QUIC - enable persisting of QUICServerInfo (server config) to disk
[chromium-blink-merge.git] / net / socket / ssl_server_socket_nss.h
blobbc5b65d53687fb58e51c4ac6bbd70764cb53ebd3
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
6 #define NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
8 #include <certt.h>
9 #include <keyt.h>
10 #include <nspr.h>
11 #include <nss.h>
13 #include "base/memory/scoped_ptr.h"
14 #include "net/base/completion_callback.h"
15 #include "net/base/host_port_pair.h"
16 #include "net/base/net_log.h"
17 #include "net/base/nss_memio.h"
18 #include "net/socket/ssl_server_socket.h"
19 #include "net/ssl/ssl_config_service.h"
21 namespace net {
23 class SSLServerSocketNSS : public SSLServerSocket {
24 public:
25 // See comments on CreateSSLServerSocket for details of how these
26 // parameters are used.
27 SSLServerSocketNSS(scoped_ptr<StreamSocket> socket,
28 scoped_refptr<X509Certificate> certificate,
29 crypto::RSAPrivateKey* key,
30 const SSLConfig& ssl_config);
31 virtual ~SSLServerSocketNSS();
33 // SSLServerSocket interface.
34 virtual int Handshake(const CompletionCallback& callback) OVERRIDE;
36 // SSLSocket interface.
37 virtual int ExportKeyingMaterial(const base::StringPiece& label,
38 bool has_context,
39 const base::StringPiece& context,
40 unsigned char* out,
41 unsigned int outlen) OVERRIDE;
42 virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE;
44 // Socket interface (via StreamSocket).
45 virtual int Read(IOBuffer* buf, int buf_len,
46 const CompletionCallback& callback) OVERRIDE;
47 virtual int Write(IOBuffer* buf, int buf_len,
48 const CompletionCallback& callback) OVERRIDE;
49 virtual int SetReceiveBufferSize(int32 size) OVERRIDE;
50 virtual int SetSendBufferSize(int32 size) OVERRIDE;
52 // StreamSocket implementation.
53 virtual int Connect(const CompletionCallback& callback) OVERRIDE;
54 virtual void Disconnect() OVERRIDE;
55 virtual bool IsConnected() const OVERRIDE;
56 virtual bool IsConnectedAndIdle() const OVERRIDE;
57 virtual int GetPeerAddress(IPEndPoint* address) const OVERRIDE;
58 virtual int GetLocalAddress(IPEndPoint* address) const OVERRIDE;
59 virtual const BoundNetLog& NetLog() const OVERRIDE;
60 virtual void SetSubresourceSpeculation() OVERRIDE;
61 virtual void SetOmniboxSpeculation() OVERRIDE;
62 virtual bool WasEverUsed() const OVERRIDE;
63 virtual bool UsingTCPFastOpen() const OVERRIDE;
64 virtual bool WasNpnNegotiated() const OVERRIDE;
65 virtual NextProto GetNegotiatedProtocol() const OVERRIDE;
66 virtual bool GetSSLInfo(SSLInfo* ssl_info) OVERRIDE;
68 private:
69 enum State {
70 STATE_NONE,
71 STATE_HANDSHAKE,
74 int InitializeSSLOptions();
76 void OnSendComplete(int result);
77 void OnRecvComplete(int result);
78 void OnHandshakeIOComplete(int result);
80 int BufferSend();
81 void BufferSendComplete(int result);
82 int BufferRecv();
83 void BufferRecvComplete(int result);
84 bool DoTransportIO();
85 int DoPayloadRead();
86 int DoPayloadWrite();
88 int DoHandshakeLoop(int last_io_result);
89 int DoReadLoop(int result);
90 int DoWriteLoop(int result);
91 int DoHandshake();
92 void DoHandshakeCallback(int result);
93 void DoReadCallback(int result);
94 void DoWriteCallback(int result);
96 static SECStatus OwnAuthCertHandler(void* arg,
97 PRFileDesc* socket,
98 PRBool checksig,
99 PRBool is_server);
100 static void HandshakeCallback(PRFileDesc* socket, void* arg);
102 int Init();
104 // Members used to send and receive buffer.
105 bool transport_send_busy_;
106 bool transport_recv_busy_;
108 scoped_refptr<IOBuffer> recv_buffer_;
110 BoundNetLog net_log_;
112 CompletionCallback user_handshake_callback_;
113 CompletionCallback user_read_callback_;
114 CompletionCallback user_write_callback_;
116 // Used by Read function.
117 scoped_refptr<IOBuffer> user_read_buf_;
118 int user_read_buf_len_;
120 // Used by Write function.
121 scoped_refptr<IOBuffer> user_write_buf_;
122 int user_write_buf_len_;
124 // The NSS SSL state machine
125 PRFileDesc* nss_fd_;
127 // Buffers for the network end of the SSL state machine
128 memio_Private* nss_bufs_;
130 // StreamSocket for sending and receiving data.
131 scoped_ptr<StreamSocket> transport_socket_;
133 // Options for the SSL socket.
134 SSLConfig ssl_config_;
136 // Certificate for the server.
137 scoped_refptr<X509Certificate> cert_;
139 // Private key used by the server.
140 scoped_ptr<crypto::RSAPrivateKey> key_;
142 State next_handshake_state_;
143 bool completed_handshake_;
145 DISALLOW_COPY_AND_ASSIGN(SSLServerSocketNSS);
148 } // namespace net
150 #endif // NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_