15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define NET_SOCKET_SSL_CLIENT_SOCKET_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <string> 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/gtest_prod_util.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/completion_callback.h" 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/load_flags.h" 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/net_errors.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/socket/ssl_socket.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/socket/stream_socket.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace net { 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class CertVerifier; 205f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class ChannelIDService; 21a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class CTVerifier; 225f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class HostPortPair; 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class ServerBoundCertService; 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLCertRequestInfo; 251e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)struct SSLConfig; 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLInfo; 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class TransportSecurityState; 28a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)class X509Certificate; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This struct groups together several fields which are used by various 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// classes related to SSLClientSocket. 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)struct SSLClientSocketContext { 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLClientSocketContext() 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : cert_verifier(NULL), 355f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) channel_id_service(NULL), 36a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) transport_security_state(NULL), 37a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) cert_transparency_verifier(NULL) {} 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLClientSocketContext(CertVerifier* cert_verifier_arg, 405f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ChannelIDService* channel_id_service_arg, 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TransportSecurityState* transport_security_state_arg, 42a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) CTVerifier* cert_transparency_verifier_arg, 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& ssl_session_cache_shard_arg) 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : cert_verifier(cert_verifier_arg), 455f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) channel_id_service(channel_id_service_arg), 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) transport_security_state(transport_security_state_arg), 47a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) cert_transparency_verifier(cert_transparency_verifier_arg), 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ssl_session_cache_shard(ssl_session_cache_shard_arg) {} 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CertVerifier* cert_verifier; 515f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ChannelIDService* channel_id_service; 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TransportSecurityState* transport_security_state; 53a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) CTVerifier* cert_transparency_verifier; 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ssl_session_cache_shard is an opaque string that identifies a shard of the 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // SSL session cache. SSL sockets with the same ssl_session_cache_shard may 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // resume each other's SSL sessions but we'll never sessions between shards. 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string ssl_session_cache_shard; 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// A client socket that uses SSL as the transport layer. 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// NOTE: The SSL handshake occurs within the Connect method after a TCP 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// connection is established. If a SSL error occurs during the handshake, 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Connect will fail. 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class NET_EXPORT SSLClientSocket : public SSLSocket { 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLClientSocket(); 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Next Protocol Negotiation (NPN) allows a TLS client and server to come to 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // an agreement about the application level protocol to speak over a 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // connection. 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) enum NextProtoStatus { 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // WARNING: These values are serialized to disk. Don't change them. 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) kNextProtoUnsupported = 0, // The server doesn't support NPN. 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) kNextProtoNegotiated = 1, // We agreed on a protocol. 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) kNextProtoNoOverlap = 2, // No protocols in common. We requested 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the first protocol in our list. 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // StreamSocket: 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool WasNpnNegotiated() const OVERRIDE; 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual NextProto GetNegotiatedProtocol() const OVERRIDE; 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // Computes a unique key string for the SSL session cache. 8703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) virtual std::string GetSessionCacheKey() const = 0; 885f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 895f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Returns true if there is a cache entry in the SSL session cache 905f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // for the cache key of the SSL socket. 915f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // 925f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // The cache key consists of a host and port concatenated with a session 935f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // cache shard. These two strings are passed to the constructor of most 945f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // subclasses of SSLClientSocket. 955f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual bool InSessionCache() const = 0; 965f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 975f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Sets |callback| to be run when the handshake has fully completed. 985f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // For example, in the case of False Start, Connect() will return 995f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // early, before the peer's TLS Finished message has been verified, 1005f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // in order to allow the caller to call Write() and send application 1015f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // data with the client's Finished message. 1025f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // In such situations, |callback| will be invoked sometime after 1035f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Connect() - either during a Write() or Read() call, and before 1045f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // invoking the Read() or Write() callback. 1055f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Otherwise, during a traditional TLS connection (i.e. no False 1065f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Start), this will be called right before the Connect() callback 1075f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // is called. 1085f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // 1095f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Note that it's not valid to mutate this socket during such 1105f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // callbacks, including deleting the socket. 