OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SSL_SSL_CONFIG_SERVICE_H_ | 5 #ifndef NET_SSL_SSL_CONFIG_SERVICE_H_ |
6 #define NET_SSL_SSL_CONFIG_SERVICE_H_ | 6 #define NET_SSL_SSL_CONFIG_SERVICE_H_ |
7 | 7 |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
92 // Though cipher suites are sent in TLS as "uint8 CipherSuite[2]", in | 92 // Though cipher suites are sent in TLS as "uint8 CipherSuite[2]", in |
93 // big-endian form, they should be declared in host byte order, with the | 93 // big-endian form, they should be declared in host byte order, with the |
94 // first uint8 occupying the most significant byte. | 94 // first uint8 occupying the most significant byte. |
95 // Ex: To disable TLS_RSA_WITH_RC4_128_MD5, specify 0x0004, while to | 95 // Ex: To disable TLS_RSA_WITH_RC4_128_MD5, specify 0x0004, while to |
96 // disable TLS_ECDH_ECDSA_WITH_RC4_128_SHA, specify 0xC002. | 96 // disable TLS_ECDH_ECDSA_WITH_RC4_128_SHA, specify 0xC002. |
97 std::vector<uint16> disabled_cipher_suites; | 97 std::vector<uint16> disabled_cipher_suites; |
98 | 98 |
99 bool cached_info_enabled; // True if TLS cached info extension is enabled. | 99 bool cached_info_enabled; // True if TLS cached info extension is enabled. |
100 bool channel_id_enabled; // True if TLS channel ID extension is enabled. | 100 bool channel_id_enabled; // True if TLS channel ID extension is enabled. |
101 bool false_start_enabled; // True if we'll use TLS False Start. | 101 bool false_start_enabled; // True if we'll use TLS False Start. |
| 102 // True if the Certificate Transparency signed_certificate_timestamp |
| 103 // TLS extension is enabled. |
| 104 bool signed_cert_timestamps_enabled; |
102 | 105 |
103 // require_forward_secrecy, if true, causes only (EC)DHE cipher suites to be | 106 // require_forward_secrecy, if true, causes only (EC)DHE cipher suites to be |
104 // enabled. NOTE: this only applies to server sockets currently, although | 107 // enabled. NOTE: this only applies to server sockets currently, although |
105 // that could be extended if needed. | 108 // that could be extended if needed. |
106 bool require_forward_secrecy; | 109 bool require_forward_secrecy; |
107 | 110 |
108 // If |unrestricted_ssl3_fallback_enabled| is true, SSL 3.0 fallback will be | 111 // If |unrestricted_ssl3_fallback_enabled| is true, SSL 3.0 fallback will be |
109 // enabled for all sites. | 112 // enabled for all sites. |
110 // If |unrestricted_ssl3_fallback_enabled| is false, SSL 3.0 fallback will be | 113 // If |unrestricted_ssl3_fallback_enabled| is false, SSL 3.0 fallback will be |
111 // disabled for a site pinned to the Google pin list (indicating that it is a | 114 // disabled for a site pinned to the Google pin list (indicating that it is a |
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
227 void ProcessConfigUpdate(const SSLConfig& orig_config, | 230 void ProcessConfigUpdate(const SSLConfig& orig_config, |
228 const SSLConfig& new_config); | 231 const SSLConfig& new_config); |
229 | 232 |
230 private: | 233 private: |
231 ObserverList<Observer> observer_list_; | 234 ObserverList<Observer> observer_list_; |
232 }; | 235 }; |
233 | 236 |
234 } // namespace net | 237 } // namespace net |
235 | 238 |
236 #endif // NET_SSL_SSL_CONFIG_SERVICE_H_ | 239 #endif // NET_SSL_SSL_CONFIG_SERVICE_H_ |
OLD | NEW |