| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ | 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ |
| 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ | 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 // checking is enabled. | 26 // checking is enabled. |
| 27 // SSL 2.0 is not supported. | 27 // SSL 2.0 is not supported. |
| 28 bool ssl3_enabled; // True if SSL 3.0 is enabled. | 28 bool ssl3_enabled; // True if SSL 3.0 is enabled. |
| 29 bool tls1_enabled; // True if TLS 1.0 is enabled. | 29 bool tls1_enabled; // True if TLS 1.0 is enabled. |
| 30 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. | 30 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. |
| 31 bool snap_start_enabled; // True if we'll try Snap Start handshakes. | 31 bool snap_start_enabled; // True if we'll try Snap Start handshakes. |
| 32 // True if we'll do async checks for certificate provenance using DNS. | 32 // True if we'll do async checks for certificate provenance using DNS. |
| 33 bool dns_cert_provenance_checking_enabled; | 33 bool dns_cert_provenance_checking_enabled; |
| 34 | 34 |
| 35 // Cipher suites which should be explicitly prevented from being used in | 35 // Cipher suites which should be explicitly prevented from being used in |
| 36 // addition to those disabled by the net built in policy -- by default, all | 36 // addition to those disabled by the net built-in policy -- by default, all |
| 37 // cipher suites supported by the underlying SSL implementation will be | 37 // cipher suites supported by the underlying SSL implementation will be |
| 38 // enabled except for: | 38 // enabled except for: |
| 39 // - Null encryption cipher suites. | 39 // - Null encryption cipher suites. |
| 40 // - Weak cipher suites: < 80 bits of security strength. | 40 // - Weak cipher suites: < 80 bits of security strength. |
| 41 // - FORTEZZA cipher suites (obsolete). | 41 // - FORTEZZA cipher suites (obsolete). |
| 42 // - IDEA cipher suites (RFC 5469 explains why). | 42 // - IDEA cipher suites (RFC 5469 explains why). |
| 43 // - Anonymous cipher suites. | 43 // - Anonymous cipher suites. |
| 44 // The ciphers listed in |disabled_cipher_suites| will be removed in addition | 44 // The ciphers listed in |disabled_cipher_suites| will be removed in addition |
| 45 // to the above statically defined disable list. | 45 // to the above statically defined disable list. |
| 46 // | 46 // |
| (...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 189 void ProcessConfigUpdate(const SSLConfig& orig_config, | 189 void ProcessConfigUpdate(const SSLConfig& orig_config, |
| 190 const SSLConfig& new_config); | 190 const SSLConfig& new_config); |
| 191 | 191 |
| 192 private: | 192 private: |
| 193 ObserverList<Observer> observer_list_; | 193 ObserverList<Observer> observer_list_; |
| 194 }; | 194 }; |
| 195 | 195 |
| 196 } // namespace net | 196 } // namespace net |
| 197 | 197 |
| 198 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ | 198 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5594009:
Adds first cut implementation of a private key store abstraction for openssl (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src