1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_ 6 #define NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_ 7 #pragma once 8 9 #include <certt.h> 10 #include <keyt.h> 11 #include <nspr.h> 12 #include <nss.h> 13 14 #include "base/memory/scoped_ptr.h" 15 #include "net/base/completion_callback.h" 16 #include "net/base/host_port_pair.h" 17 #include "net/base/net_log.h" 18 #include "net/base/nss_memio.h" 19 #include "net/base/ssl_config_service.h" 20 #include "net/socket/ssl_server_socket.h" 21 22 namespace net { 23 24 class SSLServerSocketNSS : public SSLServerSocket { 25 public: 26 // This object takes ownership of the following parameters: 27 // |socket| - A socket that is already connected. 28 // |cert| - The certificate to be used by the server. 29 // 30 // The following parameters are copied in the constructor. 31 // |ssl_config| - Options for SSL socket. 32 // |key| - The private key used by the server. 33 SSLServerSocketNSS(Socket* transport_socket, 34 scoped_refptr<X509Certificate> cert, 35 crypto::RSAPrivateKey* key, 36 const SSLConfig& ssl_config); 37 virtual ~SSLServerSocketNSS(); 38 39 // SSLServerSocket implementation. 40 virtual int Accept(CompletionCallback* callback); 41 virtual int Read(IOBuffer* buf, int buf_len, 42 CompletionCallback* callback); 43 virtual int Write(IOBuffer* buf, int buf_len, 44 CompletionCallback* callback); 45 virtual bool SetReceiveBufferSize(int32 size); 46 virtual bool SetSendBufferSize(int32 size); 47 48 private: 49 enum State { 50 STATE_NONE, 51 STATE_HANDSHAKE, 52 }; 53 54 int InitializeSSLOptions(); 55 56 void OnSendComplete(int result); 57 void OnRecvComplete(int result); 58 void OnHandshakeIOComplete(int result); 59 60 int BufferSend(); 61 void BufferSendComplete(int result); 62 int BufferRecv(); 63 void BufferRecvComplete(int result); 64 bool DoTransportIO(); 65 int DoPayloadRead(); 66 int DoPayloadWrite(); 67 68 int DoHandshakeLoop(int last_io_result); 69 int DoReadLoop(int result); 70 int DoWriteLoop(int result); 71 int DoHandshake(); 72 void DoAcceptCallback(int result); 73 void DoReadCallback(int result); 74 void DoWriteCallback(int result); 75 76 static SECStatus OwnAuthCertHandler(void* arg, 77 PRFileDesc* socket, 78 PRBool checksig, 79 PRBool is_server); 80 static void HandshakeCallback(PRFileDesc* socket, void* arg); 81 82 virtual int Init(); 83 84 // Members used to send and receive buffer. 85 CompletionCallbackImpl<SSLServerSocketNSS> buffer_send_callback_; 86 CompletionCallbackImpl<SSLServerSocketNSS> buffer_recv_callback_; 87 bool transport_send_busy_; 88 bool transport_recv_busy_; 89 90 scoped_refptr<IOBuffer> recv_buffer_; 91 92 BoundNetLog net_log_; 93 94 CompletionCallback* user_accept_callback_; 95 CompletionCallback* user_read_callback_; 96 CompletionCallback* user_write_callback_; 97 98 // Used by Read function. 99 scoped_refptr<IOBuffer> user_read_buf_; 100 int user_read_buf_len_; 101 102 // Used by Write function. 103 scoped_refptr<IOBuffer> user_write_buf_; 104 int user_write_buf_len_; 105 106 // The NSS SSL state machine 107 PRFileDesc* nss_fd_; 108 109 // Buffers for the network end of the SSL state machine 110 memio_Private* nss_bufs_; 111 112 // Socket for sending and receiving data. 113 scoped_ptr<Socket> transport_socket_; 114 115 // Options for the SSL socket. 116 // TODO(hclam): This memeber is currently not used. Should make use of this 117 // member to configure the socket. 118 SSLConfig ssl_config_; 119 120 // Certificate for the server. 121 scoped_refptr<X509Certificate> cert_; 122 123 // Private key used by the server. 124 scoped_ptr<crypto::RSAPrivateKey> key_; 125 126 State next_handshake_state_; 127 bool completed_handshake_; 128 129 DISALLOW_COPY_AND_ASSIGN(SSLServerSocketNSS); 130 }; 131 132 } // namespace net 133 134 #endif // NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_ 135