summaryrefslogtreecommitdiffstats
path: root/net/base/ssl_config_service_mac.cc
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-08-11 19:50:02 +0000
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-08-11 19:50:02 +0000
commitb2471359cfbd4f7b9621ba2542b947841bfadb27 (patch)
tree241b1e8c58a26a5bbfb1df3c9f5d342c492ad693 /net/base/ssl_config_service_mac.cc
parent1b3db78c4451a755eeaadc4cedceccd9e91724c8 (diff)
downloadchromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.zip
chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.gz
chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.bz2
net: add embedded DNSSEC chain support.
Now that the DNS root is signed we have a good trust path in several TLDs (including .org). This patch enables self-signed certificates to include a DNSSEC chain as an extension which proves a CERT record, containing the fingerprint of the public key. The format of the chain is still undecided, so this is only enabled with --enable-dnssec-certs. BUG=none TEST=net_unittests http://codereview.chromium.org/2806076 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55771 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_config_service_mac.cc')
-rw-r--r--net/base/ssl_config_service_mac.cc1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/base/ssl_config_service_mac.cc b/net/base/ssl_config_service_mac.cc
index 81897c5..792c9ca 100644
--- a/net/base/ssl_config_service_mac.cc
+++ b/net/base/ssl_config_service_mac.cc
@@ -95,6 +95,7 @@ bool SSLConfigServiceMac::GetSSLConfigNow(SSLConfig* config) {
kSSL3EnabledDefaultValue);
config->tls1_enabled = SSLVersionIsEnabled(kTLS1EnabledKey,
kTLS1EnabledDefaultValue);
+ config->dnssec_enabled = SSLConfigService::dnssec_enabled();
return true;
}
generated by cgit v1.1 at 2025-02-14 15:47:08 +0000