Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(146)

Side by Side Diff: net/ssl/ssl_config.h

Issue 1131763002: Reject renegotiations in SSLClientSocket by default. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: NSS greediness... Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SSL_SSL_CONFIG_H_ 5 #ifndef NET_SSL_SSL_CONFIG_H_
6 #define NET_SSL_SSL_CONFIG_H_ 6 #define NET_SSL_SSL_CONFIG_H_
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/memory/ref_counted.h" 9 #include "base/memory/ref_counted.h"
10 #include "net/base/net_export.h" 10 #include "net/base/net_export.h"
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after
154 bool cert_io_enabled; 154 bool cert_io_enabled;
155 155
156 // The list of application level protocols supported. If set, this will 156 // The list of application level protocols supported. If set, this will
157 // enable Next Protocol Negotiation (if supported). The order of the 157 // enable Next Protocol Negotiation (if supported). The order of the
158 // protocols doesn't matter expect for one case: if the server supports Next 158 // protocols doesn't matter expect for one case: if the server supports Next
159 // Protocol Negotiation, but there is no overlap between the server's and 159 // Protocol Negotiation, but there is no overlap between the server's and
160 // client's protocol sets, then the first protocol in this list will be 160 // client's protocol sets, then the first protocol in this list will be
161 // requested by the client. 161 // requested by the client.
162 NextProtoVector next_protos; 162 NextProtoVector next_protos;
163 163
164 // True if renegotiation should be allowed for the default application-level
165 // protocol when the peer negotiates neither ALPN nor NPN.
166 bool renego_allowed_default;
167
168 // The list of application-level protocols to enable renegotiation for.
169 NextProtoVector renego_allowed_for_protos;
170
164 scoped_refptr<X509Certificate> client_cert; 171 scoped_refptr<X509Certificate> client_cert;
165 172
166 // Information about how to proceed with fastradio padding. 173 // Information about how to proceed with fastradio padding.
167 // |fastradio_padding_enabled| determines if the feature is enabled globally. 174 // |fastradio_padding_enabled| determines if the feature is enabled globally.
168 // |fastradio_padding_eligible| determines if the endpoint associated with 175 // |fastradio_padding_eligible| determines if the endpoint associated with
169 // this config should use it. 176 // this config should use it.
170 // |fastradio_padding_eligible| can be true when |fastradio_padding_enabled| 177 // |fastradio_padding_eligible| can be true when |fastradio_padding_enabled|
171 // is false: in this case, fastradio padding would not be enabled, but 178 // is false: in this case, fastradio padding would not be enabled, but
172 // metrics can be collected for experiments. 179 // metrics can be collected for experiments.
173 bool fastradio_padding_enabled; 180 bool fastradio_padding_enabled;
174 bool fastradio_padding_eligible; 181 bool fastradio_padding_eligible;
175 }; 182 };
176 183
177 } // namespace net 184 } // namespace net
178 185
179 #endif // NET_SSL_SSL_CONFIG_H_ 186 #endif // NET_SSL_SSL_CONFIG_H_
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698