diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 19:50:02 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 19:50:02 +0000 |
| commit | b2471359cfbd4f7b9621ba2542b947841bfadb27 (patch) | |
| tree | 241b1e8c58a26a5bbfb1df3c9f5d342c492ad693 /net/socket/ssl_client_socket_nss.h | |
| parent | 1b3db78c4451a755eeaadc4cedceccd9e91724c8 (diff) | |
| download | chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.zip chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.gz chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.bz2 | |
net: add embedded DNSSEC chain support.
Now that the DNS root is signed we have a good trust path in several
TLDs (including .org). This patch enables self-signed certificates to
include a DNSSEC chain as an extension which proves a CERT record,
containing the fingerprint of the public key.
The format of the chain is still undecided, so this is only enabled
with --enable-dnssec-certs.
BUG=none
TEST=net_unittests
http://codereview.chromium.org/2806076
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55771 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/ssl_client_socket_nss.h')
| -rw-r--r-- | net/socket/ssl_client_socket_nss.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_nss.h b/net/socket/ssl_client_socket_nss.h index e35cb4ff..8e1e68d 100644 --- a/net/socket/ssl_client_socket_nss.h +++ b/net/socket/ssl_client_socket_nss.h @@ -86,6 +86,7 @@ class SSLClientSocketNSS : public SSLClientSocket { int DoWriteLoop(int result); int DoHandshake(); + bool CheckDNSSECChain(); int DoVerifyCert(int result); int DoVerifyCertComplete(int result); int DoPayloadRead(); |