SSL Fix: Step 2.Add HasAllowedCert and HasDeniedCert to X509Certificate::Policy.R=wtcBUG=8706

Review URL: http://codereview.chromium.org/42255

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11839 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 14 insertions, 0 deletions

diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc
index 3565567..1abee59 100644
--- a/net/base/x509_certificate.cc
+++ b/net/base/x509_certificate.cc
@@ -123,6 +123,14 @@ void X509Certificate::Policy::Deny(X509Certificate* cert) {
   denied_.insert(cert->fingerprint());
 }
 
+bool X509Certificate::Policy::HasAllowedCert() const {
+  return !allowed_.empty();
+}
+
+bool X509Certificate::Policy::HasDeniedCert() const {
+  return !denied_.empty();
+}
+
 // static
 X509Certificate* X509Certificate::CreateFromHandle(OSCertHandle cert_handle,
                                                    Source source) {
diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h
index c3e79b4..a8bdfe9 100644
--- a/net/base/x509_certificate.h
+++ b/net/base/x509_certificate.h
@@ -110,6 +110,12 @@ class X509Certificate : public base::RefCountedThreadSafe<X509Certificate> {
     // Causes the policy to deny this certificate.
     void Deny(X509Certificate* cert);
 
+    // Returns true if this policy has allowed at least one certificate.
+    bool HasAllowedCert() const;
+
+    // Returns true if this policy has denied at least one certificate.
+    bool HasDeniedCert() const;
+
    private:
     // The set of fingerprints of allowed certificates.
     std::set<Fingerprint, FingerprintLessThan> allowed_;