diff options
| author | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-08 02:45:39 +0000 |
|---|---|---|
| committer | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-08 02:45:39 +0000 |
| commit | 61f3ddf4645c33f546e3b80058514966253a4342 (patch) | |
| tree | 83999385dd746a7c6781879a89f550634d94e656 /net/socket/ssl_client_socket.h | |
| parent | d3ecc939b68dbb3ee922d2fd04d89230c7b62733 (diff) | |
| download | chromium_src-61f3ddf4645c33f546e3b80058514966253a4342.zip chromium_src-61f3ddf4645c33f546e3b80058514966253a4342.tar.gz chromium_src-61f3ddf4645c33f546e3b80058514966253a4342.tar.bz2 | |
Adds support for the credentials frame.
Need to allow spdy sessions to see if the underlying socket is required
OBCs. If so, and if pooling a connection, then we need to generate a
CREDENTIALS frame for this origin.
Need to add support for the RST_FRAME status code of INVALID CREDENTIALS
Review URL: http://codereview.chromium.org/9294001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@120923 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/ssl_client_socket.h')
| -rw-r--r-- | net/socket/ssl_client_socket.h | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h index 0637f4c..cc346c0 100644 --- a/net/socket/ssl_client_socket.h +++ b/net/socket/ssl_client_socket.h @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -11,6 +11,7 @@ #include "net/base/completion_callback.h" #include "net/base/load_flags.h" #include "net/base/net_errors.h" +#include "net/base/ssl_client_cert_type.h" #include "net/socket/ssl_socket.h" #include "net/socket/stream_socket.h" @@ -140,13 +141,21 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { virtual void set_protocol_negotiated( SSLClientSocket::NextProto protocol_negotiated); + // Returns the OriginBoundCertService used by this socket, or NULL if + // origin bound certificates are not supported. + virtual OriginBoundCertService* GetOriginBoundCertService() const = 0; + // Returns true if an origin bound certificate was sent on this connection. // This may be useful for protocols, like SPDY, which allow the same // connection to be shared between multiple origins, each of which need // an origin bound certificate. - virtual bool was_origin_bound_cert_sent() const; + virtual bool WasOriginBoundCertSent() const; + + // Returns the type of the origin bound cert that was sent, or + // CLIENT_CERT_INVALID_TYPE if none was sent. + virtual SSLClientCertType origin_bound_cert_type() const; - virtual bool set_was_origin_bound_cert_sent(bool sent); + virtual SSLClientCertType set_origin_bound_cert_type(SSLClientCertType type); private: // True if NPN was responded to, independent of selecting SPDY or HTTP. @@ -155,8 +164,9 @@ class NET_EXPORT SSLClientSocket : public SSLSocket { bool was_spdy_negotiated_; // Protocol that we negotiated with the server. SSLClientSocket::NextProto protocol_negotiated_; - // True if an origin bound certificate was sent. - bool was_origin_bound_cert_sent_; + // Type of the origin bound cert that was sent, or CLIENT_CERT_INVALID_TYPE + // if none was sent. + SSLClientCertType origin_bound_cert_type_; }; } // namespace net |