| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <certt.h> | 9 #include <certt.h> |
| 10 #include <keyt.h> | 10 #include <keyt.h> |
| (...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 171 // True if NSS has called HandshakeCallback. | 171 // True if NSS has called HandshakeCallback. |
| 172 bool handshake_callback_called_; | 172 bool handshake_callback_called_; |
| 173 | 173 |
| 174 // True if the SSL handshake has been completed. | 174 // True if the SSL handshake has been completed. |
| 175 bool completed_handshake_; | 175 bool completed_handshake_; |
| 176 | 176 |
| 177 // True if we are lying about being connected in order to merge the first | 177 // True if we are lying about being connected in order to merge the first |
| 178 // Write call into a Snap Start handshake. | 178 // Write call into a Snap Start handshake. |
| 179 bool pseudo_connected_; | 179 bool pseudo_connected_; |
| 180 | 180 |
| 181 // True iff we believe that the user has an ESET product intercepting our |
| 182 // HTTPS connections. |
| 183 bool eset_mitm_detected_; |
| 184 |
| 185 // True iff we believe that the user has NetNanny intercepting our HTTPS |
| 186 // connections. |
| 187 bool netnanny_mitm_detected_; |
| 188 |
| 181 // This pointer is owned by the caller of UseDNSSEC. | 189 // This pointer is owned by the caller of UseDNSSEC. |
| 182 DNSSECProvider* dnssec_provider_; | 190 DNSSECProvider* dnssec_provider_; |
| 183 // The time when we started waiting for DNSSEC records. | 191 // The time when we started waiting for DNSSEC records. |
| 184 base::Time dnssec_wait_start_time_; | 192 base::Time dnssec_wait_start_time_; |
| 185 | 193 |
| 186 enum State { | 194 enum State { |
| 187 STATE_NONE, | 195 STATE_NONE, |
| 188 STATE_SNAP_START_LOAD_INFO, | 196 STATE_SNAP_START_LOAD_INFO, |
| 189 STATE_SNAP_START_WAIT_FOR_WRITE, | 197 STATE_SNAP_START_WAIT_FOR_WRITE, |
| 190 STATE_HANDSHAKE, | 198 STATE_HANDSHAKE, |
| (...skipping 27 matching lines...) Expand all Loading... |
| 218 // 2. Copy client certificates from the "MY" system certificate store into | 226 // 2. Copy client certificates from the "MY" system certificate store into |
| 219 // this store so that we can close the system store when we finish | 227 // this store so that we can close the system store when we finish |
| 220 // searching for client certificates. | 228 // searching for client certificates. |
| 221 static HCERTSTORE cert_store_; | 229 static HCERTSTORE cert_store_; |
| 222 #endif | 230 #endif |
| 223 }; | 231 }; |
| 224 | 232 |
| 225 } // namespace net | 233 } // namespace net |
| 226 | 234 |
| 227 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ | 235 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3723001:
net: detect and error out with ESET/NetNanny HTTPS interception + False Start (Closed)
