summaryrefslogtreecommitdiffstats
path: root/net/base/ssl_info.h
Commit message (Collapse)AuthorAgeFilesLines
* net: split net/ssl out of net/basephajdan.jr@chromium.org2013-03-141-81/+0
| | | | | | | | | | | | | | | Also moves transport_security_state files to net/http. This change also updates the callers. R=wtc TBR=rsleevi,lambroslambrou,tony BUG=70818 Review URL: https://codereview.chromium.org/12680003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188119 0039d316-1c4b-4281-b951-d872f2087c98
* Implement SHA-256 fingerprint supportpalmer@chromium.org2012-09-071-2/+3
| | | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10826257 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@155365 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 150375 - Implement SHA-256 fingerprint supportpalmer@chromium.org2012-08-081-5/+2
| | | | | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10825211 TBR=palmer@chromium.org Review URL: https://chromiumcodereview.appspot.com/10836150 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150507 0039d316-1c4b-4281-b951-d872f2087c98
* Implement SHA-256 fingerprint supportpalmer@chromium.org2012-08-071-2/+5
| | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10825211 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150375 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 150124 - Implement SHA-256 fingerprint support.dimich@chromium.org2012-08-061-5/+2
| | | | | | | | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. This CL reverts 149268, which reverted 149261 the previous version of this CL. It includes a fix to the compile problem that necessitated 149268. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10836062 TBR=palmer@chromium.org Review URL: https://chromiumcodereview.appspot.com/10836120 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150166 0039d316-1c4b-4281-b951-d872f2087c98
* Implement SHA-256 fingerprint support.palmer@chromium.org2012-08-061-2/+5
| | | | | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. This CL reverts 149268, which reverted 149261 the previous version of this CL. It includes a fix to the compile problem that necessitated 149268. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10836062 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150124 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 149261 - Support SHA-256 in public key pins for HTTPS.vandebo@chromium.org2012-07-311-5/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Broke the compile on CrOS. Looks like const-ness problem: net/socket/ssl_client_socket_nss.cc: In member function 'int net::SSLClientSocketNSS::DoVerifyCertComplete(int)': net/socket/ssl_client_socket_nss.cc:3458:error: no matching function for call to 'net::TransportSecurityState::DomainState::IsChainOfPublicKeysPermitted(std::vector<std::vector<net::HashValue, std::allocator<net::HashValue> >, std::allocator<std::vector<net::HashValue, std::allocator<net::HashValue> > > >&)' ./net/base/transport_security_state.h:94: note: candidates are: bool net::TransportSecurityState::DomainState::IsChainOfPublicKeysPermitted(const net::HashValueVector&) const The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10545166 TBR=palmer@chromium.org Review URL: https://chromiumcodereview.appspot.com/10827104 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149268 0039d316-1c4b-4281-b951-d872f2087c98
* Support SHA-256 in public key pins for HTTPS.palmer@chromium.org2012-07-311-2/+5
| | | | | | | | | | | | | | | | The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10545166 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149261 0039d316-1c4b-4281-b951-d872f2087c98
* Remove the rest of #pragma once in one big CL.ajwong@chromium.org2012-07-111-1/+0
| | | | | | | | | For context see this thread: https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/RMcVNGjB4II TBR=thakis,pkasting,jam git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146163 0039d316-1c4b-4281-b951-d872f2087c98
* Convert SSLClientSocketNSS to use the NSS Channel ID callback.mattm@chromium.org2012-06-261-1/+4
| | | | | | | | | | BUG=129174,127506 TEST=run a TLS Channel ID supporting server, try connecting to it. TBR=joi@chromium.org Review URL: https://chromiumcodereview.appspot.com/10560020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@144093 0039d316-1c4b-4281-b951-d872f2087c98
* Disable SPDY IP pooling for SSL connections with client authentication.wtc@chromium.org2011-10-281-0/+4
| | | | | | | | | | | | | Add a "bool client_cert_sent" member to SSLInfo to extract this info from SSLClientSocket. R=rtenneti@chromium.org BUG=101778 TEST=new unit test Review URL: http://codereview.chromium.org/8401024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107671 0039d316-1c4b-4281-b951-d872f2087c98
* For the SSL cert status, convert anonymous enum that gives bit values into a ↵pkasting@chromium.org2011-09-231-1/+2
