1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ 7 #pragma once 8 9 #include <string> 10 11 #include "net/base/completion_callback.h" 12 #include "net/base/load_flags.h" 13 #include "net/base/net_errors.h" 14 #include "net/socket/client_socket.h" 15 16 namespace net { 17 18 class SSLCertRequestInfo; 19 class SSLHostInfo; 20 class SSLInfo; 21 struct RRResponse; 22 23 // DNSSECProvider is an interface to an object that can return DNSSEC data. 24 class DNSSECProvider { 25 public: 26 // GetDNSSECRecords will either: 27 // 1) set |*out| to NULL and return OK. 28 // 2) set |*out| to a pointer, which is owned by this object, and return OK. 29 // 3) return IO_PENDING and call |callback| on the current MessageLoop at 30 // some point in the future. Once the callback has been made, this 31 // function will return OK if called again. 32 virtual int GetDNSSECRecords(RRResponse** out, 33 CompletionCallback* callback) = 0; 34 35 private: ~DNSSECProvider()36 ~DNSSECProvider() {} 37 }; 38 39 // A client socket that uses SSL as the transport layer. 40 // 41 // NOTE: The SSL handshake occurs within the Connect method after a TCP 42 // connection is established. If a SSL error occurs during the handshake, 43 // Connect will fail. 44 // 45 class SSLClientSocket : public ClientSocket { 46 public: 47 SSLClientSocket(); 48 49 // Next Protocol Negotiation (NPN) allows a TLS client and server to come to 50 // an agreement about the application level protocol to speak over a 51 // connection. 52 enum NextProtoStatus { 53 // WARNING: These values are serialised to disk. Don't change them. 54 55 kNextProtoUnsupported = 0, // The server doesn't support NPN. 56 kNextProtoNegotiated = 1, // We agreed on a protocol. 57 kNextProtoNoOverlap = 2, // No protocols in common. We requested 58 // the first protocol in our list. 59 }; 60 61 // Next Protocol Negotiation (NPN), if successful, results in agreement on an 62 // application-level string that specifies the application level protocol to 63 // use over the TLS connection. NextProto enumerates the application level 64 // protocols that we recognise. 65 enum NextProto { 66 kProtoUnknown = 0, 67 kProtoHTTP11 = 1, 68 kProtoSPDY1 = 2, 69 kProtoSPDY2 = 3, 70 }; 71 72 // Gets the SSL connection information of the socket. 73 virtual void GetSSLInfo(SSLInfo* ssl_info) = 0; 74 75 // Gets the SSL CertificateRequest info of the socket after Connect failed 76 // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. 77 virtual void GetSSLCertRequestInfo( 78 SSLCertRequestInfo* cert_request_info) = 0; 79 80 // Get the application level protocol that we negotiated with the server. 81 // *proto is set to the resulting protocol (n.b. that the string may have 82 // embedded NULs). 83 // kNextProtoUnsupported: *proto is cleared. 84 // kNextProtoNegotiated: *proto is set to the negotiated protocol. 85 // kNextProtoNoOverlap: *proto is set to the first protocol in the 86 // supported list. 87 virtual NextProtoStatus GetNextProto(std::string* proto) = 0; 88 89 static NextProto NextProtoFromString(const std::string& proto_string); 90 91 static bool IgnoreCertError(int error, int load_flags); 92 93 virtual bool was_npn_negotiated() const; 94 95 virtual bool set_was_npn_negotiated(bool negotiated); 96 UseDNSSEC(DNSSECProvider *)97 virtual void UseDNSSEC(DNSSECProvider*) { } 98 99 virtual bool was_spdy_negotiated() const; 100 101 virtual bool set_was_spdy_negotiated(bool negotiated); 102 103 private: 104 // True if NPN was responded to, independent of selecting SPDY or HTTP. 105 bool was_npn_negotiated_; 106 // True if NPN successfully negotiated SPDY. 107 bool was_spdy_negotiated_; 108 }; 109 110 } // namespace net 111 112 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ 113