1 // Copyright (c) 2019 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_CRYPTO_TLS_CLIENT_CONNECTION_H_ 6 #define QUICHE_QUIC_CORE_CRYPTO_TLS_CLIENT_CONNECTION_H_ 7 8 #include "quiche/quic/core/crypto/tls_connection.h" 9 10 namespace quic { 11 12 // TlsClientConnection receives calls for client-specific BoringSSL callbacks 13 // and calls its Delegate for the implementation of those callbacks. 14 class QUICHE_EXPORT TlsClientConnection : public TlsConnection { 15 public: 16 // A TlsClientConnection::Delegate implements the client-specific methods that 17 // are set as callbacks for an SSL object. 18 class QUICHE_EXPORT Delegate { 19 public: ~Delegate()20 virtual ~Delegate() {} 21 22 protected: 23 // Called when a NewSessionTicket is received from the server. 24 virtual void InsertSession(bssl::UniquePtr<SSL_SESSION> session) = 0; 25 26 // Provides the delegate for callbacks that are shared between client and 27 // server. 28 virtual TlsConnection::Delegate* ConnectionDelegate() = 0; 29 30 friend class TlsClientConnection; 31 }; 32 33 TlsClientConnection(SSL_CTX* ssl_ctx, Delegate* delegate, 34 QuicSSLConfig ssl_config); 35 36 // Creates and configures an SSL_CTX that is appropriate for clients to use. 37 static bssl::UniquePtr<SSL_CTX> CreateSslCtx(bool enable_early_data); 38 39 // Set the client cert and private key to be used on this connection, if 40 // requested by the server. 41 void SetCertChain(const std::vector<CRYPTO_BUFFER*>& cert_chain, 42 EVP_PKEY* privkey); 43 44 private: 45 // Registered as the callback for SSL_CTX_sess_set_new_cb, which calls 46 // Delegate::InsertSession. 47 static int NewSessionCallback(SSL* ssl, SSL_SESSION* session); 48 49 Delegate* delegate_; 50 }; 51 52 } // namespace quic 53 54 #endif // QUICHE_QUIC_CORE_CRYPTO_TLS_CLIENT_CONNECTION_H_ 55