Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(350)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/x509_certificate.cc

Issue 1417003: Revert due to compile failures... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/x509_certificate.cc
===================================================================
--- net/base/x509_certificate.cc (revision 42829)
+++ net/base/x509_certificate.cc (working copy)
@@ -4,9 +4,7 @@
#include "net/base/x509_certificate.h"
-#if defined(OS_MACOSX)
-#include <Security/Security.h>
-#elif defined(USE_NSS)
+#if defined(USE_NSS)
#include <cert.h>
#endif
@@ -58,8 +56,8 @@
}
bool X509Certificate::FingerprintLessThan::operator()(
- const SHA1Fingerprint& lhs,
- const SHA1Fingerprint& rhs) const {
+ const Fingerprint& lhs,
+ const Fingerprint& rhs) const {
for (size_t i = 0; i < sizeof(lhs.data); ++i) {
if (lhs.data[i] < rhs.data[i])
return true;
@@ -123,6 +121,47 @@
return pos->second;
};
+X509Certificate::Policy::Judgment X509Certificate::Policy::Check(
+ X509Certificate* cert) const {
+ // It shouldn't matter which set we check first, but we check denied first
+ // in case something strange has happened.
+
+ if (denied_.find(cert->fingerprint()) != denied_.end()) {
+ // DCHECK that the order didn't matter.
+ DCHECK(allowed_.find(cert->fingerprint()) == allowed_.end());
+ return DENIED;
+ }
+
+ if (allowed_.find(cert->fingerprint()) != allowed_.end()) {
+ // DCHECK that the order didn't matter.
+ DCHECK(denied_.find(cert->fingerprint()) == denied_.end());
+ return ALLOWED;
+ }
+
+ // We don't have a policy for this cert.
+ return UNKNOWN;
+}
+
+void X509Certificate::Policy::Allow(X509Certificate* cert) {
+ // Put the cert in the allowed set and (maybe) remove it from the denied set.
+ denied_.erase(cert->fingerprint());
+ allowed_.insert(cert->fingerprint());
+}
+
+void X509Certificate::Policy::Deny(X509Certificate* cert) {
+ // Put the cert in the denied set and (maybe) remove it from the allowed set.
+ allowed_.erase(cert->fingerprint());
+ denied_.insert(cert->fingerprint());
+}
+
+bool X509Certificate::Policy::HasAllowedCert() const {
+ return !allowed_.empty();
+}
+
+bool X509Certificate::Policy::HasDeniedCert() const {
+ return !denied_.empty();
+}
+
// static
X509Certificate* X509Certificate::CreateFromHandle(
OSCertHandle cert_handle,
« no previous file with comments | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698