Upstream version 11.39.250.0

[platform/framework/web/crosswalk.git] / src / net / socket / ssl_client_socket_openssl.h

diff --git a/src/net/socket/ssl_client_socket_openssl.h b/src/net/socket/ssl_client_socket_openssl.h
index 0bf8eaf..0493827 100644 (file)
--- a/src/net/socket/ssl_client_socket_openssl.h
+++ b/src/net/socket/ssl_client_socket_openssl.h
@@ -13,6 +13,7 @@
 #include "net/base/completion_callback.h"
 #include "net/base/io_buffer.h"
 #include "net/cert/cert_verify_result.h"
+#include "net/cert/ct_verify_result.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
 #include "net/ssl/channel_id_service.h"
@@ -34,6 +35,7 @@ typedef struct x509_store_ctx_st X509_STORE_CTX;
 namespace net {
 
 class CertVerifier;
+class CTVerifier;
 class SingleRequestCertVerifier;
 class SSLCertRequestInfo;
 class SSLInfo;
@@ -57,6 +59,7 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   }
 
   // SSLClientSocket implementation.
+  virtual std::string GetSessionCacheKey() const OVERRIDE;
   virtual bool InSessionCache() const OVERRIDE;
   virtual void SetHandshakeCompletionCallback(
       const base::Closure& callback) OVERRIDE;
@@ -110,8 +113,6 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   void DoReadCallback(int result);
   void DoWriteCallback(int result);
 
-  // Compute a unique key string for the SSL session cache.
-  std::string GetSessionCacheKey() const;
   void OnHandshakeCompletion();
 
   bool DoTransportIO();
@@ -121,15 +122,16 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   int DoVerifyCert(int result);
   int DoVerifyCertComplete(int result);
   void DoConnectCallback(int result);
-  X509Certificate* UpdateServerCert();
+  void UpdateServerCert();
+  void VerifyCT();
 
   void OnHandshakeIOComplete(int result);
   void OnSendComplete(int result);
   void OnRecvComplete(int result);
 
   int DoHandshakeLoop(int last_io_result);
-  int DoReadLoop(int result);
-  int DoWriteLoop(int result);
+  int DoReadLoop();
+  int DoWriteLoop();
   int DoPayloadRead();
   int DoPayloadWrite();
 
@@ -174,6 +176,13 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
 
   void CheckIfHandshakeFinished();
 
+  // Adds the SignedCertificateTimestamps from ct_verify_result_ to |ssl_info|.
+  // SCTs are held in three separate vectors in ct_verify_result, each
+  // vetor representing a particular verification state, this method associates
+  // each of the SCTs with the corresponding SCTVerifyStatus as it adds it to
+  // the |ssl_info|.signed_certificate_timestamps list.
+  void AddSCTInfoToSSLInfo(SSLInfo* ssl_info) const;
+
   bool transport_send_busy_;
   bool transport_recv_busy_;
 
@@ -184,8 +193,6 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   CompletionCallback user_read_callback_;
   CompletionCallback user_write_callback_;
 
-  base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
-
   // Used by Read function.
   scoped_refptr<IOBuffer> user_read_buf_;
   int user_read_buf_len_;
@@ -233,6 +240,11 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
 
   CertVerifier* const cert_verifier_;
   scoped_ptr<SingleRequestCertVerifier> verifier_;
+  base::TimeTicks start_cert_verification_time_;
+
+  // Certificate Transparency: Verifier and result holder.
+  ct::CTVerifyResult ct_verify_result_;
+  CTVerifier* cert_transparency_verifier_;
 
   // The service for retrieving Channel ID keys.  May be NULL.
   ChannelIDService* channel_id_service_;
@@ -290,6 +302,7 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   std::string pinning_failure_log_;
 
   BoundNetLog net_log_;
+  base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
 };
 
 }  // namespace net