| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/ssl_config_service.h" | 5 #include "net/base/ssl_config_service.h" |
| 6 | 6 |
| 7 #include "net/base/ssl_config_service_defaults.h" | 7 #include "net/base/ssl_config_service_defaults.h" |
| 8 #include "net/base/ssl_false_start_blacklist.h" | 8 #include "net/base/ssl_false_start_blacklist.h" |
| 9 | 9 |
| 10 namespace net { | 10 namespace net { |
| 11 | 11 |
| 12 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} | 12 SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {} |
| 13 | 13 |
| 14 SSLConfig::CertAndStatus::~CertAndStatus() {} | 14 SSLConfig::CertAndStatus::~CertAndStatus() {} |
| 15 | 15 |
| 16 SSLConfig::SSLConfig() | 16 SSLConfig::SSLConfig() |
| 17 : rev_checking_enabled(true), ssl3_enabled(true), | 17 : rev_checking_enabled(true), ssl3_enabled(true), |
| 18 tls1_enabled(true), | 18 tls1_enabled(true), |
| 19 dns_cert_provenance_checking_enabled(false), cached_info_enabled(false), | 19 dns_cert_provenance_checking_enabled(false), cached_info_enabled(false), |
| 20 false_start_enabled(true), | 20 false_start_enabled(true), |
| 21 send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) { | 21 send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) { |
| 22 } | 22 } |
| 23 | 23 |
| 24 SSLConfig::~SSLConfig() { | 24 SSLConfig::~SSLConfig() { |
| 25 } | 25 } |
| 26 | 26 |
| 27 bool SSLConfig::IsAllowedBadCert(X509Certificate* cert, | 27 bool SSLConfig::IsAllowedBadCert(X509Certificate* cert, |
| 28 int* cert_status) const { | 28 int* cert_status) const { |
| 29 std::string cert_der; |
| 30 if (!cert->GetDEREncoded(&cert_der)) |
| 31 return false; |
| 32 return IsAllowedBadCert(cert_der, cert_status); |
| 33 } |
| 34 |
| 35 bool SSLConfig::IsAllowedBadCert(const std::string& cert_der, |
| 36 int* cert_status) const { |
| 29 for (size_t i = 0; i < allowed_bad_certs.size(); ++i) { | 37 for (size_t i = 0; i < allowed_bad_certs.size(); ++i) { |
| 30 if (cert->Equals(allowed_bad_certs[i].cert)) { | 38 if (cert_der == allowed_bad_certs[i].cert_der) { |
| 31 if (cert_status) | 39 if (cert_status) |
| 32 *cert_status = allowed_bad_certs[i].cert_status; | 40 *cert_status = allowed_bad_certs[i].cert_status; |
| 33 return true; | 41 return true; |
| 34 } | 42 } |
| 35 } | 43 } |
| 36 return false; | 44 return false; |
| 37 } | 45 } |
| 38 | 46 |
| 39 SSLConfigService::SSLConfigService() | 47 SSLConfigService::SSLConfigService() |
| 40 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { | 48 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 112 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { | 120 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { |
| 113 if (!service) | 121 if (!service) |
| 114 return false; | 122 return false; |
| 115 | 123 |
| 116 SSLConfig ssl_config; | 124 SSLConfig ssl_config; |
| 117 service->GetSSLConfig(&ssl_config); | 125 service->GetSSLConfig(&ssl_config); |
| 118 return ssl_config.tls1_enabled; | 126 return ssl_config.tls1_enabled; |
| 119 } | 127 } |
| 120 | 128 |
| 121 } // namespace net | 129 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7401003:
Don't use X509Certificate in SSLConfig. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src