diff options
| author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-21 19:48:39 +0000 |
|---|---|---|
| committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-21 19:48:39 +0000 |
| commit | e52deec956c1e94323cc001d42cdb245cff539af (patch) | |
| tree | 8acfeaf3e16650fd4e5920deb5f338e6ab109e08 /net/base/ssl_config_service.h | |
| parent | ae09ca6b5ae2e930ef40fd291a08afd1289fafa1 (diff) | |
| download | chromium_src-e52deec956c1e94323cc001d42cdb245cff539af.zip chromium_src-e52deec956c1e94323cc001d42cdb245cff539af.tar.gz chromium_src-e52deec956c1e94323cc001d42cdb245cff539af.tar.bz2 | |
Cleanups for SSLConfigService and SSLConfigServiceManager.
Make SSLConfig.rev_checking_enable default to true (which also affects the defaults set by SSLConfigServicePref.)
Add static SSLConfigService::CreateSystemSSLConfigService which creates a standalone SSLConfigService (either SSLConfigServiceWin or SSLConfigServiceDefaults.)
Use CreateSystemSSLConfigService in fetch_client and test_shell_request_context.
Merge SSLConfigServiceManagerWin and SSLConfigServiceManagerDefaults into SSLConfigServiceManagerSystem, which uses CreateSystemSSLConfigService.
BUG=11507,19290
TEST=only visible change should be linux defaults to having rev checking option enabled.
Review URL: http://codereview.chromium.org/173097
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23998 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_config_service.h')
| -rw-r--r-- | net/base/ssl_config_service.h | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h index 7bfd08b..c8c0638 100644 --- a/net/base/ssl_config_service.h +++ b/net/base/ssl_config_service.h @@ -14,10 +14,10 @@ namespace net { // A collection of SSL-related configuration settings. struct SSLConfig { - // Default to no revocation checking. + // Default to revocation checking. // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. SSLConfig() - : rev_checking_enabled(false), ssl2_enabled(false), ssl3_enabled(true), + : rev_checking_enabled(true), ssl2_enabled(false), ssl3_enabled(true), tls1_enabled(true), send_client_cert(false), verify_ev_cert(false) { } @@ -60,7 +60,7 @@ struct SSLConfig { scoped_refptr<X509Certificate> client_cert; }; -// The interface for retrieving the system SSL configuration. This interface +// The interface for retrieving the SSL configuration. This interface // does not cover setting the SSL configuration, as on some systems, the // SSLConfigService objects may not have direct access to the configuration, or // live longer than the configuration preferences. @@ -68,6 +68,13 @@ class SSLConfigService : public base::RefCountedThreadSafe<SSLConfigService> { public: virtual ~SSLConfigService() {} + // Create an instance of SSLConfigService which retrieves the configuration + // from the system SSL configuration, or an instance of + // SSLConfigServiceDefaults if the current system does not have a system SSL + // configuration. Note: this does not handle SSLConfigService implementations + // that are not native to their platform, such as preference-backed ones. + static SSLConfigService* CreateSystemSSLConfigService(); + // May not be thread-safe, should only be called on the IO thread. virtual void GetSSLConfig(SSLConfig* config) = 0; }; |