blob: 9053ea0259c56a0ae3426e5dd1c92896d415d439 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// NOTE: This class is provided to support existing Chromium consumers; it is
// NOT intended for use in NEW code. Configuring a TLS server correctly is a
// security-sensitive activity with many subtle nuances, and thus care should be
// taken to discuss with //net/OWNERS before any new usages.
//
// As such, this header should be treated as an internal implementation detail
// of //net (where it's used for some unit test infrastructure), not as
// appropriate for general use.
//
// See https://crbug.com/621176 for more details.
#ifndef NET_SOCKET_SSL_SERVER_SOCKET_H_
#define NET_SOCKET_SSL_SERVER_SOCKET_H_
#include <memory>
#include "net/base/completion_callback.h"
#include "net/base/net_export.h"
#include "net/socket/ssl_socket.h"
#include "net/socket/stream_socket.h"
namespace crypto {
class RSAPrivateKey;
} // namespace crypto
namespace net {
struct SSLServerConfig;
class X509Certificate;
class SSLServerSocket : public SSLSocket {
public:
~SSLServerSocket() override {}
// Perform the SSL server handshake, and notify the supplied callback
// if the process completes asynchronously. If Disconnect is called before
// completion then the callback will be silently, as for other StreamSocket
// calls.
virtual int Handshake(const CompletionCallback& callback) = 0;
};
class SSLServerContext {
public:
virtual ~SSLServerContext(){};
// Creates an SSL server socket over an already-connected transport socket.
// The caller must ensure the returned socket does not outlive the server
// context.
//
// The caller starts the SSL server handshake by calling Handshake on the
// returned socket.
virtual std::unique_ptr<SSLServerSocket> CreateSSLServerSocket(
std::unique_ptr<StreamSocket> socket) = 0;
};
// Configures the underlying SSL library for the use of SSL server sockets.
//
// Due to the requirements of the underlying libraries, this should be called
// early in process initialization, before any SSL socket, client or server,
// has been used.
//
// Note: If a process does not use SSL server sockets, this call may be
// omitted.
NET_EXPORT void EnableSSLServerSockets();
// Creates an SSL server socket context where all sockets spawned using this
// context will share the same session cache.
//
// The caller must provide the server certificate and private key to use.
// It takes a reference to |certificate|.
// The |key| and |ssl_config| parameters are copied.
//
NET_EXPORT std::unique_ptr<SSLServerContext> CreateSSLServerContext(
X509Certificate* certificate,
const crypto::RSAPrivateKey& key,
const SSLServerConfig& ssl_config);
} // namespace net
#endif // NET_SOCKET_SSL_SERVER_SOCKET_H_