blob: 60daef4d19fd24e096cab5024d74ff26eecb29fc [file] [log] [blame]
[email protected]c940d372011-04-13 17:20:181// Copyright (c) 2011 The Chromium Authors. All rights reserved.
license.botbf09a502008-08-24 00:55:552// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
initial.commit586acc5fe2008-07-26 22:42:524
[email protected]f7984fc62009-06-22 23:26:445#include "net/socket/client_socket_factory.h"
initial.commit586acc5fe2008-07-26 22:42:526
[email protected]625332e02010-12-14 07:48:497#include "base/lazy_instance.h"
[email protected]68bf9152008-09-25 19:47:308#include "build/build_config.h"
[email protected]62635c72011-03-10 04:16:259#include "net/base/cert_database.h"
[email protected]e60e47a2010-07-14 03:37:1810#include "net/socket/client_socket_handle.h"
[email protected]68bf9152008-09-25 19:47:3011#if defined(OS_WIN)
[email protected]2380f372011-02-23 21:35:1912#include "net/socket/ssl_client_socket_nss.h"
[email protected]f7984fc62009-06-22 23:26:4413#include "net/socket/ssl_client_socket_win.h"
[email protected]d518cd92010-09-29 12:27:4414#elif defined(USE_OPENSSL)
15#include "net/socket/ssl_client_socket_openssl.h"
[email protected]1a157302010-01-29 03:36:4516#elif defined(USE_NSS)
[email protected]f7984fc62009-06-22 23:26:4417#include "net/socket/ssl_client_socket_nss.h"
[email protected]b75523f2008-10-17 14:49:0718#elif defined(OS_MACOSX)
[email protected]2380f372011-02-23 21:35:1919#include "net/socket/ssl_client_socket_mac.h"
[email protected]fd4f139f2010-06-11 17:02:2020#include "net/socket/ssl_client_socket_nss.h"
[email protected]68bf9152008-09-25 19:47:3021#endif
[email protected]d0672be2010-10-20 16:30:1922#include "net/socket/ssl_host_info.h"
[email protected]f7984fc62009-06-22 23:26:4423#include "net/socket/tcp_client_socket.h"
[email protected]98b0e582011-06-22 14:31:4124#include "net/udp/udp_client_socket.h"
initial.commit586acc5fe2008-07-26 22:42:5225
26namespace net {
27
[email protected]62635c72011-03-10 04:16:2528class X509Certificate;
29
[email protected]abe48d32010-02-03 02:09:3630namespace {
31
[email protected]2380f372011-02-23 21:35:1932bool g_use_system_ssl = false;
[email protected]abe48d32010-02-03 02:09:3633
[email protected]62635c72011-03-10 04:16:2534class DefaultClientSocketFactory : public ClientSocketFactory,
35 public CertDatabase::Observer {
initial.commit586acc5fe2008-07-26 22:42:5236 public:
[email protected]62635c72011-03-10 04:16:2537 DefaultClientSocketFactory() {
38 CertDatabase::AddObserver(this);
39 }
40
41 virtual ~DefaultClientSocketFactory() {
42 CertDatabase::RemoveObserver(this);
43 }
44
[email protected]c940d372011-04-13 17:20:1845 virtual void OnUserCertAdded(const X509Certificate* cert) {
46 ClearSSLSessionCache();
47 }
48
49 virtual void OnCertTrustChanged(const X509Certificate* cert) {
50 // Per wtc, we actually only need to flush when trust is reduced.
51 // Always flush now because OnCertTrustChanged does not tell us this.
52 // See comments in ClientSocketPoolManager::OnCertTrustChanged.
