net/base/net_error_list.h - Issue 1074193003: Verify alternative server certificate validity for origin.

Side by Side Diff: net/base/net_error_list.h

Issue 1074193003: Verify alternative server certificate validity for origin. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Verify certificate validity. Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // This file intentionally does not have header guards, it's included	5 // This file intentionally does not have header guards, it's included

6 // inside a macro to generate enum values.	6 // inside a macro to generate enum values.

7	7

8 // This file contains the list of network errors.	8 // This file contains the list of network errors.

9	9

10 //	10 //

(...skipping 431 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
442 // The server responded with a certificate that contains a weak key (e.g.	442 // The server responded with a certificate that contains a weak key (e.g.

443 // a too-small RSA key).	443 // a too-small RSA key).

444 NET_ERROR(CERT_WEAK_KEY, -211)	444 NET_ERROR(CERT_WEAK_KEY, -211)

445	445

446 // The certificate claimed DNS names that are in violation of name constraints.	446 // The certificate claimed DNS names that are in violation of name constraints.

447 NET_ERROR(CERT_NAME_CONSTRAINT_VIOLATION, -212)	447 NET_ERROR(CERT_NAME_CONSTRAINT_VIOLATION, -212)

448	448

449 // The certificate's validity period is too long.	449 // The certificate's validity period is too long.

450 NET_ERROR(CERT_VALIDITY_TOO_LONG, -213)	450 NET_ERROR(CERT_VALIDITY_TOO_LONG, -213)

451	451

	452 // The certificate offered by the alternative server is not valid for the

	453 // origin, a violation of HTTP Alternative Services specification Section 2.1,

	454 // https://tools.ietf.org/id/draft-ietf-httpbis-alt-svc-06.html#host_auth.

	455 NET_ERROR(ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN, -214)
	Ryan Hamilton 2015/04/10 18:37:36 Great error name and comment! Great error name and comment!
	456

452 // Add new certificate error codes here.	457 // Add new certificate error codes here.

453 //	458 //

454 // Update the value of CERT_END whenever you add a new certificate error	459 // Update the value of CERT_END whenever you add a new certificate error

455 // code.	460 // code.

456	461

457 // The value immediately past the last certificate error code.	462 // The value immediately past the last certificate error code.

458 NET_ERROR(CERT_END, -214)	463 NET_ERROR(CERT_END, -215)
	Ryan Hamilton 2015/04/10 18:37:36 We'll have to look very carefully about code that We'll have to look very carefully about code that makes use of IsCertificateError() to be sure your new error is treated accordingly. Or perhaps it'll be best to put it in a different place. In some sense, it's not a "Certificate Error" so much as it is an "Alternate Service Error (because of certs)". I recommend moving, so we don't have to reason about this. Bence 2015/04/10 19:55:16 Done. Done.
459	464

460 // The URL is invalid.	465 // The URL is invalid.

461 NET_ERROR(INVALID_URL, -300)	466 NET_ERROR(INVALID_URL, -300)

462	467

463 // The scheme of the URL is disallowed.	468 // The scheme of the URL is disallowed.

464 NET_ERROR(DISALLOWED_URL_SCHEME, -301)	469 NET_ERROR(DISALLOWED_URL_SCHEME, -301)

465	470

466 // The scheme of the URL is unknown.	471 // The scheme of the URL is unknown.

467 NET_ERROR(UNKNOWN_URL_SCHEME, -302)	472 NET_ERROR(UNKNOWN_URL_SCHEME, -302)

468	473

(...skipping 318 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
787 NET_ERROR(DNS_TIMED_OUT, -803)	792 NET_ERROR(DNS_TIMED_OUT, -803)

788	793

789 // The entry was not found in cache, for cache-only lookups.	794 // The entry was not found in cache, for cache-only lookups.

790 NET_ERROR(DNS_CACHE_MISS, -804)	795 NET_ERROR(DNS_CACHE_MISS, -804)

791	796

792 // Suffix search list rules prevent resolution of the given host name.	797 // Suffix search list rules prevent resolution of the given host name.

793 NET_ERROR(DNS_SEARCH_EMPTY, -805)	798 NET_ERROR(DNS_SEARCH_EMPTY, -805)

794	799

795 // Failed to sort addresses according to RFC3484.	800 // Failed to sort addresses according to RFC3484.

796 NET_ERROR(DNS_SORT_ERROR, -806)	801 NET_ERROR(DNS_SORT_ERROR, -806)

OLD	NEW

« no previous file with comments | « no previous file | net/http/http_network_transaction_unittest.cc » ('j') | net/http/http_stream_factory_impl.cc » ('J')