Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1037)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/x509_certificate.h

Issue 7082031: Don't block the UI thread for OCSP/CRLs when viewing a cert on Mac. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase to trunk Created 9 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ui/cocoa/certificate_viewer.mm ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/x509_certificate.h
diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h
index f01f9f182646a8024253a44ace45b40fa2e3699d..62b51c321dfe8da94711183228178aea2a979267 100644
--- a/net/base/x509_certificate.h
+++ b/net/base/x509_certificate.h
@@ -257,15 +257,41 @@ class NET_API X509Certificate
// Do any of the given issuer names appear in this cert's chain of trust?
bool IsIssuedBy(const std::vector<CertPrincipal>& valid_issuers);
- // Creates a security policy for SSL client certificates.
- static OSStatus CreateSSLClientPolicy(SecPolicyRef* outPolicy);
+ // Creates a security policy for certificates used as client certificates
+ // in SSL.
+ // If a policy is successfully created, it will be stored in
+ // |*policy| and ownership transferred to the caller.
+ static OSStatus CreateSSLClientPolicy(SecPolicyRef* policy);
+
+ // Creates a security policy for certificates used by SSL servers.
+ // |hostname| is an optionally-supplied string indicating the name to verify
+ // the server certificate as; if it is empty, no hostname verification will
+ // happen.
+ // If a policy is successfully created, it will be stored in |*policy| and
+ // ownership transferred to the caller.
+ static OSStatus CreateSSLServerPolicy(const std::string& hostname,
+ SecPolicyRef* policy);
+
+ // Creates a security policy for basic X.509 validation. If the policy is
+ // successfully created, it will be stored in |*policy| and ownership
+ // transferred to the caller.
+ static OSStatus CreateBasicX509Policy(SecPolicyRef* policy);
+
+ // Creates security policies to control revocation checking (OCSP and CRL).
+ // If |enable_revocation_checking| is false, the policies returned will be
+ // explicitly disabled from accessing the network or the cache. This may be
+ // used to override system settings regarding revocation checking.
+ // If the policies are successfully created, they will be appended to
+ // |policies|.
+ static OSStatus CreateRevocationPolicies(bool enable_revocation_checking,
+ CFMutableArrayRef policies);
// Adds all available SSL client identity certs to the given vector.
// |server_domain| is a hint for which domain the cert is to be sent to
// (a cert previously specified as the default for that domain will be given
// precedence and returned first in the output vector.)
- // If valid_issuers is non-empty, only certs that were transitively issued by
- // one of the given names will be included in the list.
+ // If valid_issuers is non-empty, only certs that were transitively issued
+ // by one of the given names will be included in the list.
static bool GetSSLClientCertificates(
const std::string& server_domain,
const std::vector<CertPrincipal>& valid_issuers,
« no previous file with comments | « chrome/browser/ui/cocoa/certificate_viewer.mm ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698