stream_sizes_; + PCCERT_CONTEXT server_cert_; + int server_cert_status_; + + CredHandle creds_; + CtxtHandle ctxt_; + SecBuffer send_buffer_; + scoped_array<char> payload_send_buffer_; + int payload_send_buffer_len_; + int bytes_sent_; + + // recv_buffer_ holds the received ciphertext. Since Schannel decrypts + // data in place, sometimes recv_buffer_ may contain decrypted plaintext and + // any undecrypted ciphertext. (Ciphertext is decrypted one full SSL record + // at a time.) + // + // If bytes_decrypted_ is 0, the received ciphertext is at the beginning of + // recv_buffer_, ready to be passed to DecryptMessage. + scoped_array<char> recv_buffer_; + char* decrypted_ptr_; // Points to the decrypted plaintext in recv_buffer_ + int bytes_decrypted_; // The number of bytes of decrypted plaintext. + char* received_ptr_; // Points to the received ciphertext in recv_buffer_ + int bytes_received_; // The number of bytes of received ciphertext. + + bool completed_handshake_; + + // Only used in the STATE_HANDSHAKE_READ_COMPLETE and + // STATE_PAYLOAD_READ_COMPLETE states. True if a 'result' argument of OK + // should be ignored, to prevent it from being interpreted as EOF. + // + // The reason we need this flag is that OK means not only "0 bytes of data + // were read" but also EOF. We set ignore_ok_result_ to true when we need + // to continue processing previously read data without reading more data. + // We have to pass a 'result' of OK to the DoLoop method, and don't want it + // to be interpreted as EOF. + bool ignore_ok_result_; + + // True if the user has no client certificate. + bool no_client_cert_; +}; + +} // namespace net + +#endif // NET_BASE_SSL_CLIENT_SOCKET_WIN_H_ + |