net/base/cert_verifier.h - Issue 10855168: Rename X509Certificate::VerifyFlags to CertVerifier::VerifyFlags

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/cert_verifier.h

Issue 10855168: Rename X509Certificate::VerifyFlags to CertVerifier::VerifyFlags (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: One missed mac define Created 8 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/cert_verifier.h

diff --git a/net/base/cert_verifier.h b/net/base/cert_verifier.h

index de8b9b52cc8d3a2d4c813c88c03986574cbc7f88..29d5ecd29389114d5bdf9c54ce899b5c5d3e8043 100644

--- a/net/base/cert_verifier.h

+++ b/net/base/cert_verifier.h

@@ -29,6 +29,34 @@ class NET_EXPORT CertVerifier {

// Opaque pointer type used to cancel outstanding requests.

typedef void* RequestHandle;

+ enum VerifyFlags {

+ // If set, enables online revocation checking via CRLs and OCSP for the

+ // certificate chain.

+ VERIFY_REV_CHECKING_ENABLED = 1 << 0,

+ // If set, and the certificate being verified may be an EV certificate,

+ // attempt to verify the certificate according to the EV processing

+ // guidelines. In order to successfully verify a certificate as EV,

+ // either an online or offline revocation check must be successfully

+ // completed. To ensure it's possible to complete a revocation check,

+ // callers should also specify either VERIFY_REV_CHECKING_ENABLED or

+ // VERIFY_REV_CHECKING_ENABLED_EV_ONLY (to enable online checks), and

+ // VERIFY_CERT_IO_ENABLED (to enable network fetches for online checks).

+ VERIFY_EV_CERT = 1 << 1,

+ // If set, permits NSS to use the network when verifying certificates,

+ // such as to fetch missing intermediates or to check OCSP or CRLs.

+ // TODO(rsleevi): http://crbug.com/143300 - Define this flag for all

+ // verification engines with well-defined semantics, rather than being

+ // NSS only.

+ VERIFY_CERT_IO_ENABLED = 1 << 2,

+ // If set, enables online revocation checking via CRLs or OCSP, but only

+ // for certificates which may be EV, and only when VERIFY_EV_CERT is also

+ // set.

+ VERIFY_REV_CHECKING_ENABLED_EV_ONLY = 1 << 3,

+ };

// When the verifier is destroyed, all certificate verification requests are

// canceled, and their completion callbacks will not be called.

virtual ~CertVerifier() {}

@@ -42,7 +70,7 @@ class NET_EXPORT CertVerifier {

// |verify_result->cert_status|, and the error code for the most serious

// error is returned.

- // |flags| is bitwise OR'd of X509Certificate::VerifyFlags.

+ // |flags| is bitwise OR'd of VerifyFlags.

// If VERIFY_REV_CHECKING_ENABLED is set in |flags|, certificate revocation

// checking is performed.

« no previous file with comments | « no previous file | net/base/cert_verify_proc.cc » ('j') | no next file with comments »