net/cert/x509_cert_types.h - Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/x509_cert_types.h

Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase on ToT Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/x509_cert_types.h

diff --git a/net/cert/x509_cert_types.h b/net/cert/x509_cert_types.h

index f74c82eab7bce55923d2b588827ac785c5dfe7ff..4e9340a4c0d8d6195f7ad26d5c4000d3710ed6e4 100644

--- a/net/cert/x509_cert_types.h

+++ b/net/cert/x509_cert_types.h

@@ -68,52 +68,6 @@ struct NET_EXPORT CertPrincipal {

std::vector<std::string> domain_components;

};

-// This class is useful for maintaining policies about which certificates are

-// permitted or forbidden for a particular purpose.

-class NET_EXPORT CertPolicy {

- public:

- // The judgments this policy can reach.

- enum Judgment {

- // We don't have policy information for this certificate.

- UNKNOWN,

- // This certificate is allowed.

- ALLOWED,

- // This certificate is denied.

- DENIED,

- };

- CertPolicy();

- ~CertPolicy();

- // Returns the judgment this policy makes about this certificate.

- // For a certificate to be allowed, it must not have any *additional* errors

- // from when it was allowed. For a certificate to be denied, it need only

- // match *any* of the errors that caused it to be denied. We check denial

- // first, before checking whether it's been allowed.

- Judgment Check(X509Certificate* cert, CertStatus error) const;

- // Causes the policy to allow this certificate for a given |error|.

- void Allow(X509Certificate* cert, CertStatus error);

- // Causes the policy to deny this certificate for a given |error|.

- void Deny(X509Certificate* cert, CertStatus error);

- // Returns true if this policy has allowed at least one certificate.

- bool HasAllowedCert() const;

- // Returns true if this policy has denied at least one certificate.

- bool HasDeniedCert() const;

- private:

- // The set of fingerprints of allowed certificates.

- std::map<SHA1HashValue, CertStatus, SHA1HashValueLessThan> allowed_;

- // The set of fingerprints of denied certificates.

- std::map<SHA1HashValue, CertStatus, SHA1HashValueLessThan> denied_;

-};

#if defined(OS_MACOSX) && !defined(OS_IOS)

// Compares two OIDs by value.

inline bool CSSMOIDEqual(const CSSM_OID* oid1, const CSSM_OID* oid2) {

« content/browser/ssl/ssl_policy.cc ('K') | « content/public/browser/ssl_host_state_delegate.h ('k') | net/cert/x509_cert_types.cc » ('j') | no next file with comments »