diff options
| author | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-23 00:55:08 +0000 |
|---|---|---|
| committer | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-23 00:55:08 +0000 |
| commit | 70d6650d6f65b91dbcb67847aaae640d041aa592 (patch) | |
| tree | bc3c91e1e67a825a30e730491a267a6c0201b1b2 /net/base/ssl_config_service.h | |
| parent | 0a075d63f82146768aac85366fa28ae8dcb5cfa9 (diff) | |
| download | chromium_src-70d6650d6f65b91dbcb67847aaae640d041aa592.zip chromium_src-70d6650d6f65b91dbcb67847aaae640d041aa592.tar.gz chromium_src-70d6650d6f65b91dbcb67847aaae640d041aa592.tar.bz2 | |
For the SSL cert status, convert anonymous enum that gives bit values into a typedefed uint32. This allows code all over Chromium to use an explicit type instead of "int". This also means the individual named bit constants themselves have the same explicit type. I find the resulting code to be noticeably clearer. This also exposed a bug in SSLErrorInfo::GetErrorsForCertStatus() where not having an explicit type allowed a function argument ordering bug to creep in, so I claim this is safer too.
Normally this makes things like DCHECK_EQ() unhappy, but when I'd originally tested this I didn't seem to need to make any changes due to that. Will be watching the trybots...
The original motiviation for this change was to find a way to eliminate some cases of passing anonymous-typed values as template arguments (which happens when you use a value from the enum in e.g. EXPECT_EQ()), which is technically illegal in C++03, though we don't warn about it. Simply naming the enum would have done this, but this would have encouraged readers to actually use the enum name as a type, which for a bitfield is inappropriate for the reason given in the first paragraph.
BUG=92247
TEST=Compiles
Review URL: http://codereview.chromium.org/7969023
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@102415 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_config_service.h')
| -rw-r--r-- | net/base/ssl_config_service.h | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h index b5c4a54..3e32587 100644 --- a/net/base/ssl_config_service.h +++ b/net/base/ssl_config_service.h @@ -12,6 +12,7 @@ #include "base/memory/ref_counted.h" #include "base/observer_list.h" #include "base/string_piece.h" +#include "net/base/cert_status_flags.h" #include "net/base/net_export.h" #include "net/base/x509_certificate.h" @@ -27,12 +28,12 @@ struct NET_EXPORT SSLConfig { // Returns true if |cert| is one of the certs in |allowed_bad_certs|. // The expected cert status is written to |cert_status|. |*cert_status| can // be NULL if user doesn't care about the cert status. - bool IsAllowedBadCert(X509Certificate* cert, int* cert_status) const; + bool IsAllowedBadCert(X509Certificate* cert, CertStatus* cert_status) const; // Same as above except works with DER encoded certificates instead // of X509Certificate. bool IsAllowedBadCert(const base::StringPiece& der_cert, - int* cert_status) const; + CertStatus* cert_status) const; bool rev_checking_enabled; // True if server certificate revocation // checking is enabled. @@ -77,7 +78,7 @@ struct NET_EXPORT SSLConfig { ~CertAndStatus(); std::string der_cert; - int cert_status; + CertStatus cert_status; }; // Add any known-bad SSL certificate (with its cert status) to |