Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(195)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket.h

Issue 83333003: Add support for fetching Certificate Transparency SCTs over a TLS extension (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/socket/ssl_client_socket.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "net/base/completion_callback.h" 10 #include "net/base/completion_callback.h"
(...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after
119 virtual ServerBoundCertService* GetServerBoundCertService() const = 0; 119 virtual ServerBoundCertService* GetServerBoundCertService() const = 0;
120 120
121 // Returns true if a channel ID was sent on this connection. 121 // Returns true if a channel ID was sent on this connection.
122 // This may be useful for protocols, like SPDY, which allow the same 122 // This may be useful for protocols, like SPDY, which allow the same
123 // connection to be shared between multiple domains, each of which need 123 // connection to be shared between multiple domains, each of which need
124 // a channel ID. 124 // a channel ID.
125 // 125 //
126 // Public for ssl_client_socket_openssl_unittest.cc. 126 // Public for ssl_client_socket_openssl_unittest.cc.
127 virtual bool WasChannelIDSent() const; 127 virtual bool WasChannelIDSent() const;
128 128
129 // Returns true if the server sent Certificate Transparency SCTs
130 // via a TLS extension.
131 // Temporary glue for testing while the CT code hasn't landed.
132 // TODO(ekasper): expose received SCTs via SSLInfo instead.
133 virtual bool WereSignedCertTimestampsReceived() const;
134
129 protected: 135 protected:
130 virtual void set_channel_id_sent(bool channel_id_sent); 136 virtual void set_channel_id_sent(bool channel_id_sent);
131 137
138 virtual void set_signed_cert_timestamps_received(
139 bool signed_cert_timestamps_received);
140
132 // Records histograms for channel id support during full handshakes - resumed 141 // Records histograms for channel id support during full handshakes - resumed
133 // handshakes are ignored. 142 // handshakes are ignored.
134 static void RecordChannelIDSupport( 143 static void RecordChannelIDSupport(
135 ServerBoundCertService* server_bound_cert_service, 144 ServerBoundCertService* server_bound_cert_service,
136 bool negotiated_channel_id, 145 bool negotiated_channel_id,
137 bool channel_id_enabled, 146 bool channel_id_enabled,
138 bool supports_ecc); 147 bool supports_ecc);
139 148
140 // Returns whether TLS channel ID is enabled. 149 // Returns whether TLS channel ID is enabled.
141 static bool IsChannelIDEnabled( 150 static bool IsChannelIDEnabled(
142 const SSLConfig& ssl_config, 151 const SSLConfig& ssl_config,
143 ServerBoundCertService* server_bound_cert_service); 152 ServerBoundCertService* server_bound_cert_service);
144 153
145 private: 154 private:
146 // True if NPN was responded to, independent of selecting SPDY or HTTP. 155 // True if NPN was responded to, independent of selecting SPDY or HTTP.
147 bool was_npn_negotiated_; 156 bool was_npn_negotiated_;
148 // True if NPN successfully negotiated SPDY. 157 // True if NPN successfully negotiated SPDY.
149 bool was_spdy_negotiated_; 158 bool was_spdy_negotiated_;
150 // Protocol that we negotiated with the server. 159 // Protocol that we negotiated with the server.
151 NextProto protocol_negotiated_; 160 NextProto protocol_negotiated_;
152 // True if a channel ID was sent. 161 // True if a channel ID was sent.
153 bool channel_id_sent_; 162 bool channel_id_sent_;
163 // True if SCTs were received via a TLS extension.
164 bool signed_cert_timestamps_received_;
154 }; 165 };
155 166
156 } // namespace net 167 } // namespace net
157 168
158 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ 169 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698