diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-06-03 00:20:43 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-06-03 00:20:43 +0000 |
| commit | c29b0b4268d42acf8a4798fed5c7d1b868c9dc4d (patch) | |
| tree | 4edab64c1d62595a857f717bf31d3692bd0bc786 /net/base | |
| parent | dd7c55b44927c6819d915d22fca8a09b47a4a5de (diff) | |
| download | chromium_src-c29b0b4268d42acf8a4798fed5c7d1b868c9dc4d.zip chromium_src-c29b0b4268d42acf8a4798fed5c7d1b868c9dc4d.tar.gz chromium_src-c29b0b4268d42acf8a4798fed5c7d1b868c9dc4d.tar.bz2 | |
net: pull DNSSEC out from behind the flag.
Approved by ifette
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/7088019
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@87733 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base')
| -rw-r--r-- | net/base/ssl_config_service.cc | 14 | ||||
| -rw-r--r-- | net/base/ssl_config_service.h | 6 |
2 files changed, 1 insertions, 19 deletions
diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service.cc index f14322e..56ad78a 100644 --- a/net/base/ssl_config_service.cc +++ b/net/base/ssl_config_service.cc @@ -15,7 +15,7 @@ SSLConfig::CertAndStatus::~CertAndStatus() {} SSLConfig::SSLConfig() : rev_checking_enabled(true), ssl3_enabled(true), - tls1_enabled(true), dnssec_enabled(false), + tls1_enabled(true), dns_cert_provenance_checking_enabled(false), false_start_enabled(true), send_client_cert(false), verify_ev_cert(false), ssl3_fallback(false) { @@ -46,21 +46,10 @@ bool SSLConfigService::IsKnownFalseStartIncompatibleServer( return SSLFalseStartBlacklist::IsMember(hostname.c_str()); } -static bool g_dnssec_enabled = false; static bool g_false_start_enabled = true; static bool g_dns_cert_provenance_checking = false; // static -void SSLConfigService::EnableDNSSEC() { - g_dnssec_enabled = true; -} - -// static -bool SSLConfigService::dnssec_enabled() { - return g_dnssec_enabled; -} - -// static void SSLConfigService::DisableFalseStart() { g_false_start_enabled = false; } @@ -93,7 +82,6 @@ SSLConfigService::~SSLConfigService() { // static void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) { - ssl_config->dnssec_enabled = g_dnssec_enabled; ssl_config->false_start_enabled = g_false_start_enabled; ssl_config->dns_cert_provenance_checking_enabled = g_dns_cert_provenance_checking; diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h index 714d7b7..c44937e 100644 --- a/net/base/ssl_config_service.h +++ b/net/base/ssl_config_service.h @@ -33,7 +33,6 @@ struct NET_API SSLConfig { // SSL 2.0 is not supported. bool ssl3_enabled; // True if SSL 3.0 is enabled. bool tls1_enabled; // True if TLS 1.0 is enabled. - bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. // True if we'll do async checks for certificate provenance using DNS. bool dns_cert_provenance_checking_enabled; @@ -134,11 +133,6 @@ class NET_API SSLConfigService // False Start. static bool IsKnownFalseStartIncompatibleServer(const std::string& hostname); - // Enables the acceptance of self-signed certificates which contain an - // embedded DNSSEC chain proving their validity. - static void EnableDNSSEC(); - static bool dnssec_enabled(); - // Disables False Start in SSL connections. static void DisableFalseStart(); // True if we use False Start for SSL and TLS. |