| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/io_thread.h" | 5 #include "chrome/browser/io_thread.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 587 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 598 net::CertVerifyProc::CreateDefault())); | 598 net::CertVerifyProc::CreateDefault())); |
| 599 #endif | 599 #endif |
| 600 | 600 |
| 601 globals_->transport_security_state.reset(new net::TransportSecurityState()); | 601 globals_->transport_security_state.reset(new net::TransportSecurityState()); |
| 602 #if !defined(USE_OPENSSL) | 602 #if !defined(USE_OPENSSL) |
| 603 // For now, Certificate Transparency is only implemented for platforms | 603 // For now, Certificate Transparency is only implemented for platforms |
| 604 // that use NSS. | 604 // that use NSS. |
| 605 net::MultiLogCTVerifier* ct_verifier = new net::MultiLogCTVerifier(); | 605 net::MultiLogCTVerifier* ct_verifier = new net::MultiLogCTVerifier(); |
| 606 globals_->cert_transparency_verifier.reset(ct_verifier); | 606 globals_->cert_transparency_verifier.reset(ct_verifier); |
| 607 | 607 |
| 608 if (command_line.HasSwitch(switches::kRequireCTForEV)) { |
| 609 ct_verifier->SetEnforceCTEVPolicy(true); |
| 610 } |
| 611 |
| 608 // Add built-in logs | 612 // Add built-in logs |
| 609 ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); | 613 ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); |
| 610 | 614 |
| 611 // Add logs from command line | 615 // Add logs from command line |
| 612 if (command_line.HasSwitch(switches::kCertificateTransparencyLog)) { | 616 if (command_line.HasSwitch(switches::kCertificateTransparencyLog)) { |
| 613 std::string switch_value = command_line.GetSwitchValueASCII( | 617 std::string switch_value = command_line.GetSwitchValueASCII( |
| 614 switches::kCertificateTransparencyLog); | 618 switches::kCertificateTransparencyLog); |
| 615 std::vector<std::string> logs; | 619 std::vector<std::string> logs; |
| 616 base::SplitString(switch_value, ',', &logs); | 620 base::SplitString(switch_value, ',', &logs); |
| 617 for (std::vector<std::string>::iterator it = logs.begin(); it != logs.end(); | 621 for (std::vector<std::string>::iterator it = logs.begin(); it != logs.end(); |
| (...skipping 764 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1382 net::QuicVersionVector supported_versions = net::QuicSupportedVersions(); | 1386 net::QuicVersionVector supported_versions = net::QuicSupportedVersions(); |
| 1383 for (size_t i = 0; i < supported_versions.size(); ++i) { | 1387 for (size_t i = 0; i < supported_versions.size(); ++i) { |
| 1384 net::QuicVersion version = supported_versions[i]; | 1388 net::QuicVersion version = supported_versions[i]; |
| 1385 if (net::QuicVersionToString(version) == quic_version) { | 1389 if (net::QuicVersionToString(version) == quic_version) { |
| 1386 return version; | 1390 return version; |
| 1387 } | 1391 } |
| 1388 } | 1392 } |
| 1389 | 1393 |
| 1390 return net::QUIC_VERSION_UNSUPPORTED; | 1394 return net::QUIC_VERSION_UNSUPPORTED; |
| 1391 } | 1395 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 422063004:
Certificate Transparency: Require SCTs for EV certificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master