Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(239)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ssl_config_service.h

Issue 6370008: Enable session resumption in SSLServerSocketNSS and unit tests (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/ssl_config_service.cc » ('j') | net/socket/ssl_server_socket_nss.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_
6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <vector> 9 #include <vector>
10 10
(...skipping 17 matching lines...) Expand all
28 bool rev_checking_enabled; // True if server certificate revocation 28 bool rev_checking_enabled; // True if server certificate revocation
29 // checking is enabled. 29 // checking is enabled.
30 // SSL 2.0 is not supported. 30 // SSL 2.0 is not supported.
31 bool ssl3_enabled; // True if SSL 3.0 is enabled. 31 bool ssl3_enabled; // True if SSL 3.0 is enabled.
32 bool tls1_enabled; // True if TLS 1.0 is enabled. 32 bool tls1_enabled; // True if TLS 1.0 is enabled.
33 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. 33 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates.
34 bool snap_start_enabled; // True if we'll try Snap Start handshakes. 34 bool snap_start_enabled; // True if we'll try Snap Start handshakes.
35 // True if we'll do async checks for certificate provenance using DNS. 35 // True if we'll do async checks for certificate provenance using DNS.
36 bool dns_cert_provenance_checking_enabled; 36 bool dns_cert_provenance_checking_enabled;
37 37
38 // TODO(hclam): This option is used to simplify the SSLServerSocketNSS
39 // implementation and should be removed when session caching is implemented.
40 // See http://crbug.com/67236 for more details.
41 bool session_resume_disabled; // Don't allow session resume.
42
43 // Cipher suites which should be explicitly prevented from being used in 38 // Cipher suites which should be explicitly prevented from being used in
44 // addition to those disabled by the net built-in policy -- by default, all 39 // addition to those disabled by the net built-in policy -- by default, all
45 // cipher suites supported by the underlying SSL implementation will be 40 // cipher suites supported by the underlying SSL implementation will be
46 // enabled except for: 41 // enabled except for:
47 // - Null encryption cipher suites. 42 // - Null encryption cipher suites.
48 // - Weak cipher suites: < 80 bits of security strength. 43 // - Weak cipher suites: < 80 bits of security strength.
49 // - FORTEZZA cipher suites (obsolete). 44 // - FORTEZZA cipher suites (obsolete).
50 // - IDEA cipher suites (RFC 5469 explains why). 45 // - IDEA cipher suites (RFC 5469 explains why).
51 // - Anonymous cipher suites. 46 // - Anonymous cipher suites.
52 // The ciphers listed in |disabled_cipher_suites| will be removed in addition 47 // The ciphers listed in |disabled_cipher_suites| will be removed in addition
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after
194 void ProcessConfigUpdate(const SSLConfig& orig_config, 189 void ProcessConfigUpdate(const SSLConfig& orig_config,
195 const SSLConfig& new_config); 190 const SSLConfig& new_config);
196 191
197 private: 192 private:
198 ObserverList<Observer> observer_list_; 193 ObserverList<Observer> observer_list_;
199 }; 194 };
200 195
201 } // namespace net 196 } // namespace net
202 197
203 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ 198 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_
OLDNEW
« no previous file with comments | « no previous file | net/base/ssl_config_service.cc » ('j') | net/socket/ssl_server_socket_nss.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698