OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H__ | 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H__ |
6 #define NET_BASE_SSL_CONFIG_SERVICE_H__ | 6 #define NET_BASE_SSL_CONFIG_SERVICE_H__ |
7 | 7 |
8 #include <set> | 8 #include <set> |
9 | 9 |
10 #include "base/time.h" | 10 #include "base/time.h" |
11 #include "net/base/x509_certificate.h" | 11 #include "net/base/x509_certificate.h" |
12 | 12 |
13 namespace net { | 13 namespace net { |
14 | 14 |
15 // A collection of SSL-related configuration settings. | 15 // A collection of SSL-related configuration settings. |
16 struct SSLConfig { | 16 struct SSLConfig { |
17 // Default to no revocation checking. | 17 // Default to no revocation checking. |
18 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. | 18 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. |
19 SSLConfig() | 19 SSLConfig() |
20 : rev_checking_enabled(false), ssl2_enabled(false), | 20 : rev_checking_enabled(false), ssl2_enabled(false), |
21 ssl3_enabled(true), tls1_enabled(true) { | 21 ssl3_enabled(true), tls1_enabled(true), send_client_cert(false) { |
22 } | 22 } |
23 | 23 |
24 bool rev_checking_enabled; // True if server certificate revocation | 24 bool rev_checking_enabled; // True if server certificate revocation |
25 // checking is enabled. | 25 // checking is enabled. |
26 bool ssl2_enabled; // True if SSL 2.0 is enabled. | 26 bool ssl2_enabled; // True if SSL 2.0 is enabled. |
27 bool ssl3_enabled; // True if SSL 3.0 is enabled. | 27 bool ssl3_enabled; // True if SSL 3.0 is enabled. |
28 bool tls1_enabled; // True if TLS 1.0 is enabled. | 28 bool tls1_enabled; // True if TLS 1.0 is enabled. |
29 | 29 |
| 30 // TODO(wtc): move the following members to a new SSLParams structure. They |
| 31 // are not SSL configuration settings. |
| 32 |
30 // Add any known-bad SSL certificates to allowed_bad_certs_ that should not | 33 // Add any known-bad SSL certificates to allowed_bad_certs_ that should not |
31 // trigger an ERR_CERT_*_INVALID error when calling SSLClientSocket::Connect. | 34 // trigger an ERR_CERT_*_INVALID error when calling SSLClientSocket::Connect. |
32 // This would normally be done in response to the user explicitly accepting | 35 // This would normally be done in response to the user explicitly accepting |
33 // the bad certificate. | 36 // the bad certificate. |
34 std::set<scoped_refptr<X509Certificate> > allowed_bad_certs_; | 37 std::set<scoped_refptr<X509Certificate> > allowed_bad_certs_; |
| 38 |
| 39 // True if we should send client_cert to the server. |
| 40 bool send_client_cert; |
| 41 |
| 42 scoped_refptr<X509Certificate> client_cert; |
35 }; | 43 }; |
36 | 44 |
37 // This class is responsible for getting and setting the SSL configuration. | 45 // This class is responsible for getting and setting the SSL configuration. |
38 // | 46 // |
39 // We think the SSL configuration settings should apply to all applications | 47 // We think the SSL configuration settings should apply to all applications |
40 // used by the user. We consider IE's Internet Options as the de facto | 48 // used by the user. We consider IE's Internet Options as the de facto |
41 // system-wide network configuration settings, so we just use the values | 49 // system-wide network configuration settings, so we just use the values |
42 // from IE's Internet Settings registry key. | 50 // from IE's Internet Settings registry key. |
43 class SSLConfigService { | 51 class SSLConfigService { |
44 public: | 52 public: |
(...skipping 26 matching lines...) Expand all Loading... |
71 // We store the IE SSL config and the time that we fetched it. | 79 // We store the IE SSL config and the time that we fetched it. |
72 SSLConfig config_info_; | 80 SSLConfig config_info_; |
73 base::TimeTicks config_time_; | 81 base::TimeTicks config_time_; |
74 | 82 |
75 DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService); | 83 DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService); |
76 }; | 84 }; |
77 | 85 |
78 } // namespace net | 86 } // namespace net |
79 | 87 |
80 #endif // NET_BASE_SSL_CONFIG_SERVICE_H__ | 88 #endif // NET_BASE_SSL_CONFIG_SERVICE_H__ |
OLD | NEW |