summaryrefslogtreecommitdiffstats
path: root/net/base/ssl_client_socket_win.h
diff options
context:
space:
mode:
authorwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-02-03 16:51:15 +0000
committerwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-02-03 16:51:15 +0000
commitdedb594391d9ec31a6eac1eccbdd754ac2ce5ed7 (patch)
treecac5603ceb1a8dd526624c428d6ffd6eafaf3de5 /net/base/ssl_client_socket_win.h
parent7f969d6b73d925d306032565179d6b2109646ee0 (diff)
downloadchromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.zip
chromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.tar.gz
chromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.tar.bz2
Move certificate verification off the IO thread.
Move the MapNetErrorToCertStatus and MapCertStatusToNetError functions to cert_status_flags.h so they can be shared with Mac and Linux code. Move the certificate verification function to the X509Certificate class. Right now X509Certificate::Verify is only implemented on Windows. R=eroman BUG=3592 Review URL: http://codereview.chromium.org/14915 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9084 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_client_socket_win.h')
-rw-r--r--net/base/ssl_client_socket_win.h12
1 files changed, 9 insertions, 3 deletions
diff --git a/net/base/ssl_client_socket_win.h b/net/base/ssl_client_socket_win.h
index 58a035e..c0b5243 100644
--- a/net/base/ssl_client_socket_win.h
+++ b/net/base/ssl_client_socket_win.h
@@ -14,6 +14,8 @@
#include <string>
#include "base/scoped_ptr.h"
+#include "net/base/cert_verifier.h"
+#include "net/base/cert_verify_result.h"
#include "net/base/completion_callback.h"
#include "net/base/ssl_client_socket.h"
#include "net/base/ssl_config_service.h"
@@ -56,6 +58,8 @@ class SSLClientSocketWin : public SSLClientSocket {
int DoHandshakeReadComplete(int result);
int DoHandshakeWrite();
int DoHandshakeWriteComplete(int result);
+ int DoVerifyCert();
+ int DoVerifyCertComplete(int result);
int DoPayloadRead();
int DoPayloadReadComplete(int result);
int DoPayloadEncrypt();
@@ -63,8 +67,7 @@ class SSLClientSocketWin : public SSLClientSocket {
int DoPayloadWriteComplete(int result);
int DidCompleteHandshake();
- static void LogConnectionTypeMetrics(PCCERT_CHAIN_CONTEXT chain_context);
- int VerifyServerCert();
+ void LogConnectionTypeMetrics() const;
CompletionCallbackImpl<SSLClientSocketWin> io_callback_;
scoped_ptr<ClientSocket> transport_;
@@ -85,6 +88,8 @@ class SSLClientSocketWin : public SSLClientSocket {
STATE_HANDSHAKE_READ_COMPLETE,
STATE_HANDSHAKE_WRITE,
STATE_HANDSHAKE_WRITE_COMPLETE,
+ STATE_VERIFY_CERT,
+ STATE_VERIFY_CERT_COMPLETE,
STATE_PAYLOAD_ENCRYPT,
STATE_PAYLOAD_WRITE,
STATE_PAYLOAD_WRITE_COMPLETE,
@@ -95,7 +100,8 @@ class SSLClientSocketWin : public SSLClientSocket {
SecPkgContext_StreamSizes stream_sizes_;
PCCERT_CONTEXT server_cert_;
- int server_cert_status_;
+ CertVerifier verifier_;
+ CertVerifyResult server_cert_verify_result_;
CredHandle* creds_;
CtxtHandle ctxt_;
generated by cgit v1.1 at 2025-02-14 18:49:20 +0000