Blame - net/socket/client_socket_factory.cc - chromium/src.git

blob: b6efe1214c6f6cfc55bce552fca5ccab12ce29a2 [file] [log] [blame]

[email protected]	c940d37	2011-04-13 17:20:18	[diff] [blame]	1	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
license.bot	bf09a50	2008-08-24 00:55:55	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	4
[email protected]	f7984fc6	2009-06-22 23:26:44	[diff] [blame]	5	#include "net/socket/client_socket_factory.h"
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	6
[email protected]	625332e0	2010-12-14 07:48:49	[diff] [blame]	7	#include "base/lazy_instance.h"
[email protected]	68bf915	2008-09-25 19:47:30	[diff] [blame]	8	#include "build/build_config.h"
[email protected]	62635c7	2011-03-10 04:16:25	[diff] [blame]	9	#include "net/base/cert_database.h"
[email protected]	e60e47a	2010-07-14 03:37:18	[diff] [blame]	10	#include "net/socket/client_socket_handle.h"
[email protected]	68bf915	2008-09-25 19:47:30	[diff] [blame]	11	#if defined(OS_WIN)
[email protected]	2380f37	2011-02-23 21:35:19	[diff] [blame]	12	#include "net/socket/ssl_client_socket_nss.h"
[email protected]	f7984fc6	2009-06-22 23:26:44	[diff] [blame]	13	#include "net/socket/ssl_client_socket_win.h"
[email protected]	d518cd9	2010-09-29 12:27:44	[diff] [blame]	14	#elif defined(USE_OPENSSL)
				15	#include "net/socket/ssl_client_socket_openssl.h"
[email protected]	1a15730	2010-01-29 03:36:45	[diff] [blame]	16	#elif defined(USE_NSS)
[email protected]	f7984fc6	2009-06-22 23:26:44	[diff] [blame]	17	#include "net/socket/ssl_client_socket_nss.h"
[email protected]	b75523f	2008-10-17 14:49:07	[diff] [blame]	18	#elif defined(OS_MACOSX)
[email protected]	2380f37	2011-02-23 21:35:19	[diff] [blame]	19	#include "net/socket/ssl_client_socket_mac.h"
[email protected]	fd4f139f	2010-06-11 17:02:20	[diff] [blame]	20	#include "net/socket/ssl_client_socket_nss.h"
[email protected]	68bf915	2008-09-25 19:47:30	[diff] [blame]	21	#endif
[email protected]	d0672be	2010-10-20 16:30:19	[diff] [blame]	22	#include "net/socket/ssl_host_info.h"
[email protected]	f7984fc6	2009-06-22 23:26:44	[diff] [blame]	23	#include "net/socket/tcp_client_socket.h"
[email protected]	98b0e58	2011-06-22 14:31:41	[diff] [blame^]	24	#include "net/udp/udp_client_socket.h"
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	25
				26	namespace net {
				27
[email protected]	62635c7	2011-03-10 04:16:25	[diff] [blame]	28	class X509Certificate;
				29
[email protected]	abe48d3	2010-02-03 02:09:36	[diff] [blame]	30	namespace {
				31
[email protected]	2380f37	2011-02-23 21:35:19	[diff] [blame]	32	bool g_use_system_ssl = false;
[email protected]	abe48d3	2010-02-03 02:09:36	[diff] [blame]	33
[email protected]	62635c7	2011-03-10 04:16:25	[diff] [blame]	34	class DefaultClientSocketFactory : public ClientSocketFactory,
				35	public CertDatabase::Observer {
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	36	public:
[email protected]	62635c7	2011-03-10 04:16:25	[diff] [blame]	37	DefaultClientSocketFactory() {
				38	CertDatabase::AddObserver(this);
				39	}
				40
				41	virtual ~DefaultClientSocketFactory() {
				42	CertDatabase::RemoveObserver(this);
				43	}
				44
[email protected]	c940d37	2011-04-13 17:20:18	[diff] [blame]	45	virtual void OnUserCertAdded(const X509Certificate* cert) {
				46	ClearSSLSessionCache();
				47	}
				48
				49	virtual void OnCertTrustChanged(const X509Certificate* cert) {
				50	// Per wtc, we actually only need to flush when trust is reduced.
				51	// Always flush now because OnCertTrustChanged does not tell us this.
				52	// See comments in ClientSocketPoolManager::OnCertTrustChanged.
