Index: net/http/transport_security_state.h |
diff --git a/net/http/transport_security_state.h b/net/http/transport_security_state.h |
index 876f9881dff2d170cbbc3296dd8f2408bd5708b5..45c2320ebd5d2834ace8e07e1787eb70bd08b1e1 100644 |
--- a/net/http/transport_security_state.h |
+++ b/net/http/transport_security_state.h |
@@ -196,6 +196,13 @@ class NET_EXPORT TransportSecurityState |
const std::string& report) = 0; |
}; |
+ // Indicates whether or not a public key pin check should send a |
+ // report if a violation is detected. |
+ enum PublicKeyPinReportStatus { |
+ DO_NOT_SEND_PUBLIC_KEY_PIN_REPORT, |
+ SEND_PUBLIC_KEY_PIN_REPORT |
+ }; |
+ |
TransportSecurityState(); |
~TransportSecurityState(); |
@@ -204,10 +211,15 @@ class NET_EXPORT TransportSecurityState |
// interface; direct access to DomainStates is best left to tests. |
bool ShouldSSLErrorsBeFatal(const std::string& host); |
bool ShouldUpgradeToSSL(const std::string& host); |
- bool CheckPublicKeyPins(const std::string& host, |
- bool is_issued_by_known_root, |
- const HashValueVector& hashes, |
- std::string* failure_log); |
+ bool CheckPublicKeyPins( |
+ const std::string& host, |
+ bool is_issued_by_known_root, |
+ const HashValueVector& hashes, |
+ uint16_t port, |
+ const scoped_refptr<X509Certificate>& served_certificate_chain, |
+ const scoped_refptr<X509Certificate>& validated_certificate_chain, |
+ const PublicKeyPinReportStatus report_status, |
Ryan Sleevi
2015/06/26 20:22:19
same comments re: raw pointers being cool
estark
2015/07/09 22:18:41
Done.
|
+ std::string* failure_log); |
bool HasPublicKeyPins(const std::string& host); |
// Assign a |Delegate| for persisting the transport security state. If |
@@ -327,9 +339,14 @@ class NET_EXPORT TransportSecurityState |
static bool IsBuildTimely(); |
// Helper method for actually checking pins. |
- bool CheckPublicKeyPinsImpl(const std::string& host, |
- const HashValueVector& hashes, |
- std::string* failure_log); |
+ bool CheckPublicKeyPinsImpl( |
+ const std::string& host, |
+ const HashValueVector& hashes, |
+ uint16_t port, |
+ const scoped_refptr<X509Certificate>& served_certificate_chain, |
+ const scoped_refptr<X509Certificate>& validated_certificate_chain, |
+ const PublicKeyPinReportStatus report_status, |
Ryan Sleevi
2015/06/26 20:22:19
ditto
estark
2015/07/09 22:18:41
Done.
|
+ std::string* failure_log); |
// If a Delegate is present, notify it that the internal state has |
// changed. |