| | | | | | | | | | | | | | typedefed uint32. This allows code all over Chromium to use an explicit type instead of "int". This also means the individual named bit constants themselves have the same explicit type. I find the resulting code to be noticeably clearer. This also exposed a bug in SSLErrorInfo::GetErrorsForCertStatus() where not having an explicit type allowed a function argument ordering bug to creep in, so I claim this is safer too. Normally this makes things like DCHECK_EQ() unhappy, but when I'd originally tested this I didn't seem to need to make any changes due to that. Will be watching the trybots... The original motiviation for this change was to find a way to eliminate some cases of passing anonymous-typed values as template arguments (which happens when you use a value from the enum in e.g. EXPECT_EQ()), which is technically illegal in C++03, though we don't warn about it. Simply naming the enum would have done this, but this would have encouraged readers to actually use the enum name as a type, which for a bitfield is inappropriate for the reason given in the first paragraph. BUG=92247 TEST=Compiles Review URL: http://codereview.chromium.org/7969023 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@102415 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 102322 - For the SSL cert status, convert anonymous enum that gives ↵pkasting@chromium.org2011-09-221-2/+1
| | | | | | | | | | | | | | | | | | | bit values into a typedefed uint32. This allows code all over Chromium to use an explicit type instead of "int". (This isn't possible by simply naming the enum as technically the enum doesn't define all of the possible combinations of bits.) This also means the individual named bit constants themselves have the same explicit type. I find the resulting code to be noticeably clearer. This also exposed a bug in SSLErrorInfo::GetErrorsForCertStatus() where not having an explicit type allowed a function argument ordering bug to creep in, so I claim this is safer too. I also added CERT_STATUS_NO_ERROR in place of "0" as a magic number. Normally this makes things like DCHECK_EQ() unhappy, but when I'd originally tested this I didn't seem to need to make any changes due to that. Will be watching the trybots... The original motiviation for this change was to find a way to eliminate some cases of passing anonymous-typed values as template arguments (which happens when you use a value from the enum in e.g. EXPECT_EQ()), which is technically illegal in C++03, though we don't warn about it. Simply naming the enum would have done this, but this would have encouraged readers to actually use the enum name as a type, which for a bitfield is inappropriate for the reason given in the first paragraph. BUG=92247 TEST=Compiles Review URL: http://codereview.chromium.org/7819009 TBR=pkasting@chromium.org Review URL: http://codereview.chromium.org/7995014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@102325 0039d316-1c4b-4281-b951-d872f2087c98
* For the SSL cert status, convert anonymous enum that gives bit values into a ↵pkasting@chromium.org2011-09-221-1/+2
| | | | | | | | | | | | | | | | typedefed uint32. This allows code all over Chromium to use an explicit type instead of "int". (This isn't possible by simply naming the enum as technically the enum doesn't define all of the possible combinations of bits.) This also means the individual named bit constants themselves have the same explicit type. I find the resulting code to be noticeably clearer. This also exposed a bug in SSLErrorInfo::GetErrorsForCertStatus() where not having an explicit type allowed a function argument ordering bug to creep in, so I claim this is safer too. I also added CERT_STATUS_NO_ERROR in place of "0" as a magic number. Normally this makes things like DCHECK_EQ() unhappy, but when I'd originally tested this I didn't seem to need to make any changes due to that. Will be watching the trybots... The original motiviation for this change was to find a way to eliminate some cases of passing anonymous-typed values as template arguments (which happens when you use a value from the enum in e.g. EXPECT_EQ()), which is technically illegal in C++03, though we don't warn about it. Simply naming the enum would have done this, but this would have encouraged readers to actually use the enum name as a type, which for a bitfield is inappropriate for the reason given in the first paragraph. BUG=92247 TEST=Compiles Review URL: http://codereview.chromium.org/7819009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@102322 0039d316-1c4b-4281-b951-d872f2087c98
* Rename NET_API to NET_EXPORT, and rename NET_TEST to NET_EXPORT_PRIVATE.darin@chromium.org2011-08-121-2/+2
| | | | | | Review URL: http://codereview.chromium.org/7529043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@96560 0039d316-1c4b-4281-b951-d872f2087c98
* net: measure the latency difference of resume handshakes.agl@chromium.org2011-06-291-0/+10
| | | | | | | | | | | | | | | | | | | With False Start, we hope that resume and non-resume handshakes take the same amount of time. But non-resume handshakes involve sending the certificate chain to the client and this has a latency impact, although we don't know how high. There's also a danger that revocation checks will be confounded into this data: a full handshake is more likely to perform a revocation check. We'll have to look at the data and, possible, reintroduce the revocation checking field trial to address this. BUG=none TEST=none Review URL: http://codereview.chromium.org/7218013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90950 0039d316-1c4b-4281-b951-d872f2087c98
* net: Add NET_API to net/baservargas@google.com2011-05-181-1/+2
| | | | | | | | BUG=76997 TEST=NONE Review URL: http://codereview.chromium.org/6969077 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@85785 0039d316-1c4b-4281-b951-d872f2087c98
* net: add issued_by_known_hash and public_key_hashes to SSLInfo.agl@chromium.org2011-04-131-0/+10
| | | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/6839024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81494 0039d316-1c4b-4281-b951-d872f2087c98
* Move some files from base to base/memory.levin@chromium.org2011-03-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | raw_scoped_refptr_mismatch_checker.h ref_counted.cc ref_counted.h ref_counted_memory.cc ref_counted_memory.h ref_counted_unittest.cc scoped_callback_factory.h scoped_comptr_win.h scoped_handle.h scoped_native_library.cc scoped_native_library.h scoped_native_library_unittest.cc scoped_nsobject.h scoped_open_process.h scoped_ptr.h scoped_ptr_unittest.cc scoped_temp_dir.cc scoped_temp_dir.h scoped_temp_dir_unittest.cc scoped_vector.h singleton.h singleton_objc.h singleton_unittest.cc linked_ptr.h linked_ptr_unittest.cc weak_ptr.cc weak_ptr.h weak_ptr_unittest.cc BUG=None TEST=Compile Review URL: http://codereview.chromium.org/6714032 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@79524 0039d316-1c4b-4281-b951-d872f2087c98
* Report the SSL protocol version in ssl_info.connection_status.wtc@chromium.org2010-10-271-3/+2
| | | | | | | | | | | | | | Refactor SSLClientSocketNSS::GetSSLInfo -- the code that sets ssl_info->connection_status is moved to a new UpdateConnectionStatus method, and CheckSecureRenegotiation is subsumed by UpdateConnectionStatus. R=agl,finnur BUG=53659 TEST=none Review URL: http://codereview.chromium.org/4198003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64178 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: A giant cleanup to net/erg@google.com2010-08-311-12/+9
| | | | | | | | | | | | This moves all sorts of code from h files to cc files and reduces header dependencies. BUG=none TEST=compiles Review URL: http://codereview.chromium.org/3212008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58020 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: Remove unnecessary STL #includes from src/net.viettrungluu@chromium.org2010-08-191-3/+1
| | | | | | | | | | | | This removes obviously unneeded inclusions of <map>, <set>, <string>, <vector>, etc. from src/net. BUG=none TEST=builds Review URL: http://codereview.chromium.org/3132022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56654 0039d316-1c4b-4281-b951-d872f2087c98
* `#pragma once` for app, base, chrome, gfx, ipc, net, skia, viewsthakis@chromium.org2010-07-261-0/+1
| | | | | | | | | BUG=50273 TEST=everything still builds, build is 10% faster on windows, same speed on mac/linux TBR: erg git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53716 0039d316-1c4b-4281-b951-d872f2087c98
* net: add commentsagl@chromium.org2010-07-151-2/+4
| | | | | | | | | | | This is a follow up change to add some requested comments from r52079's review. TEST=none BUG=27507 http://codereview.chromium.org/2943001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52497 0039d316-1c4b-4281-b951-d872f2087c98
* Plumb SSL connection information into the PageInfo model.agl@chromium.org2010-07-121-2/+7
| | | | | | | | | | | | | | | | | This plumbs two bits of information into the PageInfo model (the dialog which results from clicking on the padlock icon): whether or not we performed SSLv3 fallback and whether or not the server supported the renegotiation extension. It doesn't actually do anything with this information yet (except to add histograms of them), pending future CLs. BUG=none TEST=none http://codereview.chromium.org/2943001/show git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52079 0039d316-1c4b-4281-b951-d872f2087c98
* Add GetNextProtocol method to SSLClientSocket.agl@chromium.org2009-12-101-17/+1
| | | | | | http://codereview.chromium.org/484005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@34288 0039d316-1c4b-4281-b951-d872f2087c98
* Linux: add next-protocol-negotiation to libssl.agl@chromium.org2009-11-301-1/+19
| | | | | | | | | | | | This is an experimental, client only implementation of next-protocol-negotiation: http://www.imperialviolet.org/binary/draft-agl-tls-nextprotoneg-00.html This only affects the internal copy of libssl and is only active when built with use_system_ssl=0, which is not currently the default. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33327 0039d316-1c4b-4281-b951-d872f2087c98
* Reduce header dependencies in net/phajdan.jr@chromium.org2009-05-291-1/+0
| | | | | | | | TEST=none Review URL: http://codereview.chromium.org/115870 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17178 0039d316-1c4b-4281-b951-d872f2087c98
* NO CODE CHANGEdeanm@chromium.org2009-03-111-1/+0
| | | | | | | | | Normalize end of file newlines in net/. All files end in a single newline. Review URL: http://codereview.chromium.org/43079 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11442 0039d316-1c4b-4281-b951-d872f2087c98
* Change SSLInfo::SetCertError to call the recently-addedwtc@chromium.org2009-02-121-29/+1
| | | | | | | | | MapNetErrorToCertStatus function. R=eroman Review URL: http://codereview.chromium.org/20277 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9639 0039d316-1c4b-4281-b951-d872f2087c98
* Use a more compact license header in source files.license.bot2008-08-241-28/+4
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@1287 0039d316-1c4b-4281-b951-d872f2087c98
* add http_cache to mac build.ericroman@google.com2008-08-191-3/+3
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@1068 0039d316-1c4b-4281-b951-d872f2087c98
* Add net to the repository.initial.commit2008-07-261-0/+102
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@14 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-03-30 00:11:52 +0000