Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(278)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/transport_security_state.h

Issue 6085013: Start reordering the methods in headers in net/. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/ssl_config_service.h ('k') | net/base/x509_certificate.h » ('j') | net/disk_cache/backend_impl.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_ 5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_
6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_ 6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <map> 9 #include <map>
10 #include <string> 10 #include <string>
(...skipping 25 matching lines...) Expand all
36 // Opportunistic mode implies: 36 // Opportunistic mode implies:
37 // * We'll request HTTP URLs over HTTPS 37 // * We'll request HTTP URLs over HTTPS
38 // * Certificate issues are ignored. 38 // * Certificate issues are ignored.
39 MODE_OPPORTUNISTIC = 1, 39 MODE_OPPORTUNISTIC = 1,
40 // SPDY_ONLY (aka X-Bodge-Transport-Security) is a hopefully temporary 40 // SPDY_ONLY (aka X-Bodge-Transport-Security) is a hopefully temporary
41 // measure. It implies: 41 // measure. It implies:
42 // * We'll request HTTP URLs over HTTPS iff we have SPDY support. 42 // * We'll request HTTP URLs over HTTPS iff we have SPDY support.
43 // * Certificate issues are fatal. 43 // * Certificate issues are fatal.
44 MODE_SPDY_ONLY = 2, 44 MODE_SPDY_ONLY = 2,
45 }; 45 };
46 Mode mode;
47 46
48 DomainState() 47 DomainState()
49 : mode(MODE_STRICT), 48 : mode(MODE_STRICT),
50 created(base::Time::Now()), 49 created(base::Time::Now()),
51 include_subdomains(false) { } 50 include_subdomains(false) { }
52 51
52 Mode mode;
53 base::Time created; // when this host entry was first created 53 base::Time created; // when this host entry was first created
54 base::Time expiry; // the absolute time (UTC) when this record expires 54 base::Time expiry; // the absolute time (UTC) when this record expires
55 bool include_subdomains; // subdomains included? 55 bool include_subdomains; // subdomains included?
56 }; 56 };
57 57
58 // Enable TransportSecurity for |host|. 58 // Enable TransportSecurity for |host|.
59 void EnableHost(const std::string& host, const DomainState& state); 59 void EnableHost(const std::string& host, const DomainState& state);
60 60
61 // Returns true if |host| has TransportSecurity enabled. If that case, 61 // Returns true if |host| has TransportSecurity enabled. If that case,
62 // *result is filled out. 62 // *result is filled out.
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
94 private: 94 private:
95 friend class base::RefCountedThreadSafe<TransportSecurityState>; 95 friend class base::RefCountedThreadSafe<TransportSecurityState>;
96 FRIEND_TEST_ALL_PREFIXES(TransportSecurityStateTest, IsPreloaded); 96 FRIEND_TEST_ALL_PREFIXES(TransportSecurityStateTest, IsPreloaded);
97 97
98 ~TransportSecurityState(); 98 ~TransportSecurityState();
99 99
100 // If we have a callback configured, call it to let our serialiser know that 100 // If we have a callback configured, call it to let our serialiser know that
101 // our state is dirty. 101 // our state is dirty.
102 void DirtyNotify(); 102 void DirtyNotify();
103 103
104 static std::string CanonicaliseHost(const std::string& host);
105 static bool IsPreloadedSTS(const std::string& canonicalised_host,
106 bool* out_include_subdomains);
107
104 // The set of hosts that have enabled TransportSecurity. The keys here 108 // The set of hosts that have enabled TransportSecurity. The keys here
105 // are SHA256(DNSForm(domain)) where DNSForm converts from dotted form 109 // are SHA256(DNSForm(domain)) where DNSForm converts from dotted form
106 // ('www.google.com') to the form used in DNS: "\x03www\x06google\x03com" 110 // ('www.google.com') to the form used in DNS: "\x03www\x06google\x03com"
107 std::map<std::string, DomainState> enabled_hosts_; 111 std::map<std::string, DomainState> enabled_hosts_;
108 112
109 // Our delegate who gets notified when we are dirtied, or NULL. 113 // Our delegate who gets notified when we are dirtied, or NULL.
110 Delegate* delegate_; 114 Delegate* delegate_;
111 115
112 static std::string CanonicaliseHost(const std::string& host);
113 static bool IsPreloadedSTS(const std::string& canonicalised_host,
114 bool* out_include_subdomains);
115
116 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 116 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
117 }; 117 };
118 118
119 } // namespace net 119 } // namespace net
120 120
121 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_ 121 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_
OLDNEW
« no previous file with comments | « net/base/ssl_config_service.h ('k') | net/base/x509_certificate.h » ('j') | net/disk_cache/backend_impl.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698