OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <map> | 9 #include <map> |
10 #include <string> | 10 #include <string> |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
106 bool sni_available); | 106 bool sni_available); |
107 | 107 |
108 // Returns true if |host| has any HSTS metadata, in the context of | 108 // Returns true if |host| has any HSTS metadata, in the context of |
109 // |sni_available|. (This include cert-pin-only metadata). | 109 // |sni_available|. (This include cert-pin-only metadata). |
110 // In that case, *result is filled out. | 110 // In that case, *result is filled out. |
111 // Note that *result is always overwritten on every call. | 111 // Note that *result is always overwritten on every call. |
112 bool HasMetadata(DomainState* result, | 112 bool HasMetadata(DomainState* result, |
113 const std::string& host, | 113 const std::string& host, |
114 bool sni_available); | 114 bool sni_available); |
115 | 115 |
| 116 // Returns true if we have a preloaded certificate pin for the |host| and if |
| 117 // its set of required certificates is the set we expect for Google |
| 118 // properties. If |sni_available| is true, searches the preloads defined for |
| 119 // SNI-using hosts as well as the usual preload list. |
| 120 // |
| 121 // Note that like HasMetadata, if |host| matches both an exact entry and is a |
| 122 // subdomain of another entry, the exact match determines the return value. |
| 123 // |
| 124 // This function is used by ChromeFraudulentCertificateReporter to determine |
| 125 // whether or not we can automatically post fraudulent certificate reports to |
| 126 // Google; we only do so automatically in cases when the user was trying to |
| 127 // connect to Google in the first place. |
| 128 static bool IsGooglePinnedProperty(const std::string& host, |
| 129 bool sni_available); |
| 130 |
116 // Deletes all records created since a given time. | 131 // Deletes all records created since a given time. |
117 void DeleteSince(const base::Time& time); | 132 void DeleteSince(const base::Time& time); |
118 | 133 |
119 // Returns |true| if |value| parses as a valid *-Transport-Security | 134 // Returns |true| if |value| parses as a valid *-Transport-Security |
120 // header value. The values of max-age and and includeSubDomains are | 135 // header value. The values of max-age and and includeSubDomains are |
121 // returned in |max_age| and |include_subdomains|, respectively. The out | 136 // returned in |max_age| and |include_subdomains|, respectively. The out |
122 // parameters are not modified if the function returns |false|. | 137 // parameters are not modified if the function returns |false|. |
123 static bool ParseHeader(const std::string& value, | 138 static bool ParseHeader(const std::string& value, |
124 int* max_age, | 139 int* max_age, |
125 bool* include_subdomains); | 140 bool* include_subdomains); |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
167 | 182 |
168 // Our delegate who gets notified when we are dirtied, or NULL. | 183 // Our delegate who gets notified when we are dirtied, or NULL. |
169 Delegate* delegate_; | 184 Delegate* delegate_; |
170 | 185 |
171 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 186 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
172 }; | 187 }; |
173 | 188 |
174 } // namespace net | 189 } // namespace net |
175 | 190 |
176 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_ | 191 #endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |