Index: chrome/browser/io_thread.cc |
diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc |
index 32bc8146a03b27c5abe59108e7426992fa7c619e..ab7592b180f05ba351d3425befaee4dc3567237e 100644 |
--- a/chrome/browser/io_thread.cc |
+++ b/chrome/browser/io_thread.cc |
@@ -53,9 +53,11 @@ |
#include "content/public/browser/cookie_store_factory.h" |
#include "net/base/host_mapping_rules.h" |
#include "net/base/net_util.h" |
+#include "net/cert/cert_policy_enforcer.h" |
#include "net/cert/cert_verifier.h" |
#include "net/cert/cert_verify_proc.h" |
#include "net/cert/ct_known_logs.h" |
+#include "net/cert/ct_known_logs_static.h" |
#include "net/cert/ct_log_verifier.h" |
#include "net/cert/ct_verifier.h" |
#include "net/cert/multi_log_ct_verifier.h" |
@@ -640,6 +642,15 @@ void IOThread::InitAsync() { |
} |
} |
+ net::CertPolicyEnforcer* policy_enforcer = NULL; |
+ // TODO(eranm): Control with Finch. |
Ryan Sleevi
2014/12/01 15:27:55
Bug # :)
Eran Messeri
2014/12/01 17:29:54
Done.
|
+ if (command_line.HasSwitch(switches::kRequireCTForEV)) { |
+ policy_enforcer = new net::CertPolicyEnforcer(kNumKnownCTLogs, true); |
+ } else { |
+ policy_enforcer = new net::CertPolicyEnforcer(kNumKnownCTLogs, false); |
+ } |
+ globals_->cert_policy_enforcer.reset(policy_enforcer); |
+ |
globals_->ssl_config_service = GetSSLConfigService(); |
SetupDataReductionProxy(network_delegate); |
@@ -986,6 +997,7 @@ void IOThread::InitializeNetworkSessionParamsFromGlobals( |
net::HttpNetworkSession::Params* params) { |
params->host_resolver = globals.host_resolver.get(); |
params->cert_verifier = globals.cert_verifier.get(); |
+ params->cert_policy_enforcer = globals.cert_policy_enforcer.get(); |
params->channel_id_service = globals.system_channel_id_service.get(); |
params->transport_security_state = globals.transport_security_state.get(); |
params->ssl_config_service = globals.ssl_config_service.get(); |