1115f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // 1125f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // TODO(mshelley): Provide additional details about whether or not 1135f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // the handshake actually succeeded or not. This can be inferred 1145f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // from the result to Connect()/Read()/Write(), but may be useful 1155f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // to inform here as well. 1165f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual void SetHandshakeCompletionCallback( 1175f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) const base::Closure& callback) = 0; 1185f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Gets the SSL CertificateRequest info of the socket after Connect failed 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // with ERR_SSL_CLIENT_AUTH_CERT_NEEDED. 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void GetSSLCertRequestInfo( 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLCertRequestInfo* cert_request_info) = 0; 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Get the application level protocol that we negotiated with the server. 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // *proto is set to the resulting protocol (n.b. that the string may have 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // embedded NULs). 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // kNextProtoUnsupported: *proto is cleared. 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // kNextProtoNegotiated: *proto is set to the negotiated protocol. 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // kNextProtoNoOverlap: *proto is set to the first protocol in the 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // supported list. 1315f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual NextProtoStatus GetNextProto(std::string* proto) = 0; 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static NextProto NextProtoFromString(const std::string& proto_string); 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* NextProtoToString(NextProto next_proto); 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* NextProtoStatusToString(const NextProtoStatus status); 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static bool IgnoreCertError(int error, int load_flags); 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ClearSessionCache clears the SSL session cache, used to resume SSL 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // sessions. 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static void ClearSessionCache(); 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool set_was_npn_negotiated(bool negotiated); 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool was_spdy_negotiated() const; 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool set_was_spdy_negotiated(bool negotiated); 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void set_protocol_negotiated(NextProto protocol_negotiated); 1525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1535f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Returns the ChannelIDService used by this socket, or NULL if 1545f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // channel ids are not supported. 1555f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual ChannelIDService* GetChannelIDService() const = 0; 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Returns true if a channel ID was sent on this connection. 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This may be useful for protocols, like SPDY, which allow the same 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // connection to be shared between multiple domains, each of which need 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // a channel ID. 1611e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // 1621e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // Public for ssl_client_socket_openssl_unittest.cc. 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool WasChannelIDSent() const; 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1651e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) protected: 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void set_channel_id_sent(bool channel_id_sent); 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 168a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void set_signed_cert_timestamps_received( 169a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) bool signed_cert_timestamps_received); 170a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 1715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void set_stapled_ocsp_response_received( 1725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool stapled_ocsp_response_received); 1735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1741e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // Records histograms for channel id support during full handshakes - resumed 1751e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // handshakes are ignored. 1761e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) static void RecordChannelIDSupport( 1775f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ChannelIDService* channel_id_service, 1781e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) bool negotiated_channel_id, 1791e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) bool channel_id_enabled, 1801e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) bool supports_ecc); 1811e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 1821e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // Returns whether TLS channel ID is enabled. 1831e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) static bool IsChannelIDEnabled( 1841e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) const SSLConfig& ssl_config, 1855f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ChannelIDService* channel_id_service); 1865f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1875f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Serializes |next_protos| in the wire format for ALPN: protocols are listed 1885f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // in order, each prefixed by a one-byte length. 1895f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) static std::vector<uint8_t> SerializeNextProtos( 1905f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) const std::vector<std::string>& next_protos); 1911e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 192a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // For unit testing only. 193a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Returns the unverified certificate chain as presented by server. 194a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Note that chain may be different than the verified chain returned by 195a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // StreamSocket::GetSSLInfo(). 196a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) virtual scoped_refptr<X509Certificate> GetUnverifiedServerCertificateChain() 197a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) const = 0; 198a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 2005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // For signed_cert_timestamps_received_ and stapled_ocsp_response_received_. 2015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, 2025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConnectSignedCertTimestampsEnabledTLSExtension); 2035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, 2045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConnectSignedCertTimestampsEnabledOCSP); 2055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, 2065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConnectSignedCertTimestampsDisabled); 207a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest, 208a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) VerifyServerChainProperlyOrdered); 2095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // True if NPN was responded to, independent of selecting SPDY or HTTP. 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool was_npn_negotiated_; 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // True if NPN successfully negotiated SPDY. 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool was_spdy_negotiated_; 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Protocol that we negotiated with the server. 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NextProto protocol_negotiated_; 2165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // True if a channel ID was sent. 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool channel_id_sent_; 218a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // True if SCTs were received via a TLS extension. 219a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) bool signed_cert_timestamps_received_; 2205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // True if a stapled OCSP response was received. 2215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool stapled_ocsp_response_received_; 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace net 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ 227