1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ 7 8 #include <Security/Security.h> 9 10 #include <string> 11 #include <vector> 12 13 #include "base/scoped_ptr.h" 14 #include "net/base/cert_verify_result.h" 15 #include "net/base/completion_callback.h" 16 #include "net/base/ssl_config_service.h" 17 #include "net/socket/ssl_client_socket.h" 18 19 namespace net { 20 21 class CertVerifier; 22 class LoadLog; 23 24 // An SSL client socket implemented with Secure Transport. 25 class SSLClientSocketMac : public SSLClientSocket { 26 public: 27 // Takes ownership of the transport_socket, which may already be connected. 28 // The given hostname will be compared with the name(s) in the server's 29 // certificate during the SSL handshake. ssl_config specifies the SSL 30 // settings. 31 SSLClientSocketMac(ClientSocket* transport_socket, 32 const std::string& hostname, 33 const SSLConfig& ssl_config); 34 ~SSLClientSocketMac(); 35 36 // SSLClientSocket methods: 37 virtual void GetSSLInfo(SSLInfo* ssl_info); 38 virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); 39 virtual NextProtoStatus GetNextProto(std::string* proto); 40 41 // ClientSocket methods: 42 virtual int Connect(CompletionCallback* callback, LoadLog* load_log); 43 virtual void Disconnect(); 44 virtual bool IsConnected() const; 45 virtual bool IsConnectedAndIdle() const; 46 virtual int GetPeerName(struct sockaddr* name, socklen_t* namelen); 47 48 // Socket methods: 49 virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback); 50 virtual int Write(IOBuffer* buf, int buf_len, CompletionCallback* callback); 51 virtual bool SetReceiveBufferSize(int32 size); 52 virtual bool SetSendBufferSize(int32 size); 53 54 private: 55 // Initializes the SSLContext. Returns a net error code. 56 int InitializeSSLContext(); 57 58 void DoConnectCallback(int result); 59 void DoReadCallback(int result); 60 void DoWriteCallback(int result); 61 void OnHandshakeIOComplete(int result); 62 void OnTransportReadComplete(int result); 63 void OnTransportWriteComplete(int result); 64 65 int DoHandshakeLoop(int last_io_result); 66 67 int DoPayloadRead(); 68 int DoPayloadWrite(); 69 int DoHandshakeStart(); 70 int DoVerifyCert(); 71 int DoVerifyCertComplete(int result); 72 int DoHandshakeFinish(); 73 74 static OSStatus SSLReadCallback(SSLConnectionRef connection, 75 void* data, 76 size_t* data_length); 77 static OSStatus SSLWriteCallback(SSLConnectionRef connection, 78 const void* data, 79 size_t* data_length); 80 81 CompletionCallbackImpl<SSLClientSocketMac> handshake_io_callback_; 82 CompletionCallbackImpl<SSLClientSocketMac> transport_read_callback_; 83 CompletionCallbackImpl<SSLClientSocketMac> transport_write_callback_; 84 85 scoped_ptr<ClientSocket> transport_; 86 std::string hostname_; 87 SSLConfig ssl_config_; 88 89 CompletionCallback* user_connect_callback_; 90 CompletionCallback* user_read_callback_; 91 CompletionCallback* user_write_callback_; 92 93 // Used by Read function. 94 scoped_refptr<IOBuffer> user_read_buf_; 95 int user_read_buf_len_; 96 97 // Used by Write function. 98 scoped_refptr<IOBuffer> user_write_buf_; 99 int user_write_buf_len_; 100 101 enum State { 102 STATE_NONE, 103 STATE_HANDSHAKE_START, 104 STATE_VERIFY_CERT, 105 STATE_VERIFY_CERT_COMPLETE, 106 STATE_HANDSHAKE_FINISH, 107 }; 108 State next_handshake_state_; 109 110 scoped_refptr<X509Certificate> server_cert_; 111 scoped_ptr<CertVerifier> verifier_; 112 CertVerifyResult server_cert_verify_result_; 113 114 bool completed_handshake_; 115 bool handshake_interrupted_; 116 SSLContextRef ssl_context_; 117 118 // These buffers hold data retrieved from/sent to the underlying transport 119 // before it's fed to the SSL engine. 120 std::vector<char> send_buffer_; 121 int pending_send_error_; 122 std::vector<char> recv_buffer_; 123 124 // These are the IOBuffers used for operations on the underlying transport. 125 scoped_refptr<IOBuffer> read_io_buf_; 126 scoped_refptr<IOBuffer> write_io_buf_; 127 128 scoped_refptr<LoadLog> load_log_; 129 }; 130 131 } // namespace net 132 133 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_MAC_H_ 134