Certificate Transparency: Per-profile CT verification

chrome/browser/io_thread.h

Index: chrome/browser/io_thread.h
diff --git a/chrome/browser/io_thread.h b/chrome/browser/io_thread.h
index f57bc395a0eb16e6b0e6966ac96c5461a152ea8d..bdfb9cfd8445cacb00b71080bc8d394b58a928e6 100644
--- a/chrome/browser/io_thread.h
+++ b/chrome/browser/io_thread.h
@@ -24,6 +24,7 @@
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/browser_thread_delegate.h"
 #include "net/base/network_change_notifier.h"
+#include "net/cert/ct_verifier.h"

[mmenke, 2015/11/17 17:38:32]

Why can't this still be forward declared?

[Eran Messeri, 2015/11/18 14:16:22]

Done - it can.

 #include "net/http/http_network_session.h"
 #include "net/socket/next_proto.h"
 
@@ -57,7 +58,7 @@ class CertPolicyEnforcer;
 class CertVerifier;
 class ChannelIDService;
 class CookieStore;
-class CTVerifier;
+class CTLogVerifier;
 class FtpTransactionFactory;
 class HostMappingRules;
 class HostResolver;
@@ -142,6 +143,7 @@ class IOThread : public content::BrowserThreadDelegate {
     // used to enforce pinning for system requests and will only use built-in
     // pins.
     scoped_ptr<net::TransportSecurityState> transport_security_state;
+    std::vector<scoped_refptr<net::CTLogVerifier>> ct_logs;
     scoped_ptr<net::CTVerifier> cert_transparency_verifier;
     scoped_ptr<net::CertPolicyEnforcer> cert_policy_enforcer;
     scoped_refptr<net::SSLConfigService> ssl_config_service;