Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(334)

Side by Side Diff: net/base/transport_security_state.h

Issue 8302019: Recommit fraudulent certificate reporting infrastructure. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/chrome_tests.gypi ('k') | net/base/transport_security_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_ 5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_
6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_ 6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <map> 9 #include <map>
10 #include <string> 10 #include <string>
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after
106 bool sni_available); 106 bool sni_available);
107 107
108 // Returns true if |host| has any HSTS metadata, in the context of 108 // Returns true if |host| has any HSTS metadata, in the context of
109 // |sni_available|. (This include cert-pin-only metadata). 109 // |sni_available|. (This include cert-pin-only metadata).
110 // In that case, *result is filled out. 110 // In that case, *result is filled out.
111 // Note that *result is always overwritten on every call. 111 // Note that *result is always overwritten on every call.
112 bool HasMetadata(DomainState* result, 112 bool HasMetadata(DomainState* result,
113 const std::string& host, 113 const std::string& host,
114 bool sni_available); 114 bool sni_available);
115 115
116 // Returns true if we have a preloaded certificate pin for the |host| and if
117 // its set of required certificates is the set we expect for Google
118 // properties. If |sni_available| is true, searches the preloads defined for
119 // SNI-using hosts as well as the usual preload list.
120 //
121 // Note that like HasMetadata, if |host| matches both an exact entry and is a
122 // subdomain of another entry, the exact match determines the return value.
123 //
124 // This function is used by ChromeFraudulentCertificateReporter to determine
125 // whether or not we can automatically post fraudulent certificate reports to
126 // Google; we only do so automatically in cases when the user was trying to
127 // connect to Google in the first place.
128 static bool IsGooglePinnedProperty(const std::string& host,
129 bool sni_available);
130
116 // Deletes all records created since a given time. 131 // Deletes all records created since a given time.
117 void DeleteSince(const base::Time& time); 132 void DeleteSince(const base::Time& time);
118 133
119 // Returns |true| if |value| parses as a valid *-Transport-Security 134 // Returns |true| if |value| parses as a valid *-Transport-Security
120 // header value. The values of max-age and and includeSubDomains are 135 // header value. The values of max-age and and includeSubDomains are
121 // returned in |max_age| and |include_subdomains|, respectively. The out 136 // returned in |max_age| and |include_subdomains|, respectively. The out
122 // parameters are not modified if the function returns |false|. 137 // parameters are not modified if the function returns |false|.
123 static bool ParseHeader(const std::string& value, 138 static bool ParseHeader(const std::string& value,
124 int* max_age, 139 int* max_age,
125 bool* include_subdomains); 140 bool* include_subdomains);
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 182
168 // Our delegate who gets notified when we are dirtied, or NULL. 183 // Our delegate who gets notified when we are dirtied, or NULL.
169 Delegate* delegate_; 184 Delegate* delegate_;
170 185
171 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 186 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
172 }; 187 };
173 188
174 } // namespace net 189 } // namespace net
175 190
176 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_ 191 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_
OLDNEW
« no previous file with comments | « chrome/chrome_tests.gypi ('k') | net/base/transport_security_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698