Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1156)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ssl_config_service.h

Issue 502087: Use Separate SSL Session Cache in OTR Mode (Closed) Base URL: http://src.chromium.org/svn/trunk/src/
Patch Set: '' Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/profile.cc ('k') | net/socket/ssl_client_socket_mac.cc » ('j') | net/socket/ssl_client_socket_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_
6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_
7 7
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/ref_counted.h" 10 #include "base/ref_counted.h"
11 #include "net/base/x509_certificate.h" 11 #include "net/base/x509_certificate.h"
12 12
13 namespace net { 13 namespace net {
14 14
15 // A collection of SSL-related configuration settings. 15 // A collection of SSL-related configuration settings.
16 struct SSLConfig { 16 struct SSLConfig {
17 // Default to revocation checking. 17 // Default to revocation checking.
18 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. 18 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on.
19 SSLConfig() 19 SSLConfig()
20 : rev_checking_enabled(true), ssl2_enabled(false), ssl3_enabled(true), 20 : rev_checking_enabled(true), ssl2_enabled(false), ssl3_enabled(true),
21 tls1_enabled(true), send_client_cert(false), verify_ev_cert(false) { 21 tls1_enabled(true), send_client_cert(false), verify_ev_cert(false),
22 otr_mode(false), next_protos("\007http1.1") {
22 } 23 }
23 24
24 bool rev_checking_enabled; // True if server certificate revocation 25 bool rev_checking_enabled; // True if server certificate revocation
25 // checking is enabled. 26 // checking is enabled.
26 bool ssl2_enabled; // True if SSL 2.0 is enabled. 27 bool ssl2_enabled; // True if SSL 2.0 is enabled.
27 bool ssl3_enabled; // True if SSL 3.0 is enabled. 28 bool ssl3_enabled; // True if SSL 3.0 is enabled.
28 bool tls1_enabled; // True if TLS 1.0 is enabled. 29 bool tls1_enabled; // True if TLS 1.0 is enabled.
29 30
30 // TODO(wtc): move the following members to a new SSLParams structure. They 31 // TODO(wtc): move the following members to a new SSLParams structure. They
31 // are not SSL configuration settings. 32 // are not SSL configuration settings.
(...skipping 18 matching lines...) Expand all
50 // |allowed_bad_certs| that should not trigger an ERR_CERT_* error when 51 // |allowed_bad_certs| that should not trigger an ERR_CERT_* error when
51 // calling SSLClientSocket::Connect. This would normally be done in 52 // calling SSLClientSocket::Connect. This would normally be done in
52 // response to the user explicitly accepting the bad certificate. 53 // response to the user explicitly accepting the bad certificate.
53 std::vector<CertAndStatus> allowed_bad_certs; 54 std::vector<CertAndStatus> allowed_bad_certs;
54 55
55 // True if we should send client_cert to the server. 56 // True if we should send client_cert to the server.
56 bool send_client_cert; 57 bool send_client_cert;
57 58
58 bool verify_ev_cert; // True if we should verify the certificate for EV. 59 bool verify_ev_cert; // True if we should verify the certificate for EV.
59 60
61 bool otr_mode; // True if SSL requests are made in OTR mode.
62
60 // The list of application level protocols supported. If set, this will 63 // The list of application level protocols supported. If set, this will
61 // enable Next Protocol Negotiation (if supported). This is a list of 8-bit 64 // enable Next Protocol Negotiation (if supported). This is a list of 8-bit
62 // length prefixed strings. The order of the protocols doesn't matter expect 65 // length prefixed strings. The order of the protocols doesn't matter expect
63 // for one case: if the server supports Next Protocol Negotiation, but there 66 // for one case: if the server supports Next Protocol Negotiation, but there
64 // is no overlap between the server's and client's protocol sets, then the 67 // is no overlap between the server's and client's protocol sets, then the
65 // first protocol in this list will be requested by the client. 68 // first protocol in this list will be requested by the client.
66 std::string next_protos; 69 std::string next_protos;
67 70
68 scoped_refptr<X509Certificate> client_cert; 71 scoped_refptr<X509Certificate> client_cert;
69 }; 72 };
(...skipping 24 matching lines...) Expand all
94 97
95 protected: 98 protected:
96 friend class base::RefCountedThreadSafe<SSLConfigService>; 99 friend class base::RefCountedThreadSafe<SSLConfigService>;
97 100
98 virtual ~SSLConfigService() {} 101 virtual ~SSLConfigService() {}
99 }; 102 };
100 103
101 } // namespace net 104 } // namespace net
102 105
103 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ 106 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_
OLDNEW
« no previous file with comments | « chrome/browser/profile.cc ('k') | net/socket/ssl_client_socket_mac.cc » ('j') | net/socket/ssl_client_socket_mac.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698