Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(312)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ssl_config_service.h

Issue 6085013: Start reordering the methods in headers in net/. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/sdch_manager.cc ('k') | net/base/transport_security_state.h » ('j') | net/disk_cache/backend_impl.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_
6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/basictypes.h" 11 #include "base/basictypes.h"
12 #include "base/observer_list.h" 12 #include "base/observer_list.h"
13 #include "base/ref_counted.h" 13 #include "base/ref_counted.h"
14 #include "net/base/x509_certificate.h" 14 #include "net/base/x509_certificate.h"
15 15
16 namespace net { 16 namespace net {
17 17
18 // A collection of SSL-related configuration settings. 18 // A collection of SSL-related configuration settings.
19 struct SSLConfig { 19 struct SSLConfig {
20 // Default to revocation checking. 20 // Default to revocation checking.
21 // Default to SSL 3.0 on and TLS 1.0 on. 21 // Default to SSL 3.0 on and TLS 1.0 on.
22 SSLConfig(); 22 SSLConfig();
23 ~SSLConfig(); 23 ~SSLConfig();
24 24
25 // Returns true if |cert| is one of the certs in |allowed_bad_certs|.
26 bool IsAllowedBadCert(X509Certificate* cert) const;
27
25 bool rev_checking_enabled; // True if server certificate revocation 28 bool rev_checking_enabled; // True if server certificate revocation
26 // checking is enabled. 29 // checking is enabled.
27 // SSL 2.0 is not supported. 30 // SSL 2.0 is not supported.
28 bool ssl3_enabled; // True if SSL 3.0 is enabled. 31 bool ssl3_enabled; // True if SSL 3.0 is enabled.
29 bool tls1_enabled; // True if TLS 1.0 is enabled. 32 bool tls1_enabled; // True if TLS 1.0 is enabled.
30 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. 33 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates.
31 bool snap_start_enabled; // True if we'll try Snap Start handshakes. 34 bool snap_start_enabled; // True if we'll try Snap Start handshakes.
32 // True if we'll do async checks for certificate provenance using DNS. 35 // True if we'll do async checks for certificate provenance using DNS.
33 bool dns_cert_provenance_checking_enabled; 36 bool dns_cert_provenance_checking_enabled;
34 37
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
72 // are not SSL configuration settings. 75 // are not SSL configuration settings.
73 76
74 struct CertAndStatus { 77 struct CertAndStatus {
75 CertAndStatus(); 78 CertAndStatus();
76 ~CertAndStatus(); 79 ~CertAndStatus();
77 80
78 scoped_refptr<X509Certificate> cert; 81 scoped_refptr<X509Certificate> cert;
79 int cert_status; 82 int cert_status;
80 }; 83 };
81 84
82 // Returns true if |cert| is one of the certs in |allowed_bad_certs|.
83 bool IsAllowedBadCert(X509Certificate* cert) const;
84
85 // Add any known-bad SSL certificate (with its cert status) to 85 // Add any known-bad SSL certificate (with its cert status) to
86 // |allowed_bad_certs| that should not trigger an ERR_CERT_* error when 86 // |allowed_bad_certs| that should not trigger an ERR_CERT_* error when
87 // calling SSLClientSocket::Connect. This would normally be done in 87 // calling SSLClientSocket::Connect. This would normally be done in
88 // response to the user explicitly accepting the bad certificate. 88 // response to the user explicitly accepting the bad certificate.
89 std::vector<CertAndStatus> allowed_bad_certs; 89 std::vector<CertAndStatus> allowed_bad_certs;
90 90
91 // True if we should send client_cert to the server. 91 // True if we should send client_cert to the server.
92 bool send_client_cert; 92 bool send_client_cert;
93 93
94 bool verify_ev_cert; // True if we should verify the certificate for EV. 94 bool verify_ev_cert; // True if we should verify the certificate for EV.
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
194 void ProcessConfigUpdate(const SSLConfig& orig_config, 194 void ProcessConfigUpdate(const SSLConfig& orig_config,
195 const SSLConfig& new_config); 195 const SSLConfig& new_config);
196 196
197 private: 197 private:
198 ObserverList<Observer> observer_list_; 198 ObserverList<Observer> observer_list_;
199 }; 199 };
200 200
201 } // namespace net 201 } // namespace net
202 202
203 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ 203 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_
OLDNEW
« no previous file with comments | « net/base/sdch_manager.cc ('k') | net/base/transport_security_state.h » ('j') | net/disk_cache/backend_impl.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698