| Index: net/cert/cert_verifier.h
|
| diff --git a/net/cert/cert_verifier.h b/net/cert/cert_verifier.h
|
| index 743c8350b271e414babcef1171557833b3d0f1b6..71a347854272cf537f2e6bc4104d4fdf83556cce 100644
|
| --- a/net/cert/cert_verifier.h
|
| +++ b/net/cert/cert_verifier.h
|
| @@ -81,6 +81,8 @@ class NET_EXPORT CertVerifier {
|
| // |verify_result->cert_status|, and the error code for the most serious
|
| // error is returned.
|
| //
|
| + // |ocsp_response|, if non-empty, is a stapled OCSP response to use.
|
| + //
|
| // |flags| is bitwise OR'd of VerifyFlags.
|
| // If VERIFY_REV_CHECKING_ENABLED is set in |flags|, certificate revocation
|
| // checking is performed.
|
| @@ -103,6 +105,7 @@ class NET_EXPORT CertVerifier {
|
| // TODO(rsleevi): Move CRLSet* out of the CertVerifier signature.
|
| virtual int Verify(X509Certificate* cert,
|
| const std::string& hostname,
|
| + const std::string& ocsp_response,
|
| int flags,
|
| CRLSet* crl_set,
|
| CertVerifyResult* verify_result,
|
| @@ -114,6 +117,9 @@ class NET_EXPORT CertVerifier {
|
| // After a request is canceled, its completion callback will not be called.
|
| virtual void CancelRequest(RequestHandle req) = 0;
|
|
|
| + // Returns true if this CertVerifier supports stapled OCSP responses.
|
| + virtual bool SupportsOCSPStapling();
|
| +
|
| // Creates a CertVerifier implementation that verifies certificates using
|
| // the preferred underlying cryptographic libraries.
|
| static CertVerifier* CreateDefault();
|
|
|
Chromium Code Reviews
Issue 1081913003:
Route OCSP stapling through CertVerifier. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@boringnss