1 files changed, 89 insertions, 0 deletions

diff --git a/net/socket/ssl_host_info.h b/net/socket/ssl_host_info.h
new file mode 100644
index 0000000..8065b47
--- /dev/null
+++ b/net/socket/ssl_host_info.h
@@ -0,0 +1,89 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_SOCKET_SSL_HOST_INFO_H
+#define NET_SOCKET_SSL_HOST_INFO_H
+
+#include <string>
+#include <vector>
+
+#include "base/ref_counted.h"
+#include "net/base/completion_callback.h"
+#include "net/socket/ssl_client_socket.h"
+
+namespace net {
+
+// SSLHostInfo is an interface for fetching information about an SSL server.
+// This information may be stored on disk so does not include keys or session
+// information etc. Primarily it's intended for caching the server's
+// certificates.
+class SSLHostInfo {
+ public:
+  SSLHostInfo();
+  virtual ~SSLHostInfo();
+
+  // Start will commence the lookup. This must be called before any other
+  // methods. By opportunistically calling this early, it may be possible to
+  // overlap this object's lookup and reduce latency.
+  virtual void Start() = 0;
+
+  // WaitForDataReady returns OK if the fetch of the requested data has
+  // completed. Otherwise it returns ERR_IO_PENDING and will call |callback| on
+  // the current thread when ready.
+  //
+  // Only a single callback can be outstanding at a given time and, in the
+  // event that WaitForDataReady returns OK, it's the caller's responsibility
+  // to delete |callback|.
+  //
+  // |callback| may be NULL, in which case ERR_IO_PENDING may still be returned
+  // but, obviously, a callback will never be made.
+  virtual int WaitForDataReady(CompletionCallback* callback) = 0;
+
+  // Persist allows for the host information to be updated for future users.
+  // This is a fire and forget operation: the caller may drop its reference
+  // from this object and the store operation will still complete. This can
+  // only be called once WaitForDataReady has returned OK or called its
+  // callback.
+  virtual void Persist() = 0;
+
+  struct State {
+    // certs is a vector of DER encoded X.509 certificates, as the server
+    // returned them and in the same order.
+    std::vector<std::string> certs;
+    // server_hello contains the bytes of the ServerHello message (or may be
+    // empty if the server doesn't support Snap Start.)
+    std::string server_hello;
+    // npn_valid is true iff |npn_status| and |npn_protocol| is successful.
+    bool npn_valid;
+    // these members contain the NPN result of a connection to the server.
+    SSLClientSocket::NextProtoStatus npn_status;
+    std::string npn_protocol;
+  };
+
+  // Once the data is ready, it can be read using the following members. These
+  // members can then be updated before calling |Persist|.
+  const State& state() const;
+  State* mutable_state();
+
+ protected:
+  // Parse parses an opaque blob of data and fills out the public member fields
+  // of this object. It returns true iff the parse was successful. The public
+  // member fields will be set to something sane in any case.
+  bool Parse(const std::string& data);
+  std::string Serialize() const;
+  State state_;
+};
+
+class SSLHostInfoFactory {
+ public:
+  virtual ~SSLHostInfoFactory();
+
+  // GetForHost returns a fresh, allocated SSLHostInfo for the given hostname
+  // or NULL on failure.
+  virtual SSLHostInfo* GetForHost(const std::string& hostname) = 0;
+};
+
+}  // namespace net
+
+#endif  // NET_SOCKET_SSL_HOST_INFO_H