summaryrefslogtreecommitdiffstats
path: root/net/base/ssl_config_service.h
diff options
context:
space:
mode:
authorukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-06-23 06:35:05 +0000
committerukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-06-23 06:35:05 +0000
commitf6555adcd5160d011ea1dc613fa0387dcddd0b6b (patch)
tree4020b1afb10822b10da786a4ef8f8522c7e9b0d2 /net/base/ssl_config_service.h
parent36a784c511d467509d9a70a76b0865f60380ec37 (diff)
downloadchromium_src-f6555adcd5160d011ea1dc613fa0387dcddd0b6b.zip
chromium_src-f6555adcd5160d011ea1dc613fa0387dcddd0b6b.tar.gz
chromium_src-f6555adcd5160d011ea1dc613fa0387dcddd0b6b.tar.bz2
Use LOAD_VERIFY_EV_CERT to verify EV-ness in Verify().
If LOAD_VERIFY_EV_CERT is requested on load_flags and revokation checking is performed, Verify() peforms EV certificate verification as well, and sets CERT_STATUS_IS_EV in verify_result. Eliminate X509Certificate::IsEV() BUG=3592 TEST=net_unittests with ALLOW_EXTERNAL_ACCESS=1, \ visit https://www.thawte.com/ and shows EV info. Review URL: http://codereview.chromium.org/125120 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@19011 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_config_service.h')
-rw-r--r--net/base/ssl_config_service.h6
1 files changed, 4 insertions, 2 deletions
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h
index cf2c9bb..388b255 100644
--- a/net/base/ssl_config_service.h
+++ b/net/base/ssl_config_service.h
@@ -17,8 +17,8 @@ struct SSLConfig {
// Default to no revocation checking.
// Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on.
SSLConfig()
- : rev_checking_enabled(false), ssl2_enabled(false),
- ssl3_enabled(true), tls1_enabled(true), send_client_cert(false) {
+ : rev_checking_enabled(false), ssl2_enabled(false), ssl3_enabled(true),
+ tls1_enabled(true), send_client_cert(false), verify_ev_cert(false) {
}
bool rev_checking_enabled; // True if server certificate revocation
@@ -39,6 +39,8 @@ struct SSLConfig {
// True if we should send client_cert to the server.
bool send_client_cert;
+ bool verify_ev_cert; // True if we should verify the certificate for EV.
+
scoped_refptr<X509Certificate> client_cert;
};
generated by cgit v1.1 at 2025-03-08 00:21:02 +0000