Index: net/http/transport_security_state.h |
diff --git a/net/http/transport_security_state.h b/net/http/transport_security_state.h |
index 364593791455030cc4d5cd37a30b2dc03f3ec6c4..1c20d904dc951c736047a455b2d450fc7f43d5a3 100644 |
--- a/net/http/transport_security_state.h |
+++ b/net/http/transport_security_state.h |
@@ -163,6 +163,7 @@ class NET_EXPORT TransportSecurityState |
bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled); |
bool CheckPublicKeyPins(const std::string& host, |
bool sni_enabled, |
+ bool is_issued_by_known_root, |
const HashValueVector& hashes, |
std::string* failure_log); |
bool HasPublicKeyPins(const std::string& host, bool sni_enabled); |
@@ -267,6 +268,19 @@ class NET_EXPORT TransportSecurityState |
// The maximum number of seconds for which we'll cache an HSTS request. |
static const long int kMaxHSTSAgeSecs; |
+ private: |
+ friend class TransportSecurityStateTest; |
+ FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, |
+ UpdateDynamicPKPOnly); |
+ FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, |
+ UpdateDynamicPKPMaxAge0); |
+ FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, |
+ DISABLED_UpdateDynamicPKPMaxAge0); |
+ FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, |
+ NoClobberPins); |
+ |
+ typedef std::map<std::string, DomainState> DomainStateMap; |
+ |
// Send an UMA report on pin validation failure, if the host is in a |
// statically-defined list of domains. |
// |
@@ -282,12 +296,11 @@ class NET_EXPORT TransportSecurityState |
// information) is timely. |
static bool IsBuildTimely(); |
wtc
2014/08/07 23:39:12
In the .cc file, these two methods are defined aft
Ryan Hamilton
2014/08/08 00:54:00
Done.
|
- private: |
- friend class TransportSecurityStateTest; |
- FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, |
- UpdateDynamicPKPOnly); |
- |
- typedef std::map<std::string, DomainState> DomainStateMap; |
+ // Helper method for actually checking pins. |
+ bool CheckPublicKeyPinsImpl(const std::string& host, |
+ bool sni_enabled, |
+ const HashValueVector& hashes, |
+ std::string* failure_log); |
// If a Delegate is present, notify it that the internal state has |
// changed. |
@@ -309,6 +322,9 @@ class NET_EXPORT TransportSecurityState |
Delegate* delegate_; |
+ // True if static pins should be used. |
+ bool enable_static_pinning_; |
wtc
2014/08/07 23:39:12
Ryan asked you to rename this member "enable_stati
Ryan Hamilton
2014/08/08 00:54:00
Done. Thanks, I missed that.
|
+ |
DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
}; |