OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
186 | 186 |
187 // Clears all dynamic data (e.g. HSTS and HPKP data). | 187 // Clears all dynamic data (e.g. HSTS and HPKP data). |
188 // | 188 // |
189 // Does NOT persist changes using the Delegate, as this function is only | 189 // Does NOT persist changes using the Delegate, as this function is only |
190 // used to clear any dynamic data prior to re-loading it from a file. | 190 // used to clear any dynamic data prior to re-loading it from a file. |
191 // Note: This is only used for serializing/deserializing the | 191 // Note: This is only used for serializing/deserializing the |
192 // TransportSecurityState. | 192 // TransportSecurityState. |
193 void ClearDynamicData(); | 193 void ClearDynamicData(); |
194 | 194 |
195 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|. | 195 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|. |
196 // |hashed_host| is already in the internal representation | 196 // |hashed_host| is already in the internal representation. |
197 // HashHost(CanonicalizeHost(host)). | |
198 // Note: This is only used for serializing/deserializing the | 197 // Note: This is only used for serializing/deserializing the |
199 // TransportSecurityState. | 198 // TransportSecurityState. |
200 void AddOrUpdateEnabledHosts(const std::string& hashed_host, | 199 void AddOrUpdateEnabledHosts(const std::string& hashed_host, |
201 const DomainState& state); | 200 const DomainState& state); |
202 | 201 |
203 // Deletes all dynamic data (e.g. HSTS or HPKP data) created since a given | 202 // Deletes all dynamic data (e.g. HSTS or HPKP data) created since a given |
204 // time. | 203 // time. |
205 // | 204 // |
206 // If any entries are deleted, the new state will be persisted through | 205 // If any entries are deleted, the new state will be persisted through |
207 // the Delegate (if any). | 206 // the Delegate (if any). |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
312 const base::Time& expiry, | 311 const base::Time& expiry, |
313 bool include_subdomains, | 312 bool include_subdomains, |
314 const HashValueVector& hashes); | 313 const HashValueVector& hashes); |
315 | 314 |
316 // Enable TransportSecurity for |host|. |state| supercedes any previous | 315 // Enable TransportSecurity for |host|. |state| supercedes any previous |
317 // state for the |host|, including static entries. | 316 // state for the |host|, including static entries. |
318 // | 317 // |
319 // The new state for |host| is persisted using the Delegate (if any). | 318 // The new state for |host| is persisted using the Delegate (if any). |
320 void EnableHost(const std::string& host, const DomainState& state); | 319 void EnableHost(const std::string& host, const DomainState& state); |
321 | 320 |
322 // Converts |hostname| from dotted form ("www.google.com") to the form | |
323 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns | |
324 // the result. | |
325 static std::string CanonicalizeHost(const std::string& hostname); | |
326 | |
327 // The set of hosts that have enabled TransportSecurity. |sts.domain| and | 321 // The set of hosts that have enabled TransportSecurity. |sts.domain| and |
328 // |pkp.domain| will always be empty for a DomainState in this map; the domain | 322 // |pkp.domain| will always be empty for a DomainState in this map; the domain |
329 // comes from the map key instead. | 323 // comes from the map key instead. |
330 DomainStateMap enabled_hosts_; | 324 DomainStateMap enabled_hosts_; |
331 | 325 |
332 Delegate* delegate_; | 326 Delegate* delegate_; |
333 | 327 |
334 // True if static pins should be used. | 328 // True if static pins should be used. |
335 bool enable_static_pins_; | 329 bool enable_static_pins_; |
336 | 330 |
337 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 331 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
338 }; | 332 }; |
339 | 333 |
340 } // namespace net | 334 } // namespace net |
341 | 335 |
342 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 336 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |