Index: net/cert/multi_log_ct_verifier.h |
diff --git a/net/cert/multi_log_ct_verifier.h b/net/cert/multi_log_ct_verifier.h |
index 29fbdca647b421d03e6e8ac873e570c5eb0cbeff..370f51f719ed8a0ecc28d3e322ef14e7a5eb9c72 100644 |
--- a/net/cert/multi_log_ct_verifier.h |
+++ b/net/cert/multi_log_ct_verifier.h |
@@ -36,6 +36,8 @@ class NET_EXPORT MultiLogCTVerifier : public CTVerifier { |
void AddLog(scoped_ptr<CTLogVerifier> log_verifier); |
void AddLogs(ScopedVector<CTLogVerifier> log_verifiers); |
+ void SetEnforceCTEVPolicy(bool enforce_policy); |
+ |
// CTVerifier implementation: |
virtual int Verify(X509Certificate* cert, |
const std::string& stapled_ocsp_response, |
@@ -43,6 +45,10 @@ class NET_EXPORT MultiLogCTVerifier : public CTVerifier { |
ct::CTVerifyResult* result, |
const BoundNetLog& net_log) OVERRIDE; |
+ virtual bool DoesConformToCTEVPolicy( |
+ X509Certificate* cert, |
+ const ct::CTVerifyResult& ct_result) OVERRIDE; |
Ryan Sleevi
2014/08/05 22:19:10
I see nothing that requires this to hang off the C
Eran Messeri
2014/10/20 17:26:30
The number of logs is necessary - but I can make t
|
+ |
private: |
// Mapping from a log's ID to the verifier for this log. |
// A log's ID is the SHA-256 of the log's key, as defined in section 3.2. |
@@ -64,6 +70,7 @@ class NET_EXPORT MultiLogCTVerifier : public CTVerifier { |
ct::CTVerifyResult* result); |
IDToLogMap logs_; |
+ bool enforce_ct_ev_policy_; |
DISALLOW_COPY_AND_ASSIGN(MultiLogCTVerifier); |
}; |