OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/ssl_config_service.h" | 5 #include "net/base/ssl_config_service.h" |
6 | 6 |
7 #include "net/base/ssl_config_service_defaults.h" | 7 #include "net/base/ssl_config_service_defaults.h" |
8 #include "net/base/ssl_false_start_blacklist.h" | 8 #include "net/base/ssl_false_start_blacklist.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
11 | 11 |
12 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} | 12 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} |
13 | 13 |
14 SSLConfig::CertAndStatus::~CertAndStatus() {} | 14 SSLConfig::CertAndStatus::~CertAndStatus() {} |
15 | 15 |
16 SSLConfig::SSLConfig() | 16 SSLConfig::SSLConfig() |
17 : rev_checking_enabled(true), ssl3_enabled(true), | 17 : rev_checking_enabled(true), ssl3_enabled(true), |
18 tls1_enabled(true), | 18 tls1_enabled(true), |
19 dns_cert_provenance_checking_enabled(false), cached_info_enabled(false), | 19 dns_cert_provenance_checking_enabled(false), cached_info_enabled(false), |
20 false_start_enabled(true), | 20 false_start_enabled(true), |
21 send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) { | 21 send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) { |
22 } | 22 } |
23 | 23 |
24 SSLConfig::~SSLConfig() { | 24 SSLConfig::~SSLConfig() { |
25 } | 25 } |
26 | 26 |
27 bool SSLConfig::IsAllowedBadCert(X509Certificate* cert, | 27 bool SSLConfig::IsAllowedBadCert(X509Certificate* cert, |
28 int* cert_status) const { | 28 int* cert_status) const { |
| 29 std::string der_cert; |
| 30 if (!cert->GetDEREncoded(&der_cert)) |
| 31 return false; |
| 32 return IsAllowedBadCert(der_cert, cert_status); |
| 33 } |
| 34 |
| 35 bool SSLConfig::IsAllowedBadCert(const base::StringPiece& der_cert, |
| 36 int* cert_status) const { |
29 for (size_t i = 0; i < allowed_bad_certs.size(); ++i) { | 37 for (size_t i = 0; i < allowed_bad_certs.size(); ++i) { |
30 if (cert->Equals(allowed_bad_certs[i].cert)) { | 38 if (der_cert == allowed_bad_certs[i].der_cert) { |
31 if (cert_status) | 39 if (cert_status) |
32 *cert_status = allowed_bad_certs[i].cert_status; | 40 *cert_status = allowed_bad_certs[i].cert_status; |
33 return true; | 41 return true; |
34 } | 42 } |
35 } | 43 } |
36 return false; | 44 return false; |
37 } | 45 } |
38 | 46 |
39 SSLConfigService::SSLConfigService() | 47 SSLConfigService::SSLConfigService() |
40 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { | 48 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
112 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { | 120 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { |
113 if (!service) | 121 if (!service) |
114 return false; | 122 return false; |
115 | 123 |
116 SSLConfig ssl_config; | 124 SSLConfig ssl_config; |
117 service->GetSSLConfig(&ssl_config); | 125 service->GetSSLConfig(&ssl_config); |
118 return ssl_config.tls1_enabled; | 126 return ssl_config.tls1_enabled; |
119 } | 127 } |
120 | 128 |
121 } // namespace net | 129 } // namespace net |
OLD | NEW |