Google Git
Sign in
chromium / chromium / src.git / ee0f2aa87450620626ea9d4ea49c40272dffa308^! / . / net / socket / ssl_client_socket_openssl.h
commitee0f2aa87450620626ea9d4ea49c40272dffa308[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri Oct 25 11:59:26 2013
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri Oct 25 11:59:26 2013
treeeac0594d8a3366d71d86cd6ebaa37ceccaf874f7
parent34e50af4a1c188252552352312690356c2bb3821 [diff] [blame]
Enable TLS Channel ID for the openssl implementation of SSLClientSocket.

BUG=306176

Review URL: https://codereview.chromium.org/32813002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@231003 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h
index f66d95c..03e51e1c 100644
--- a/net/socket/ssl_client_socket_openssl.h
+++ b/net/socket/ssl_client_socket_openssl.h

@@ -15,6 +15,7 @@
 #include "net/cert/cert_verify_result.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
+#include "net/ssl/server_bound_cert_service.h"
 #include "net/ssl/ssl_config_service.h"
 
 // Avoid including misc OpenSSL headers, i.e.:
@@ -56,6 +57,10 @@
   // a certificate for this client.
   int ClientCertRequestCallback(SSL* ssl, X509** x509, EVP_PKEY** pkey);
 
+  // Callback from the SSL layer that indicates the remote server supports TLS
+  // Channel IDs.
+  void ChannelIDRequestCallback(SSL* ssl, EVP_PKEY** pkey);
+
   // Callback from the SSL layer to check which NPN protocol we are supporting
   int SelectNextProtoCallback(unsigned char** out, unsigned char* outlen,
                               const unsigned char* in, unsigned int inlen);
@@ -170,6 +175,9 @@
   CertVerifier* const cert_verifier_;
   scoped_ptr<SingleRequestCertVerifier> verifier_;
 
+  // The service for retrieving Channel ID keys.  May be NULL.
+  ServerBoundCertService* server_bound_cert_service_;
+
   // OpenSSL stuff
   SSL* ssl_;
   BIO* transport_bio_;
@@ -195,6 +203,15 @@
   NextProtoStatus npn_status_;
   std::string npn_proto_;
   std::string server_protos_;
+  // Written by the |server_bound_cert_service_|.
+  std::string channel_id_private_key_;
+  std::string channel_id_cert_;
+  // The return value of the last call to |server_bound_cert_service_|.
+  int channel_id_request_return_value_;
+  // True if channel ID extension was negotiated.
+  bool channel_id_xtn_negotiated_;
+  // The request handle for |server_bound_cert_service_|.
+  ServerBoundCertService::RequestHandle channel_id_request_handle_;
   BoundNetLog net_log_;
 };