[email protected]	62635c7	2011-03-10 04:16:25	[diff] [blame]	53	ClearSSLSessionCache();
				54	}
				55
[email protected]	98b0e58	2011-06-22 14:31:41	[diff] [blame^]	56	virtual DatagramClientSocket* CreateDatagramClientSocket(
				57	NetLog* net_log,
				58	const NetLog::Source& source) {
				59	return new UDPClientSocket(net_log, source);
				60	}
				61
[email protected]	3268023f	2011-05-05 00:08:10	[diff] [blame]	62	virtual StreamSocket* CreateTransportClientSocket(
[email protected]	0a0b768	2010-08-25 17:08:07	[diff] [blame]	63	const AddressList& addresses,
				64	NetLog* net_log,
				65	const NetLog::Source& source) {
				66	return new TCPClientSocket(addresses, net_log, source);
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	67	}
				68
[email protected]	aaead50	2008-10-15 00:20:11	[diff] [blame]	69	virtual SSLClientSocket* CreateSSLClientSocket(
[email protected]	e60e47a	2010-07-14 03:37:18	[diff] [blame]	70	ClientSocketHandle* transport_socket,
[email protected]	4f4de7e6	2010-11-12 19:55:27	[diff] [blame]	71	const HostPortPair& host_and_port,
[email protected]	7ab5bbd1	2010-10-19 13:33:21	[diff] [blame]	72	const SSLConfig& ssl_config,
[email protected]	d8fbf58	2010-11-04 21:51:12	[diff] [blame]	73	SSLHostInfo* ssl_host_info,
[email protected]	822581d	2010-12-16 17:27:15	[diff] [blame]	74	CertVerifier* cert_verifier,
[email protected]	345c613b	2010-11-22 19:33:18	[diff] [blame]	75	DnsCertProvenanceChecker* dns_cert_checker) {
[email protected]	2380f37	2011-02-23 21:35:19	[diff] [blame]	76	scoped_ptr<SSLHostInfo> shi(ssl_host_info);
				77	#if defined(OS_WIN)
				78	if (g_use_system_ssl) {
				79	return new SSLClientSocketWin(transport_socket, host_and_port,
				80	ssl_config, cert_verifier);
				81	}
				82	return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
				83	shi.release(), cert_verifier,
				84	dns_cert_checker);
				85	#elif defined(USE_OPENSSL)
				86	return new SSLClientSocketOpenSSL(transport_socket, host_and_port,
				87	ssl_config, cert_verifier);
				88	#elif defined(USE_NSS)
				89	return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
				90	shi.release(), cert_verifier,
				91	dns_cert_checker);
				92	#elif defined(OS_MACOSX)
				93	if (g_use_system_ssl) {
				94	return new SSLClientSocketMac(transport_socket, host_and_port,
				95	ssl_config, cert_verifier);
				96	}
				97	return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
				98	shi.release(), cert_verifier,
				99	dns_cert_checker);
				100	#else
				101	NOTIMPLEMENTED();
				102	return NULL;
				103	#endif
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	104	}
[email protected]	25f4735	2011-02-25 16:31:59	[diff] [blame]	105
				106	// TODO(rch): This is only implemented for the NSS SSL library, which is the
				107	/// default for Windows, Mac and Linux, but we should implement it everywhere.
				108	void ClearSSLSessionCache() {
				109	#if defined(OS_WIN)
				110	if (!g_use_system_ssl)
				111	SSLClientSocketNSS::ClearSessionCache();
				112	#elif defined(USE_OPENSSL)
				113	// no-op
				114	#elif defined(USE_NSS)
				115	SSLClientSocketNSS::ClearSessionCache();
				116	#elif defined(OS_MACOSX)
				117	if (!g_use_system_ssl)
				118	SSLClientSocketNSS::ClearSessionCache();
				119	#else
				120	NOTIMPLEMENTED();
				121	#endif
				122	}
				123
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	124	};
				125
[email protected]	625332e0	2010-12-14 07:48:49	[diff] [blame]	126	static base::LazyInstance<DefaultClientSocketFactory>
				127	g_default_client_socket_factory(base::LINKER_INITIALIZED);
				128
[email protected]	abe48d3	2010-02-03 02:09:36	[diff] [blame]	129	} // namespace
				130
[email protected]	3268023f	2011-05-05 00:08:10	[diff] [blame]	131	// Deprecated function (http://crbug.com/37810) that takes a StreamSocket.
[email protected]	e60e47a	2010-07-14 03:37:18	[diff] [blame]	132	SSLClientSocket* ClientSocketFactory::CreateSSLClientSocket(
[email protected]	3268023f	2011-05-05 00:08:10	[diff] [blame]	133	StreamSocket* transport_socket,
[email protected]	4f4de7e6	2010-11-12 19:55:27	[diff] [blame]	134	const HostPortPair& host_and_port,
[email protected]	7ab5bbd1	2010-10-19 13:33:21	[diff] [blame]	135	const SSLConfig& ssl_config,
[email protected]	822581d	2010-12-16 17:27:15	[diff] [blame]	136	SSLHostInfo* ssl_host_info,
				137	CertVerifier* cert_verifier) {
[email protected]	e60e47a	2010-07-14 03:37:18	[diff] [blame]	138	ClientSocketHandle* socket_handle = new ClientSocketHandle();
				139	socket_handle->set_socket(transport_socket);
[email protected]	4f4de7e6	2010-11-12 19:55:27	[diff] [blame]	140	return CreateSSLClientSocket(socket_handle, host_and_port, ssl_config,
[email protected]	822581d	2010-12-16 17:27:15	[diff] [blame]	141	ssl_host_info, cert_verifier,
[email protected]	345c613b	2010-11-22 19:33:18	[diff] [blame]	142	NULL /* DnsCertProvenanceChecker */);
[email protected]	e60e47a	2010-07-14 03:37:18	[diff] [blame]	143	}
				144
[email protected]	d100e44f	2011-01-26 22:47:11	[diff] [blame]	145	// static
				146	ClientSocketFactory* ClientSocketFactory::GetDefaultFactory() {
				147	return g_default_client_socket_factory.Pointer();
				148	}
				149
				150	// static
[email protected]	2380f37	2011-02-23 21:35:19	[diff] [blame]	151	void ClientSocketFactory::UseSystemSSL() {
				152	g_use_system_ssl = true;
[email protected]	d100e44f	2011-01-26 22:47:11	[diff] [blame]	153	}
				154
initial.commit	586acc5fe	2008-07-26 22:42:52	[diff] [blame]	155	} // namespace net