Index: net/http/transport_security_state.h |
diff --git a/net/http/transport_security_state.h b/net/http/transport_security_state.h |
index 441e576c5b65d2a0bbf703fc5b924066452a0b87..3822506d5e6ad21c4d147767f55a87b914d1c16c 100644 |
--- a/net/http/transport_security_state.h |
+++ b/net/http/transport_security_state.h |
@@ -22,6 +22,8 @@ |
class GURL; |
+class GURL; |
+ |
namespace net { |
class SSLInfo; |
@@ -185,8 +187,10 @@ class NET_EXPORT TransportSecurityState |
// given |hostname|, which was found to violate the pins in |
// |pkp_state|. Returns true if the report should be sent, with the |
// report URI in |report_uri| and the serialized report in |
- // |serialized_report|, and false otherwise. Allows embedders to |
- // override the report uri and/or format for some pins. |
+ // |serialized_report|, and false otherwise. Allows the reporter to |
+ // override the reporting state in some cases (for example, if |
+ // reports should always be sent for certain hostnames regardless of |
+ // the HPKP state). |
// |
// Additional information to be included in the report (beyond |
// fields in |pkp_state|): |
@@ -213,6 +217,10 @@ class NET_EXPORT TransportSecurityState |
virtual ~Reporter() {} |
}; |
+ // Indicates whether or not a public key pin check should send a |
+ // report if a violation is detected. |
+ enum PublicKeyPinReportStatus { ENABLE_PIN_REPORTS, DISABLE_PIN_REPORTS }; |
+ |
TransportSecurityState(); |
~TransportSecurityState(); |
@@ -225,6 +233,10 @@ class NET_EXPORT TransportSecurityState |
bool CheckPublicKeyPins(const std::string& host, |
bool is_issued_by_known_root, |
const HashValueVector& hashes, |
+ uint16_t port, |
+ const X509Certificate* served_certificate_chain, |
+ const X509Certificate* validated_certificate_chain, |
+ const PublicKeyPinReportStatus report_status, |
std::string* failure_log); |
bool HasPublicKeyPins(const std::string& host); |
@@ -351,9 +363,14 @@ class NET_EXPORT TransportSecurityState |
static bool IsBuildTimely(); |
// Helper method for actually checking pins. |
- bool CheckPublicKeyPinsImpl(const std::string& host, |
- const HashValueVector& hashes, |
- std::string* failure_log); |
+ bool CheckPublicKeyPinsImpl( |
+ const std::string& host, |
+ const HashValueVector& hashes, |
+ uint16_t port, |
+ const X509Certificate* served_certificate_chain, |
+ const X509Certificate* validated_certificate_chain, |
+ const PublicKeyPinReportStatus report_status, |
+ std::string* failure_log); |
// If a Delegate is present, notify it that the internal state has |
// changed. |