Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(42)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ssl_config_service.h

Issue 43115: Change the bad-certificate handler for SSL (using NSS) to return an... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/ssl_client_socket_win.cc ('k') | net/base/tcp_client_socket.h » ('j') | net/http/http_network_transaction.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H__ 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H__
6 #define NET_BASE_SSL_CONFIG_SERVICE_H__ 6 #define NET_BASE_SSL_CONFIG_SERVICE_H__
7 7
8 #include <set>
9
8 #include "base/time.h" 10 #include "base/time.h"
11 #include "net/base/x509_certificate.h"
9 12
10 namespace net { 13 namespace net {
11 14
12 // A collection of SSL-related configuration settings. 15 // A collection of SSL-related configuration settings.
13 struct SSLConfig { 16 struct SSLConfig {
14 // Default to no revocation checking. 17 // Default to no revocation checking.
15 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. 18 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on.
16 SSLConfig() 19 SSLConfig()
17 : rev_checking_enabled(false), ssl2_enabled(false), 20 : rev_checking_enabled(false), ssl2_enabled(false),
18 ssl3_enabled(true), tls1_enabled(true) { 21 ssl3_enabled(true), tls1_enabled(true) {
19 } 22 }
20 23
21 bool rev_checking_enabled; // True if server certificate revocation 24 bool rev_checking_enabled; // True if server certificate revocation
22 // checking is enabled. 25 // checking is enabled.
23 bool ssl2_enabled; // True if SSL 2.0 is enabled. 26 bool ssl2_enabled; // True if SSL 2.0 is enabled.
24 bool ssl3_enabled; // True if SSL 3.0 is enabled. 27 bool ssl3_enabled; // True if SSL 3.0 is enabled.
25 bool tls1_enabled; // True if TLS 1.0 is enabled. 28 bool tls1_enabled; // True if TLS 1.0 is enabled.
29
30 // Add any known-bad SSL certificates to allowed_bad_certs_ that should not
31 // trigger an ERR_CERT_*_INVALID error when calling SSLClientSocket::Connect.
wtc 2009/03/30 18:18:57 Nit: the error should be just ERR_CERT_* because n
32 // This would normally be done in response to the user explicitly accepting
33 // the bad certificate.
34 std::set<scoped_refptr<X509Certificate> > allowed_bad_certs_;
26 }; 35 };
27 36
28 // This class is responsible for getting and setting the SSL configuration. 37 // This class is responsible for getting and setting the SSL configuration.
29 // 38 //
30 // We think the SSL configuration settings should apply to all applications 39 // We think the SSL configuration settings should apply to all applications
31 // used by the user. We consider IE's Internet Options as the de facto 40 // used by the user. We consider IE's Internet Options as the de facto
32 // system-wide network configuration settings, so we just use the values 41 // system-wide network configuration settings, so we just use the values
33 // from IE's Internet Settings registry key. 42 // from IE's Internet Settings registry key.
34 class SSLConfigService { 43 class SSLConfigService {
35 public: 44 public:
(...skipping 26 matching lines...) Expand all
62 // We store the IE SSL config and the time that we fetched it. 71 // We store the IE SSL config and the time that we fetched it.
63 SSLConfig config_info_; 72 SSLConfig config_info_;
64 base::TimeTicks config_time_; 73 base::TimeTicks config_time_;
65 74
66 DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService); 75 DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService);
67 }; 76 };
68 77
69 } // namespace net 78 } // namespace net
70 79
71 #endif // NET_BASE_SSL_CONFIG_SERVICE_H__ 80 #endif // NET_BASE_SSL_CONFIG_SERVICE_H__
OLDNEW
« no previous file with comments | « net/base/ssl_client_socket_win.cc ('k') | net/base/tcp_client_socket.h » ('j') | net/http/http_network_transaction.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698