Chromium Code Reviews Chromium Code Reviews
Issue 2016143002:
Expose when PKP is bypassed in SSLInfo. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SSL_SSL_INFO_H_ | 5 #ifndef NET_SSL_SSL_INFO_H_ |
| 6 #define NET_SSL_SSL_INFO_H_ | 6 #define NET_SSL_SSL_INFO_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 87 | 87 |
| 88 // Information about the SSL connection itself. See | 88 // Information about the SSL connection itself. See |
| 89 // ssl_connection_status_flags.h for values. The protocol version, | 89 // ssl_connection_status_flags.h for values. The protocol version, |
| 90 // ciphersuite, and compression in use are encoded within. | 90 // ciphersuite, and compression in use are encoded within. |
| 91 int connection_status; | 91 int connection_status; |
| 92 | 92 |
| 93 // If the certificate is valid, then this is true iff it was rooted at a | 93 // If the certificate is valid, then this is true iff it was rooted at a |
| 94 // standard CA root. (As opposed to a user-installed root.) | 94 // standard CA root. (As opposed to a user-installed root.) |
| 95 bool is_issued_by_known_root; | 95 bool is_issued_by_known_root; |
| 96 | 96 |
| 97 // True if pinning was bypassed on this connection. | |
| 98 bool pkp_bypassed; | |
|
Ryan Sleevi
2016/06/09 19:17:32
Totally OK with this here, FWIW
| |
| 99 | |
| 97 // True if a client certificate was sent to the server. Note that sending | 100 // True if a client certificate was sent to the server. Note that sending |
| 98 // a Certificate message with no client certificate in it does not count. | 101 // a Certificate message with no client certificate in it does not count. |
| 99 bool client_cert_sent; | 102 bool client_cert_sent; |
| 100 | 103 |
| 101 // True if a channel ID was sent to the server. | 104 // True if a channel ID was sent to the server. |
| 102 bool channel_id_sent; | 105 bool channel_id_sent; |
| 103 | 106 |
| 104 // True if Token Binding was negotiated with the server and we agreed on a | 107 // True if Token Binding was negotiated with the server and we agreed on a |
| 105 // version and key params. | 108 // version and key params. |
| 106 bool token_binding_negotiated; | 109 bool token_binding_negotiated; |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 139 | 142 |
| 140 // Whether the connection complied with the CT cert policy, and if | 143 // Whether the connection complied with the CT cert policy, and if |
| 141 // not, why not. Only meaningful it |ct_compliance_details_available| | 144 // not, why not. Only meaningful it |ct_compliance_details_available| |
| 142 // is true. | 145 // is true. |
| 143 ct::CertPolicyCompliance ct_cert_policy_compliance; | 146 ct::CertPolicyCompliance ct_cert_policy_compliance; |
| 144 }; | 147 }; |
| 145 | 148 |
| 146 } // namespace net | 149 } // namespace net |
| 147 | 150 |
| 148 #endif // NET_SSL_SSL_INFO_H_ | 151 #endif // NET_SSL_SSL_INFO_H_ |
| OLD | NEW |