[email protected]62635c72011-03-10 04:16:2553 ClearSSLSessionCache();
54 }
55
[email protected]98b0e582011-06-22 14:31:4156 virtual DatagramClientSocket* CreateDatagramClientSocket(
[email protected]5370c012011-06-29 03:47:0457 DatagramSocket::BindType bind_type,
58 const RandIntCallback& rand_int_cb,
[email protected]98b0e582011-06-22 14:31:4159 NetLog* net_log,
60 const NetLog::Source& source) {
[email protected]5370c012011-06-29 03:47:0461 return new UDPClientSocket(bind_type, rand_int_cb, net_log, source);
[email protected]98b0e582011-06-22 14:31:4162 }
63
[email protected]3268023f2011-05-05 00:08:1064 virtual StreamSocket* CreateTransportClientSocket(
[email protected]0a0b7682010-08-25 17:08:0765 const AddressList& addresses,
66 NetLog* net_log,
67 const NetLog::Source& source) {
68 return new TCPClientSocket(addresses, net_log, source);
initial.commit586acc5fe2008-07-26 22:42:5269 }
70
[email protected]aaead502008-10-15 00:20:1171 virtual SSLClientSocket* CreateSSLClientSocket(
[email protected]e60e47a2010-07-14 03:37:1872 ClientSocketHandle* transport_socket,
[email protected]4f4de7e62010-11-12 19:55:2773 const HostPortPair& host_and_port,
[email protected]7ab5bbd12010-10-19 13:33:2174 const SSLConfig& ssl_config,
[email protected]d8fbf582010-11-04 21:51:1275 SSLHostInfo* ssl_host_info,
[email protected]feb79bcd2011-07-21 16:55:1776 const SSLClientSocketContext& context) {
[email protected]2380f372011-02-23 21:35:1977 scoped_ptr<SSLHostInfo> shi(ssl_host_info);
[email protected]feb79bcd2011-07-21 16:55:1778
[email protected]2380f372011-02-23 21:35:1979#if defined(OS_WIN)
80 if (g_use_system_ssl) {
81 return new SSLClientSocketWin(transport_socket, host_and_port,
[email protected]feb79bcd2011-07-21 16:55:1782 ssl_config, context);
[email protected]2380f372011-02-23 21:35:1983 }
84 return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
[email protected]feb79bcd2011-07-21 16:55:1785 shi.release(), context);
[email protected]2380f372011-02-23 21:35:1986#elif defined(USE_OPENSSL)
87 return new SSLClientSocketOpenSSL(transport_socket, host_and_port,
[email protected]feb79bcd2011-07-21 16:55:1788 ssl_config, context);
[email protected]2380f372011-02-23 21:35:1989#elif defined(USE_NSS)
90 return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
[email protected]feb79bcd2011-07-21 16:55:1791 shi.release(), context);
[email protected]2380f372011-02-23 21:35:1992#elif defined(OS_MACOSX)
93 if (g_use_system_ssl) {
94 return new SSLClientSocketMac(transport_socket, host_and_port,
[email protected]feb79bcd2011-07-21 16:55:1795 ssl_config, context);
[email protected]2380f372011-02-23 21:35:1996 }
97 return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config,
[email protected]feb79bcd2011-07-21 16:55:1798 shi.release(), context);
[email protected]2380f372011-02-23 21:35:1999#else
100 NOTIMPLEMENTED();
101 return NULL;
102#endif
initial.commit586acc5fe2008-07-26 22:42:52103 }
[email protected]25f47352011-02-25 16:31:59104
[email protected]25f47352011-02-25 16:31:59105 void ClearSSLSessionCache() {
[email protected]c3456bb2011-12-12 22:22:19106 SSLClientSocket::ClearSessionCache();
[email protected]25f47352011-02-25 16:31:59107 }
108
initial.commit586acc5fe2008-07-26 22:42:52109};
110
[email protected]625332e02010-12-14 07:48:49111static base::LazyInstance<DefaultClientSocketFactory>
[email protected]6de0fd1d2011-11-15 13:31:49112 g_default_client_socket_factory = LAZY_INSTANCE_INITIALIZER;
[email protected]625332e02010-12-14 07:48:49113
[email protected]abe48d32010-02-03 02:09:36114} // namespace
115
[email protected]3268023f2011-05-05 00:08:10116// Deprecated function (http://crbug.com/37810) that takes a StreamSocket.
[email protected]e60e47a2010-07-14 03:37:18117SSLClientSocket* ClientSocketFactory::CreateSSLClientSocket(
[email protected]3268023f2011-05-05 00:08:10118 StreamSocket* transport_socket,
[email protected]4f4de7e62010-11-12 19:55:27119 const HostPortPair& host_and_port,
[email protected]7ab5bbd12010-10-19 13:33:21120 const SSLConfig& ssl_config,
[email protected]822581d2010-12-16 17:27:15121 SSLHostInfo* ssl_host_info,
[email protected]feb79bcd2011-07-21 16:55:17122 const SSLClientSocketContext& context) {
[email protected]e60e47a2010-07-14 03:37:18123 ClientSocketHandle* socket_handle = new ClientSocketHandle();
124 socket_handle->set_socket(transport_socket);
[email protected]4f4de7e62010-11-12 19:55:27125 return CreateSSLClientSocket(socket_handle, host_and_port, ssl_config,
[email protected]feb79bcd2011-07-21 16:55:17126 ssl_host_info, context);
[email protected]e60e47a2010-07-14 03:37:18127}
128
[email protected]d100e44f2011-01-26 22:47:11129// static
130ClientSocketFactory* ClientSocketFactory::GetDefaultFactory() {
131 return g_default_client_socket_factory.Pointer();
132}
133
134// static
[email protected]2380f372011-02-23 21:35:19135void ClientSocketFactory::UseSystemSSL() {
136 g_use_system_ssl = true;
[email protected]d100e44f2011-01-26 22:47:11137}
138
initial.commit586acc5fe2008-07-26 22:42:52139} // namespace net